zerosecurite.cf Open in urlscan Pro
2400:cb00:2048:1::681b:bfed Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ow.ly/q9UK30gwYfF
Effective URL:
http://zerosecurite.cf/tw020002/index.html
Submission: On November 13 via manual (November 13th 2017, 10:27:59 am UTC) from CH

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 8 HTTP transactions. The main IP is 2400:cb00:2048:1::681b:bfed, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is zerosecurite.cf.

This is the only time zerosecurite.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.183.130.144 54.183.130.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2400:cb00:204... 2400:cb00:2048:1::681b:bfed	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
2 4	79.170.40.67 79.170.40.67	20738 (AS20738) (AS20738)
1	2400:cb00:204... 2400:cb00:2048:1::681f:5ee6	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	50.62.172.157 50.62.172.157	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	52.85.177.61 52.85.177.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.1.34 151.101.1.34	54113 (FASTLY) (FASTLY - Fastly)
1	54.192.95.114 54.192.95.114	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	7

1 54.183.130.144 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681b:bfed (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

zerosecurite.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 79.170.40.67 (United Kingdom) 2 redirects

ASN20738 (AS20738, GB)
PTR: www.outitgoes.com

www.outitgoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681f:5ee6 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

thetechnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.62.172.157 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-62-172-157.ip.secureserver.net

blog.ironcovesolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.177.61 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-61.fra6.r.cloudfront.net

www.technobuffalo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.34 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

img.gawkerassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.95.114 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-95-114.fra2.r.cloudfront.net

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	outitgoes.com 2 redirects www.outitgoes.com	17 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com	71 KB
1	gawkerassets.com img.gawkerassets.com	337 KB
1	technobuffalo.com www.technobuffalo.com	59 KB
1	ironcovesolutions.com blog.ironcovesolutions.com	40 KB
1	thetechnews.com thetechnews.com	133 KB
1	zerosecurite.cf zerosecurite.cf	1 KB
1	ow.ly 1 redirects ow.ly	126 B
8	8

	Domain	Requested by
4	www.outitgoes.com	2 redirects zerosecurite.cf
1	images-na.ssl-images-amazon.com	zerosecurite.cf
1	img.gawkerassets.com	zerosecurite.cf
1	www.technobuffalo.com	zerosecurite.cf
1	blog.ironcovesolutions.com	zerosecurite.cf
1	thetechnews.com	zerosecurite.cf
1	zerosecurite.cf
1	ow.ly	1 redirects
8	8

This site contains no links.

Subject Issuer	Validity	Valid
www.outitgoes.com GlobalSign Domain Validation CA - SHA256 - G2	`2014-04-10` - `2018-09-03`	4 years	crt.sh
technobuffalo.com Starfield Secure Certificate Authority - G2	`2017-01-10` - `2018-01-10`	a year	crt.sh
*.gawker.com GlobalSign Organization Validation CA - SHA256 - G2	`2017-03-09` - `2018-04-12`	a year	crt.sh
Images-na.ssl-images-amazon.com Symantec Class 3 Secure Server CA - G4	`2017-10-19` - `2018-07-19`	9 months	crt.sh

This page contains 1 frames:

Primary Page: http://zerosecurite.cf/tw020002/index.html
Frame ID: 31937.1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ow.ly/q9UK30gwYfF HTTP 301
http://zerosecurite.cf/tw020002/index.html Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

8
Requests

63 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

658 kB
Transfer

659 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ow.ly/q9UK30gwYfF HTTP 301
http://zerosecurite.cf/tw020002/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.outitgoes.com/default.css HTTP 301
https://www.outitgoes.com/default.css

Request Chain 6

http://www.outitgoes.com/login_panel_gradient.jpg HTTP 301
https://www.outitgoes.com/login_panel_gradient.jpg

