touchread-20830026.dr9.ir Open in urlscan Pro
176.9.248.116 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443
Submission: On September 25 via automatic, source openphish (September 25th 2020, 1:42:34 am UTC)

Summary HTTP 14 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 176.9.248.116, located in Germany and belongs to HETZNER-AS, DE. The main domain is touchread-20830026.dr9.ir.

This is the only time touchread-20830026.dr9.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
12	176.9.248.116 176.9.248.116		24940 (HETZNER-AS) (HETZNER-AS)
14	2

12 176.9.248.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.248.9.176.clients.your-server.de

touchread-20830026.dr9.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	dr9.ir touchread-20830026.dr9.ir	799 KB
0	Failed function sub() { [native code] }. Failed
14	2

	Domain	Requested by
12	touchread-20830026.dr9.ir	touchread-20830026.dr9.ir
0	static.xx.localhost Failed	touchread-20830026.dr9.ir
14	2

This site contains links to these domains. Also see Links.

Domain
m.localhost

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443
Frame ID: A20ED3FB0130E61FCA13EE5CB21B956D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

799 kB
Transfer

796 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://m.localhost/click.php?redir_url=http%3A%2F%2Fitunes.apple.com%2Fapp%2Ffacebook%2Fid284882215%3Freferrer_params%255Blink_source%255D%3Dfb_app_banner&app_id=6628568379&cref=mb&no_fw=1&refid=8
Title: Dear Facebook user, In order to confirm that you are the owner of the account, you need to login before viewing the next page.

Search URL Search Domain Scan URL

URL: https://m.localhost/?refsrc=https%3A%2F%2Fwww.localhost%2F&_rdr
Title: HIDESHOW

Search URL Search Domain Scan URL

URL: https://m.localhost/recover/initiate/?c=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&r&cuid&ars=facebook_login&lwv=100&refid=8
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://m.localhost/help/?refid=8
Title: Help Center

Search URL Search Domain Scan URL

URL: https://m.localhost/a/language.php?l=fr_FR&lref=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&gfid=AQAfz1GsSdITzdlh&refid=8
Title: Français (France)

Search URL Search Domain Scan URL

URL: https://m.localhost/a/language.php?l=pt_BR&lref=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&gfid=AQB4Pu7UbdyQ3zpF&refid=8
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://m.localhost/a/language.php?l=it_IT&lref=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&gfid=AQB0WOe6C7aDibME&refid=8
Title: Italiano

Search URL Search Domain Scan URL

URL: https://m.localhost/a/language.php?l=es_LA&lref=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&gfid=AQAKqJ0vZCJqEqvL&refid=8
Title: Español

Search URL Search Domain Scan URL

URL: https://m.localhost/a/language.php?l=zh_CN&lref=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&gfid=AQC0u6DsZuvcGn-D&refid=8
Title: -(S)

Search URL Search Domain Scan URL

URL: https://m.localhost/a/language.php?l=de_DE&lref=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&gfid=AQCHkms1QZd-ub9k&refid=8
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://m.localhost/language.php?n=https%3A%2F%2Fm.localhost%2F%3Frefsrc%3Dhttps%253A%252F%252Fwww.localhost%252F&refid=8
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/g7ALbzcD4QX.png HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=562632382 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=518253253 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=575891351 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=348667718 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=701508459 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=329725996 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=978988377 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=324790806 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=55902083 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=526993863 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=257172786 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=887518564 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=272637533 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=209272467 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=618306794 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=308103205 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=403657780 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=923612416 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=93788410 HTTP 302
http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=503219235

