urlscan.io logo urlscan.io
SecurityTrails logo

seg-logg.live Open in urlscan Pro
156.67.217.13  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://unbouncepages.com/23434522345234523452345234523452345dfgsd
Effective URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Submission Tags: 7068802
Submission: On April 13 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 156.67.217.13, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is seg-logg.live.
This is the only time seg-logg.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2 18.196.95.178 16509 (AMAZON-02)
2 99.86.3.13 16509 (AMAZON-02)
2 2600:9000:20a... 16509 (AMAZON-02)
1 35.173.63.32 14618 (AMAZON-AES)
9 156.67.217.13 47583 (AS-HOSTINGER)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.229.221.185 15133 (EDGECAST)
18 8
2    18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
unbouncepages.com
2    99.86.3.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-13.fra6.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:20a8:6c00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    35.173.63.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-63-32.compute-1.amazonaws.com
events.ub-analytics.com
9    156.67.217.13 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)
seg-logg.live
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.229.221.185 (United States)

ASN15133 (EDGECAST, US)
logincdn.msauth.net
Domain Requested by
9 seg-logg.live seg-logg.live
unbouncepages.com
2 d34qb8suadcc4g.cloudfront.net unbouncepages.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com unbouncepages.com
2 unbouncepages.com 1 redirects
1 logincdn.msauth.net seg-logg.live
1 fonts.googleapis.com seg-logg.live
1 events.ub-analytics.com unbouncepages.com
18 7

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
identitycdn.msauth.net
DigiCert SHA2 Secure Server CA		 2020-07-20 -
2021-07-20		 a year crt.sh

This page contains 1 frames:

Primary Page: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Frame ID: C7B27D1B0016DC98271D9E93DC091038
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://unbouncepages.com/23434522345234523452345234523452345dfgsd HTTP 301
    http://unbouncepages.com/23434522345234523452345234523452345dfgsd/ Page URL
  2. http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

22 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

548 kB
Transfer

870 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://unbouncepages.com/23434522345234523452345234523452345dfgsd HTTP 301
    http://unbouncepages.com/23434522345234523452345234523452345dfgsd/ Page URL
  2. http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://unbouncepages.com/23434522345234523452345234523452345dfgsd HTTP 301
  • http://unbouncepages.com/23434522345234523452345234523452345dfgsd/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
unbouncepages.com/23434522345234523452345234523452345dfgsd/
Redirect Chain
  • http://unbouncepages.com/23434522345234523452345234523452345dfgsd
  • http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
Protocol
HTTP/1.1
Server
18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8f8e3728bd5d014b55b67f6025c850629eb8139d1bccaf5e2e1b012d9c6e5457

Request headers

Host
unbouncepages.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 17:26:48 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
5d73dfe9-322a-45a9-8fff-54a009ed498f
etag
5f6b2f35119eabc981e5865c2baf3fcb
content-location
http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
x-unbounce-visitorid
139.28.219.841618421999444633
last-modified
Tue, 13 Apr 2021 15:57:07 GMT
x-unbounce-variant
a
link
<http://unbouncepages.com/23434522345234523452345234523452345dfgsd/>; rel="canonical"
set-cookie
ubpv=a%2C5d73dfe9-322a-45a9-8fff-54a009ed498f; Max-Age=15897600; Expires=Thu, 14 Oct 2021 17:26:48 GMT; Path=/23434522345234523452345234523452345dfgsd/; SameSite=Lax ubrs=weighted; Path=/23434522345234523452345234523452345dfgsd/; SameSite=Lax ubvs=139.28.219.841618421999444633; Max-Age=15552000; Expires=Sun, 10 Oct 2021 17:26:48 GMT; Path=/; SameSite=Lax ubvt=139.28.219.841618421999444633; Max-Age=259200; Expires=Fri, 16 Apr 2021 17:26:48 GMT; Path=/; Domain=unbouncepages.com; SameSite=Lax
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

date
Tue, 13 Apr 2021 17:26:48 GMT
content-length
0
p3p
CP="This is not a privacy policy."
location
http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
x-proxy-backend
page-server
connection
close
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: unbouncepages.com
URL: http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
Protocol
HTTP/1.1
Server
99.86.3.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
http://unbouncepages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 01:12:18 GMT
Content-Encoding
gzip
Age
5847271
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2902
Last-Modified
Thu, 14 Jan 2021 00:04:15 GMT
Server
AmazonS3
ETag
"387bd017c5b4c65e427e652174ec93b6"
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
Via
1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Type
text/css
X-Amz-Cf-Id
UuxHJxGYbATwONoiW7f7UxAObMoGbmckUd1zfOIMkCD4_VExBLJS2Q==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1617912455
Requested by
Host: unbouncepages.com
URL: http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:6c00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abe64d6b8ec105af8ce48e7fe026d865a08abf87abe8693b15ed481a584c876b

