3yearsmaersk.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 163.181.92.210, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is 3yearsmaersk.com.
TLS certificate: Issued by Alibaba Cloud GCC R3 AlphaSSL CA 2021 on August 9th 2023. Valid for: a year.

This is the only time 3yearsmaersk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Maersk (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
2 9	163.181.92.210 163.181.92.210		24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
7	1

9 163.181.92.210 (Frankfurt am Main, Germany) 2 redirects

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

3yearsmaersk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	3yearsmaersk.com 2 redirects 3yearsmaersk.com	141 KB
7	1

	Domain	Requested by
9	3yearsmaersk.com	2 redirects 3yearsmaersk.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
*.3yearsmaersk.com Alibaba Cloud GCC R3 AlphaSSL CA 2021	`2023-08-09` - `2024-09-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://3yearsmaersk.com/index/login/index.html
Frame ID: 05455422DE48D63717DE5CC0D9C4F4EC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Member Login

Page URL History Show full URLs

http://3yearsmaersk.com/ HTTP 301
https://3yearsmaersk.com/ HTTP 302
https://3yearsmaersk.com/index/login/index.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

140 kB
Transfer

388 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://3yearsmaersk.com/ HTTP 301
https://3yearsmaersk.com/ HTTP 302
https://3yearsmaersk.com/index/login/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response 3yearsmaersk.com/index/login/ Redirect Chain http://3yearsmaersk.com/ https://3yearsmaersk.com/ https://3yearsmaersk.com/index/login/index.html	2 KB 1 KB	714ms 713ms	Document text/html	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://3yearsmaersk.com/index/login/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / PHP/7.4.33 Resource Hash `f05302aaa768bd36107bcc8abe7fddb6cd0b56681a382ddee42de78e1c4129c4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers ali-swift-global-savetime 1692600169 content-encoding gzip content-type text/html; charset=utf-8 date Mon, 21 Aug 2023 06:42:47 GMT eagleid a3b55c9816926001683667068e server Tengine timing-allow-origin * vary Accept-Encoding via cache2.l2de2[683,682,200-0,M], cache6.l2de2[684,0], ens-cache3.de5[685,684,200-0,M], ens-cache4.de5[686,0] x-cache MISS TCP_MISS dirn:-2:-2 x-powered-by PHP/7.4.33 x-swift-cachetime 0 x-swift-savetime Mon, 21 Aug 2023 06:42:49 GMT Redirect headers ali-swift-global-savetime 1692600168 cache-control no-cache,must-revalidate content-type text/html; charset=utf-8 date Mon, 21 Aug 2023 06:42:46 GMT eagleid a3b55c9816926001672334074e location /index/login/index.html server Tengine timing-allow-origin * via cache5.l2de2[1098,1098,302-0,M], cache14.l2de2[1100,0], ens-cache12.de5[1103,1102,302-0,M], ens-cache4.de5[1104,0] x-cache MISS TCP_MISS dirn:-2:-2 x-powered-by PHP/7.4.33 x-swift-cachetime 0 x-swift-savetime Mon, 21 Aug 2023 06:42:48 GMT
GET H2	200	style.css 3yearsmaersk.com/static/index/css/	52 KB 11 KB	36ms 35ms	Stylesheet text/css	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://3yearsmaersk.com/static/index/css/style.css Requested by Host: 3yearsmaersk.com URL: https://3yearsmaersk.com/index/login/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `2ab63ffdba5723f6481e4ad89283d65244a8d83d098c037ef9aad0deea043aff` Request headers accept-language de-DE,de;q=0.9 Referer https://3yearsmaersk.com/index/login/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 09:15:49 GMT via cache6.l2de2[0,0,200-0,H], cache19.l2de2[3,0], ens-cache4.de5[0,0,200-0,H], ens-cache4.de5[1,0] content-encoding gzip age 250018 x-swift-cachetime 2508620 x-cache HIT TCP_MEM_HIT dirn:13:214832463 x-swift-savetime Sat, 19 Aug 2023 08:25:31 GMT last-modified Sun, 30 Jul 2023 10:12:21 GMT server Tengine etag W/"64c63785-d1ef" vary Accept-Encoding, Accept-Encoding ali-swift-global-savetime 1692350151 content-type text/css cache-control max-age=43200 timing-allow-origin * eagleid a3b55c9816926001691048782e expires Fri, 18 Aug 2023 21:15:49 GMT