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set index.html Show response zerosecurite.cf/tw020002/ Redirect Chain http://ow.ly/q9UK30gwYfF http://zerosecurite.cf/tw020002/index.html	2 KB 1 KB	247ms 234ms	Document text/html	2400:cb00:2048:1::681b:bfed CloudFlare
General Check archive.org Show headers Download Go to Full URL http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:bfed , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `10125f2bee7c2fd39d0d09196acbe79edbb3a45451794459bfeb7c82193dae2e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host zerosecurite.cf Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 13 Nov 2017 10:27:45 GMT Content-Encoding gzip Last-Modified Fri, 10 Nov 2017 13:31:40 GMT Server cloudflare-nginx Transfer-Encoding chunked Content-Type text/html Set-Cookie __cfduid=d18f9387446956e8b811499ec41e5f02d1510568865; expires=Tue, 13-Nov-18 10:27:45 GMT; path=/; domain=.zerosecurite.cf; HttpOnly Connection keep-alive CF-RAY 3bd10a52601864cf-FRA Redirect headers Location http://zerosecurite.cf/tw020002/index.html Connection close Content-Length 0
GET H/1.1	200 OK	default.css www.outitgoes.com/ Redirect Chain http://www.outitgoes.com/default.css https://www.outitgoes.com/default.css	5 KB 5 KB	122ms 31ms	Stylesheet text/css	79.170.40.67 AS20738
General Check archive.org Show headers Download Go to Full URL https://www.outitgoes.com/default.css Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.170.40.67 , United Kingdom, ASN20738 (AS20738, GB), Reverse DNS www.outitgoes.com Software Apache/2.2.24 (Red Hat) / Resource Hash `9995407957e06b460ebdef847f2966698845231a2887aadc3ac1706193464002` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.outitgoes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 13 Nov 2017 10:27:46 GMT Last-Modified Wed, 29 Oct 2008 11:04:00 GMT Server Apache/2.2.24 (Red Hat) Accept-Ranges bytes ETag "2200bc1-122a-45a62523f0800" Content-Length 4650 Content-Type text/css Redirect headers Location https://www.outitgoes.com/default.css Connection close Content-length 0
GET H/1.1	200 OK	Cookie set Dropbox2.png thetechnews.com/wp-content/uploads/2016/03/	133 KB 133 KB	214ms 184ms	Image image/png	2400:cb00:2048:1::681f:5ee6 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL http://thetechnews.com/wp-content/uploads/2016/03/Dropbox2.png Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Server 2400:cb00:2048:1::681f:5ee6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash `e25a9fdea044e89f66704371ddb2ec695ec686e55dba3354edebdd951eabb9f5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host thetechnews.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 13 Nov 2017 10:27:46 GMT CF-Cache-Status HIT Last-Modified Tue, 30 Aug 2016 05:39:02 GMT Server cloudflare-nginx ETag "214bb-53b4365e66980" Vary Accept-Encoding Content-Type image/png Set-Cookie __cfduid=de5ca72bc9dabcfdd1e9410d37e1ebe961510568865; expires=Tue, 13-Nov-18 10:27:45 GMT; path=/; domain=.thetechnews.com; HttpOnly Cache-Control public, max-age=7200 Connection keep-alive Accept-Ranges bytes CF-RAY 3bd10a5400c615bf-FRA Content-Length 136379 Expires Mon, 13 Nov 2017 12:27:46 GMT
GET H/1.1	200 OK	office365.jpg blog.ironcovesolutions.com/wp-content/uploads/2016/11/	40 KB 40 KB	330ms 151ms	Image image/jpeg	50.62.172.157 GoDaddy.com
General Check archive.org Show headers Download Go to Show image Full URL http://blog.ironcovesolutions.com/wp-content/uploads/2016/11/office365.jpg Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Server 50.62.172.157 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-50-62-172-157.ip.secureserver.net Software / Resource Hash `397924602c1baa469288bc320bc3a178b095b3a945e09e9ed47474565e7b542b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host blog.ironcovesolutions.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 13 Nov 2017 10:27:46 GMT Last-Modified Tue, 22 Nov 2016 21:41:57 GMT X-Backend all_requests Cache-Control max-age=5184000 Age 643422 ETag "9ecd-541eaa444b5a9" X-Cacheable YES X-Cache cached Content-Type image/jpeg X-Port port_10921 X-Cache-Hit HIT Accept-Ranges bytes Content-Length 40653 Expires Thu, 04 Jan 2018 23:44:04 GMT
GET H/1.1	200 OK	aol_logo.jpg www.technobuffalo.com/wp-content/uploads/2015/06/	59 KB 59 KB	1069ms 356ms	Image image/jpeg	52.85.177.61 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://www.technobuffalo.com/wp-content/uploads/2015/06/aol_logo.jpg Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.85.177.61 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-177-61.fra6.r.cloudfront.net Software nginx / Resource Hash `fd34c4f3622c0297e3d7c73070cda07aae03f494a144fae27d16f6fd99b3e07f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.technobuffalo.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Pragma public Date Mon, 13 Nov 2017 10:27:46 GMT Via 1.1 7b6339693d82ec593824b8c6ad776117.cloudfront.net (CloudFront) Last-Modified Sat, 27 Jun 2015 06:01:41 GMT Server nginx ETag "558e3c45-ec5b" X-Cache Miss from cloudfront Content-Type image/jpeg Cache-Control max-age=2592000 public Connection keep-alive Accept-Ranges bytes Content-Length 60507 X-Amz-Cf-Id _4ZVhkafoT6SuelMCZvKSkD0JplwG6kw8kpQcW1b6G8LjyngQLsJlQ== Expires Wed, 13 Dec 2017 10:27:46 GMT
GET H/1.1	200 OK	original.png img.gawkerassets.com/img/18z6kfsmghumxpng/	337 KB 337 KB	362ms 8ms	Image image/png	151.101.1.34 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://img.gawkerassets.com/img/18z6kfsmghumxpng/original.png Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.34 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash `0766968e2eb3434b49810e621bfdc50a1a3173c603005aae8f5c314622510eaa` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host img.gawkerassets.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 13 Nov 2017 10:27:46 GMT Via 1.1 varnish Last-Modified Thu, 05 Sep 2013 04:15:10 GMT Age 3521 ETag "34ae40fd1b91ebdb2f6a577ec9155131" X-Served-By cache-hhn1545-HHN X-Cache HIT Content-Type image/png Connection keep-alive Accept-Ranges bytes X-Timer S1510568866.469540,VS0,VE2 Content-Length 345385 X-Cache-Hits 1
GET H/1.1	200 OK	61nf9xhtt5L.jpg images-na.ssl-images-amazon.com/images/I/	71 KB 71 KB	29ms 8ms	Image image/jpeg	54.192.95.114 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/I/61nf9xhtt5L.jpg Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.192.95.114 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-54-192-95-114.fra2.r.cloudfront.net Software Server / Resource Hash `93e04c7b1bf9155a41e16349ccf61d988bcba070fea23b689d390510c4d6dedd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host images-na.ssl-images-amazon.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 09 Oct 2017 23:24:36 GMT Via 1.1 f131f7f70cfd3a8b96a854e1f446f33b.cloudfront.net (CloudFront) Last-Modified Mon, 19 Sep 2016 18:06:45 GMT Server Server Age 2997453 X-Cache Hit from cloudfront Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=630720000,public X-Amz-IR-Id 20f82bb7-1f0e-43b8-9cc5-9501ef681405 Connection keep-alive Content-Length 72382 X-Amz-Cf-Id JBk-kFzZ5wiAl6q47sPp1mOuVjfrd7zaY-3WvgtGXjzsV752m-gAFA== Expires Sun, 12 Oct 2036 17:09:50 GMT
GET H/1.1	200 OK	login_panel_gradient.jpg www.outitgoes.com/ Redirect Chain http://www.outitgoes.com/login_panel_gradient.jpg https://www.outitgoes.com/login_panel_gradient.jpg	12 KB 12 KB	29ms 29ms	Image image/jpeg	79.170.40.67 AS20738
General Check archive.org Show headers Download Go to Show image Full URL https://www.outitgoes.com/login_panel_gradient.jpg Requested by Host: zerosecurite.cf URL: http://zerosecurite.cf/tw020002/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.170.40.67 , United Kingdom, ASN20738 (AS20738, GB), Reverse DNS www.outitgoes.com Software Apache/2.2.24 (Red Hat) / Resource Hash `f3297b1306f3704663aff9483c7e6e983a27eaf9f0567d58995128a11b75f2c3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.outitgoes.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://zerosecurite.cf/tw020002/index.html Connection keep-alive Cache-Control no-cache Referer http://zerosecurite.cf/tw020002/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Mon, 13 Nov 2017 10:27:46 GMT Last-Modified Wed, 29 Oct 2008 11:04:00 GMT Server Apache/2.2.24 (Red Hat) Accept-Ranges bytes ETag "2200bcb-31ba-45a62523f0800" Content-Length 12730 Content-Type image/jpeg Redirect headers Location https://www.outitgoes.com/login_panel_gradient.jpg Connection close Content-length 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zerosecurite.cf/	1970-01-18 20:21:44	Name: __cfduid Value: d18f9387446956e8b811499ec41e5f02d1510568865