Request headers

Referer
http://unbouncepages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 20:38:24 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 20:07:19 GMT
server
AmazonS3
age
420505
etag
"ec2f2cb4b09123a4d386614010dd0a0a"
x-cache
Hit from cloudfront
x-amz-version-id
cI2QdnC0nmqnCv2liJ6KQPvr8wNAycdi
via
1.1 3682ae673ce1091d4547ffdcc74acbce.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MAD51-C1
accept-ranges
bytes
content-type
application/javascript
content-length
2009
x-amz-cf-id
WLdYQz40-BV952EEYNzgM33jTBM_4HCGvaVlIxnawftmecOaVfj4kA==
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: unbouncepages.com
URL: http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
Protocol
HTTP/1.1
Server
99.86.3.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-13.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
http://unbouncepages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 03:07:39 GMT
Content-Encoding
gzip
Age
2384350
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
33645
Last-Modified
Thu, 14 Jan 2021 00:04:10 GMT
Server
AmazonS3
ETag
"bb50eefe0cf9244bc17fe34bb55821bb"
x-amz-version-id
ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3
Via
1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
GQ0m5NApGAyIjwRA4Vc-NaNf7MEqKWsmj7PEdmC0fZdpE4pttIoaPg==
08299ac6-640f-4a3d-80e5-891f6a0b10dd
http://unbouncepages.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:http://unbouncepages.com/08299ac6-640f-4a3d-80e5-891f6a0b10dd
Requested by
Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1617912455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:6c00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
http://unbouncepages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 01:37:30 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
6536959
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 3682ae673ce1091d4547ffdcc74acbce.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MAD51-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
FdMnrG36m9cscOUvMPs5xjnoCfJebGirNOsC2gRAksI5qCdC3i3F2w==
i
events.ub-analytics.com/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://events.ub-analytics.com/i?stm=1618334809023&e=pv&url=http%3A%2F%2Funbouncepages.com%2F23434522345234523452345234523452345dfgsd%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&eid=7a48509a-1ba1-4748-bf74-c8ca9fb825ec&dtm=1618334809021&vp=1600x1200&ds=1600x1200&vid=1&sid=bc45baa4-65d7-4a45-80ec-1944798f2304&duid=4eed7fd0-87e3-4591-91c4-ebbf9fb99bbc&uid=139.28.219.841618421999444633&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNWQ3M2RmZTktMzIyYS00NWE5LThmZmYtNTRhMDA5ZWQ0OThmIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: unbouncepages.com
URL: http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
Protocol
HTTP/1.1
Server
35.173.63.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-63-32.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
http://unbouncepages.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:49 GMT
Server
akka-http/10.0.9
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Primary Request login.php
seg-logg.live/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
096d1cbc60fdcdef1d50992de4874e36e9d0f0dba6ca70dedcce5915cb154518

Request headers

Host
seg-logg.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://unbouncepages.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://unbouncepages.com/

Response headers

Date
Tue, 13 Apr 2021 17:26:50 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1664
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
seg-logg.live/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/css/bootstrap.min.css
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
26f89432f26835fdb007dbf41441a6f7440865cc0fbd0f36e880dc4c26d00d7d

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:50 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Apr 2021 20:56:54 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1d878-5bf17b4525180-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
19615
bootstrap-theme.min.css
seg-logg.live/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/css/bootstrap-theme.min.css
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
005b287d977c17d5cf6677103cc353babb47fa4c302ec8b5ea2c86817d8cb0d0

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Apr 2021 20:56:54 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"5aca-5bf17b4525180-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2657
css
fonts.googleapis.com/ 		2 KB
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef483ba9c12b65c89278af42b7e5c83c68fae4d9ce6958bc692615312fcc46d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://seg-logg.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 17:26:07 GMT
server
ESF
date
Tue, 13 Apr 2021 17:26:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Apr 2021 17:26:50 GMT
bootstrap.min.js
seg-logg.live/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/js/bootstrap.min.js
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2f9f71d96d253ecafb0d73e4cc37e7a4c843cc0d082c757c80cc5de8a0edc2df