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request view-signin.php Show response touchread-20830026.dr9.ir/	64 KB 64 KB	98ms 73ms	Document text/html	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `b2d53198aa6b172f9ffc9d06f479df2093ca6e8c15300341c7d2f59eed05e929` Request headers Host touchread-20830026.dr9.ir Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	1lAJOLtLdeb.css touchread-20830026.dr9.ir/assets/	70 KB 70 KB	50ms 49ms	Stylesheet text/css	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/1lAJOLtLdeb.css Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `141fbafd624b7cf0bd48743b37592085bb0a3826ccee840b5b4240c7efe292ae` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 71825
GET H/1.1	200 OK	gz9zi6TXAAz.css touchread-20830026.dr9.ir/assets/	14 KB 15 KB	78ms 59ms	Stylesheet text/css	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/gz9zi6TXAAz.css Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `df63f47eea20a36b131b335b27c292eca8f68ed6e0078790f8e12f5087013716` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14808
GET H/1.1	200 OK	B05Ffn_U4pr.js.download Show response touchread-20830026.dr9.ir/assets/	424 KB 425 KB	78ms 58ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/B05Ffn_U4pr.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `e36e4ba87f29b3548b1fae26869a880441d3067016f270c0b1b31a50df24b142` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 434649
GET H/1.1	200 OK	lNkwgIElMeK.js.download Show response touchread-20830026.dr9.ir/assets/	26 KB 27 KB	38ms 37ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/lNkwgIElMeK.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `dbe69249539258b5412f3b8c189acc547932b6950522a1bfb3cde2ea47a62ac7` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 26984
GET H/1.1	200 OK	GX-TmQaLZwt.js.download Show response touchread-20830026.dr9.ir/assets/	6 KB 6 KB	37ms 37ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/GX-TmQaLZwt.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `97c2f776cd3271f9bdcfdab535cb451eb98787a518ca042fdb4538ef7c4a5bce` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6276
GET H/1.1	200 OK	wpBRVxT0Efr.js.download Show response touchread-20830026.dr9.ir/assets/	40 KB 40 KB	36ms 36ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/wpBRVxT0Efr.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `a24ab5896536e8c46b1ff26e7e43d700de010825f84415162649788ad57514cb` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 40700
GET H/1.1	200 OK	5O6-v-7lVAj.js.download Show response touchread-20830026.dr9.ir/assets/	60 KB 60 KB	36ms 36ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/5O6-v-7lVAj.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `e3afa496540d31309ea2841f0acb66264aebabd78e8baf33cb585b313b49115b` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 61195
GET H/1.1	200 OK	KrnilTrdi-c.js.download Show response touchread-20830026.dr9.ir/assets/	84 KB 84 KB	48ms 46ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/KrnilTrdi-c.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `268d28844cd23d57be145f1ddcff35f80ed10cd54ed71d48e4936d1dbd80b950` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 85666
GET H/1.1	200 OK	lpanLWBpNMl.js.download Show response touchread-20830026.dr9.ir/assets/	7 KB 7 KB	38ms 36ms	Script application/javascript	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://touchread-20830026.dr9.ir/assets/lpanLWBpNMl.js.download Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `18471ab4efff7eb054f91a6792c4d7af64e8621bbeeb2e2a70d0e9f467e64f17` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 7069
GET H/1.1	200 OK	logo.png touchread-20830026.dr9.ir/assets/	809 B 1 KB	51ms 37ms	Image image/png	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://touchread-20830026.dr9.ir/assets/logo.png Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Wed, 01 Feb 2017 16:26:32 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 809
GET H/1.1	200 OK	hsts-pixel.gif touchread-20830026.dr9.ir/assets/	43 B 284 B	72ms 52ms	Image image/gif	176.9.248.116 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://touchread-20830026.dr9.ir/assets/hsts-pixel.gif Requested by Host: touchread-20830026.dr9.ir URL: http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 Protocol HTTP/1.1 Server 176.9.248.116 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.116.248.9.176.clients.your-server.de Software Apache / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers Referer http://touchread-20830026.dr9.ir/view-signin.php?facebook_com=&mUniqueID=939671443 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 25 Sep 2020 01:42:16 GMT Last-Modified Fri, 01 Mar 2019 15:10:42 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 43
GET		pSbzxdA_VVZ.png static.xx.localhost/rsrc.php/v3/yT/r/	0 0

GET		view-signin.php touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/ Redirect Chain http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/g7ALbzcD4QX.png http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=562632382 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=518253253 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=575891351 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=348667718 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=701508459 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=329725996 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=978988377 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=324790806 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=55902083 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=526993863 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=257172786 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=887518564 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=272637533 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=209272467 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=618306794 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=308103205 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=403657780 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=923612416 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=93788410 http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=503219235	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.xx.localhost
URL: https://static.xx.localhost/rsrc.php/v3/yT/r/pSbzxdA_VVZ.png

Domain: touchread-20830026.dr9.ir
URL: http://touchread-20830026.dr9.ir/rsrc.php/v3/yV/r/view-signin.php?facebook.com&mUniqueID=503219235

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.xx.localhost
touchread-20830026.dr9.ir
static.xx.localhost
touchread-20830026.dr9.ir
176.9.248.116
141fbafd624b7cf0bd48743b37592085bb0a3826ccee840b5b4240c7efe292ae
18471ab4efff7eb054f91a6792c4d7af64e8621bbeeb2e2a70d0e9f467e64f17
268d28844cd23d57be145f1ddcff35f80ed10cd54ed71d48e4936d1dbd80b950
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
97c2f776cd3271f9bdcfdab535cb451eb98787a518ca042fdb4538ef7c4a5bce
a24ab5896536e8c46b1ff26e7e43d700de010825f84415162649788ad57514cb
b2d53198aa6b172f9ffc9d06f479df2093ca6e8c15300341c7d2f59eed05e929
dbe69249539258b5412f3b8c189acc547932b6950522a1bfb3cde2ea47a62ac7
df63f47eea20a36b131b335b27c292eca8f68ed6e0078790f8e12f5087013716
e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae
e36e4ba87f29b3548b1fae26869a880441d3067016f270c0b1b31a50df24b142
e3afa496540d31309ea2841f0acb66264aebabd78e8baf33cb585b313b49115b

touchread-20830026.dr9.ir Open in urlscan Pro 176.9.248.116 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

799 kBTransfer

796 kBSize

0 Cookies

11 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

0 Cookies

Indicators

touchread-20830026.dr9.ir Open in urlscan Pro
176.9.248.116 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

799 kB
Transfer

796 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!