GET H2	200	jquery-3.2.1.js Show response 3yearsmaersk.com/static/index/js/	272 KB 80 KB	64ms 63ms	Script application/javascript	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://3yearsmaersk.com/static/index/js/jquery-3.2.1.js Requested by Host: 3yearsmaersk.com URL: https://3yearsmaersk.com/index/login/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `19c2ff8384c14552104a2f7a5a830aef510669837d65fb0c20a9bee749e54b8b` Request headers accept-language de-DE,de;q=0.9 Referer https://3yearsmaersk.com/index/login/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Thu, 10 Aug 2023 18:24:25 GMT via cache8.l2de2[0,0,200-0,H], cache4.l2de2[2,0], ens-cache13.de5[0,0,200-0,H], ens-cache4.de5[1,0] content-encoding gzip age 908303 x-swift-cachetime 2339671 x-cache HIT TCP_MEM_HIT dirn:12:86816440 x-swift-savetime Sun, 13 Aug 2023 16:29:55 GMT last-modified Sat, 23 Apr 2022 04:34:16 GMT server Tengine etag W/"626381c8-43f14" vary Accept-Encoding, Accept-Encoding ali-swift-global-savetime 1691691866 content-type application/javascript cache-control max-age=43200 timing-allow-origin * eagleid a3b55c9816926001691048784e expires Fri, 11 Aug 2023 06:24:25 GMT
GET H2	200	function.js Show response 3yearsmaersk.com/static/index/js/	19 KB 7 KB	1031ms 1031ms	Script application/javascript	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://3yearsmaersk.com/static/index/js/function.js?v=1692600167 Requested by Host: 3yearsmaersk.com URL: https://3yearsmaersk.com/index/login/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `84df938d41ad378f58956481387c2479a08477b48d9c4bbbd3ea219cb583ebde` Request headers accept-language de-DE,de;q=0.9 Referer https://3yearsmaersk.com/index/login/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 06:42:48 GMT via cache7.l2de2[996,995,200-0,M], cache20.l2de2[998,0], ens-cache3.de5[999,999,200-0,M], ens-cache4.de5[1002,0] content-encoding gzip age 0 x-swift-cachetime 2592000 x-cache MISS TCP_MISS dirn:-2:-2 x-swift-savetime Mon, 21 Aug 2023 06:42:50 GMT last-modified Fri, 18 Aug 2023 05:19:30 GMT server Tengine etag W/"64deff62-4afd" vary Accept-Encoding, Accept-Encoding ali-swift-global-savetime 1692600170 content-type application/javascript cache-control max-age=43200 timing-allow-origin * eagleid a3b55c9816926001691048786e expires Mon, 21 Aug 2023 18:42:48 GMT
GET H2	200	logo.svg 3yearsmaersk.com/static/index/css/imgs/	1 KB 978 B	29ms 29ms	Image image/svg+xml	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://3yearsmaersk.com/static/index/css/imgs/logo.svg Requested by Host: 3yearsmaersk.com URL: https://3yearsmaersk.com/static/index/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `3ef5c8838576142629c3689181d544e4dea1094c41148a780198bf62a8b3b93a` Request headers accept-language de-DE,de;q=0.9 Referer https://3yearsmaersk.com/static/index/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Thu, 10 Aug 2023 18:24:26 GMT via cache23.l2de2[0,0,200-0,H], cache2.l2de2[1,0], ens-cache12.de5[0,0,200-0,H], ens-cache4.de5[2,0] content-encoding gzip last-modified Tue, 13 Dec 2022 08:50:32 GMT server Tengine age 908303 x-swift-cachetime 2588799 etag W/"63983cd8-4d5" vary Accept-Encoding ali-swift-global-savetime 1691691867 content-type image/svg+xml x-cache HIT TCP_MEM_HIT dirn:13:657918795 x-swift-savetime Thu, 10 Aug 2023 19:17:48 GMT timing-allow-origin * eagleid a3b55c9816926001701413265e