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Apr 2021 20:56:55 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9039-5bf17b46193c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9756
jquery-vv.min.js
seg-logg.live/js/ 		30 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/js/jquery-vv.min.js
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6bc21e325f9e92c5571194ff99852960f3e85876f69aaf05579c1e83ea2a0422

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Apr 2021 20:56:55 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7943-5bf17b46193c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15662
verificarUsuario.js
seg-logg.live/js/ 		602 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/js/verificarUsuario.js
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
49ef4eeff12b3edbfa4ba3f94939d95526ff7a634eb23a64a69791819abb8175

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 03 Apr 2021 20:56:56 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"25a-5bf17b470d600-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
330
microsoft_logo.svg
seg-logg.live/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://seg-logg.live/img/microsoft_logo.svg
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Last-Modified
Sat, 03 Apr 2021 20:56:55 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"e43-5bf17b46193c0"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3651
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
logincdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3592) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
http://seg-logg.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Apr 2021 17:26:51 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
6014588
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:25 GMT
server
ECAcc (lhd/3592)
etag
0x8D8852A7FCCA219
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6a9cb47a-701e-0017-39d6-f97961000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
webserver.php
seg-logg.live/ 		275 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://seg-logg.live/webserver.php
Requested by
Host: unbouncepages.com
URL: http://unbouncepages.com/23434522345234523452345234523452345dfgsd/
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b7a4f63b4feead6175047d3f0626cc3c77cabc2cc02be5d059e9c8b03959b017

Request headers

Accept
application/json, text/javascript, */*
Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
275
Content-Type
text/html; charset=iso-8859-1
003.jpg
seg-logg.live/img/ 		418 KB
418 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://seg-logg.live/img/003.jpg
Requested by
Host: seg-logg.live
URL: http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
Protocol
HTTP/1.1
Server
156.67.217.13 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
80c91304be4aae19bb772567e542db75010766d71e9ba4073e793fcfbbdd4aed

Request headers

Referer
http://seg-logg.live/login.php?micro=11,13,000000,30,Tue,%2013%20Apr%202021%2011:05:13%20+0000,21,11,05,13,4,11.bemvindo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 17:26:51 GMT
Last-Modified
Sat, 03 Apr 2021 20:56:54 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"68838-5bf17b4525180"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
428088

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| validation

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: http://seg-logg.live/js/verificarUsuario.js(Line 16)
Message:
antes de enviar
console-api log URL: http://seg-logg.live/js/verificarUsuario.js(Line 21)
Message:
depois de enviado

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
logincdn.msauth.net
seg-logg.live
unbouncepages.com
156.67.217.13
18.196.95.178
192.229.221.185
2600:9000:20a8:6c00:1d:11cf:5800:93a1
2a00:1450:4001:801::200a
35.173.63.32
99.86.3.13
005b287d977c17d5cf6677103cc353babb47fa4c302ec8b5ea2c86817d8cb0d0
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
096d1cbc60fdcdef1d50992de4874e36e9d0f0dba6ca70dedcce5915cb154518
26f89432f26835fdb007dbf41441a6f7440865cc0fbd0f36e880dc4c26d00d7d
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f9f71d96d253ecafb0d73e4cc37e7a4c843cc0d082c757c80cc5de8a0edc2df
49ef4eeff12b3edbfa4ba3f94939d95526ff7a634eb23a64a69791819abb8175
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
6bc21e325f9e92c5571194ff99852960f3e85876f69aaf05579c1e83ea2a0422
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
80c91304be4aae19bb772567e542db75010766d71e9ba4073e793fcfbbdd4aed
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8f8e3728bd5d014b55b67f6025c850629eb8139d1bccaf5e2e1b012d9c6e5457
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
abe64d6b8ec105af8ce48e7fe026d865a08abf87abe8693b15ed481a584c876b
b7a4f63b4feead6175047d3f0626cc3c77cabc2cc02be5d059e9c8b03959b017
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ef483ba9c12b65c89278af42b7e5c83c68fae4d9ce6958bc692615312fcc46d1