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.ironcovesolutions.com
images-na.ssl-images-amazon.com
img.gawkerassets.com
ow.ly
thetechnews.com
www.outitgoes.com
www.technobuffalo.com
zerosecurite.cf
151.101.1.34
2400:cb00:2048:1::681b:bfed
2400:cb00:2048:1::681f:5ee6
50.62.172.157
52.85.177.61
54.183.130.144
54.192.95.114
79.170.40.67
0766968e2eb3434b49810e621bfdc50a1a3173c603005aae8f5c314622510eaa
10125f2bee7c2fd39d0d09196acbe79edbb3a45451794459bfeb7c82193dae2e
397924602c1baa469288bc320bc3a178b095b3a945e09e9ed47474565e7b542b
93e04c7b1bf9155a41e16349ccf61d988bcba070fea23b689d390510c4d6dedd
9995407957e06b460ebdef847f2966698845231a2887aadc3ac1706193464002
e25a9fdea044e89f66704371ddb2ec695ec686e55dba3354edebdd951eabb9f5
f3297b1306f3704663aff9483c7e6e983a27eaf9f0567d58995128a11b75f2c3
fd34c4f3622c0297e3d7c73070cda07aae03f494a144fae27d16f6fd99b3e07f

zerosecurite.cf Open in urlscan Pro 2400:cb00:2048:1::681b:bfed Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

63 %HTTPS

25 %IPv6

8 Domains

8 Subdomains

7 IPs

2 Countries

658 kBTransfer

659 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

zerosecurite.cf Open in urlscan Pro
2400:cb00:2048:1::681b:bfed Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

63 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

658 kB
Transfer

659 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!