GET H2	200	logoTitle.svg 3yearsmaersk.com/static/index/css/imgs/	2 KB 1 KB	30ms 29ms	Image image/svg+xml	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://3yearsmaersk.com/static/index/css/imgs/logoTitle.svg Requested by Host: 3yearsmaersk.com URL: https://3yearsmaersk.com/static/index/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `6c0aae257f5a2999e27ca570b934c0ce20bb32da5a61050053cb6542897b457a` Request headers accept-language de-DE,de;q=0.9 Referer https://3yearsmaersk.com/static/index/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Thu, 10 Aug 2023 18:24:26 GMT via cache7.l2de2[0,0,200-0,H], cache14.l2de2[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache4.de5[1,0] content-encoding gzip last-modified Tue, 13 Dec 2022 09:25:49 GMT server Tengine age 908303 x-swift-cachetime 2588799 etag W/"6398451d-94f" vary Accept-Encoding ali-swift-global-savetime 1691691867 content-type image/svg+xml x-cache HIT TCP_MEM_HIT dirn:13:152254491 x-swift-savetime Thu, 10 Aug 2023 19:17:48 GMT timing-allow-origin * eagleid a3b55c9816926001701423268e
GET H2	200	icon.png 3yearsmaersk.com/static/index/css/imgs/	39 KB 39 KB	38ms 38ms	Image image/png	163.181.92.210 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://3yearsmaersk.com/static/index/css/imgs/icon.png Requested by Host: 3yearsmaersk.com URL: https://3yearsmaersk.com/static/index/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.210 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `a62ab079bf00fae41d00abd7c34af9a943ece066c4e756cdde6d05dc8b7c4e47` Request headers accept-language de-DE,de;q=0.9 Referer https://3yearsmaersk.com/static/index/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Thu, 10 Aug 2023 18:24:26 GMT via cache4.l2de2[0,0,200-0,H], cache4.l2de2[1,0], ens-cache13.de5[0,0,200-0,H], ens-cache4.de5[1,0] age 908302 x-swift-cachetime 1692823 x-cache HIT TCP_MEM_HIT dirn:13:877603259 x-swift-savetime Mon, 21 Aug 2023 04:10:45 GMT content-length 39696 last-modified Tue, 31 Jan 2023 09:55:18 GMT server Tengine etag "63d8e586-9b10" ali-swift-global-savetime 1691691868 content-type image/png cache-control max-age=2592000 accept-ranges bytes timing-allow-origin * eagleid a3b55c9816926001701423270e expires Sat, 09 Sep 2023 18:24:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Maersk (Transportation)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			3yearsmaersk.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8360c30c81ceddde096a9a55c6166dfe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3yearsmaersk.com
163.181.92.210
19c2ff8384c14552104a2f7a5a830aef510669837d65fb0c20a9bee749e54b8b
2ab63ffdba5723f6481e4ad89283d65244a8d83d098c037ef9aad0deea043aff
3ef5c8838576142629c3689181d544e4dea1094c41148a780198bf62a8b3b93a
6c0aae257f5a2999e27ca570b934c0ce20bb32da5a61050053cb6542897b457a
84df938d41ad378f58956481387c2479a08477b48d9c4bbbd3ea219cb583ebde
a62ab079bf00fae41d00abd7c34af9a943ece066c4e756cdde6d05dc8b7c4e47
f05302aaa768bd36107bcc8abe7fddb6cd0b56681a382ddee42de78e1c4129c4

3yearsmaersk.com Open in urlscan Pro 163.181.92.210 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

140 kBTransfer

388 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

3yearsmaersk.com Open in urlscan Pro
163.181.92.210 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

140 kB
Transfer

388 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!