mail.couturehollywood.com
Open in
urlscan Pro
23.229.196.98
Malicious Activity!
Public Scan
Submission: On October 22 via api from CA
Summary
This is the only time mail.couturehollywood.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 23.229.196.98 23.229.196.98 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 23.67.139.157 23.67.139.157 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 45.40.130.22 45.40.130.22 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
24 | 6 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-23-229-196-98.ip.secureserver.net
mail.couturehollywood.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-139-157.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-130-22.ip.secureserver.net
img.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
couturehollywood.com
mail.couturehollywood.com |
796 KB |
3 |
gstatic.com
fonts.gstatic.com |
27 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
secureserver.net
img.secureserver.net |
596 B |
1 |
google.com
tools.google.com |
230 B |
1 |
wsimg.com
img1.wsimg.com |
5 KB |
24 | 6 |
Domain | Requested by | |
---|---|---|
16 | mail.couturehollywood.com |
mail.couturehollywood.com
|
3 | fonts.gstatic.com |
mail.couturehollywood.com
|
2 | fonts.googleapis.com |
mail.couturehollywood.com
|
1 | img.secureserver.net | |
1 | tools.google.com | |
1 | img1.wsimg.com |
mail.couturehollywood.com
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
drive.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2018-09-25 - 2020-09-25 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://mail.couturehollywood.com/reservationfile/view/document/
Frame ID: D7C8609A58AB3956B4B682B7DC88B906
Requests: 24 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Open Drive
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
mail.couturehollywood.com/reservationfile/view/document/ |
18 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drive-dlpage.css
mail.couturehollywood.com/reservationfile/view/res/drive/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
maia.css
mail.couturehollywood.com/www.google.com/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drive-download.css
mail.couturehollywood.com/reservationfile/view/res/drive/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
modernizr.js
mail.couturehollywood.com/www.gstatic.com/external_hosted/modernizr/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gu-util.js
mail.couturehollywood.com/reservationfile/tools/dlpage/res/c/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
logo-drive.png
mail.couturehollywood.com/reservationfile/view/res/drive/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drive-devices.jpg
mail.couturehollywood.com/reservationfile/view/res/drive/images/ |
721 KB 721 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dlpage-ui.js
mail.couturehollywood.com/reservationfile/view/res/drive/scripts/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
mail.couturehollywood.com/reservationfile/view/document/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading-16.gif
mail.couturehollywood.com/reservationfile/view/res/c/image/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TweenMax.min.js
mail.couturehollywood.com/www.gstatic.com/external_hosted/gsap/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
drive-base.css
mail.couturehollywood.com/reservationfile/view/res/drive/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
goog.css
mail.couturehollywood.com/www.google.com/tools/dlpage/res/c/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dropdownarrow.png
mail.couturehollywood.com/reservationfile/view/res/drive/images/ |
426 B 694 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.png
mail.couturehollywood.com/reservationfile/view/res/drive/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dlpageping
tools.google.com/service/update2/ |
0 230 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
img.secureserver.net/t/1/tl/ |
43 B 596 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)249 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| utmx_section function| utmx function| setHl function| _GU_OnloadHandlerAdd function| _GU_OnloadBody function| _GU_getPlatform function| _GU_getBrowserId function| _GU_setCookie function| _GU_setSessionCookie function| _GU_getCookie function| _GU_removeCookie function| _GU_areCookiesSupported function| _GU_initIid function| _GU_getIid function| _GU_experimentTripletToTagValue function| _GU_experimentTripletArrayToTagElement function| _GU_createAppInfo function| GU_BuildTag function| GU_buildGlobalExtra function| _GU_isClickOnceAvailable function| _GU_isOneClickAvailable function| _GU_SetupOneClick function| _GU_SetupOneClickVersions function| _GU_buildDlPath function| _GU_buildDlPathNoTag function| _GU_buildClickOncePath object| google function| runTagParamsHook function| runThankYouQueryHook function| runGetAppsPageHook object| referer function| resetButtons function| showThrobber function| getThankyouUrl function| queueThankyou function| getApps function| areStatsEnabled function| isDownloadTaggingEnabled function| getDownloadPath function| buildDownloadUrl function| downloadAndThankYou function| installViaDownload function| isClickOnceEnabled function| isOneClickEnabled function| installViaClickOnce function| installViaOneClick function| getInstallSource function| installApp function| sendDlPagePing function| downloadInstaller undefined| pageTracker function| doSubmit object| update function| goCancelled object| g function| aa object| h object| k function| p function| ba function| q function| ca function| da function| r function| ea function| fa function| ga function| ha function| ia function| ja string| ka string| la string| ma string| t string| na string| oa string| u string| pa string| qa string| ra string| sa string| ta string| ua string| va string| xa string| ya string| za string| Ba string| Ca string| Da string| v string| w string| Ea string| x string| y string| Fa string| Ga string| z string| A string| Ha string| B string| Ia string| Ja string| Ka string| C string| La string| Ma string| D string| Na object| E object| F function| Oa function| Pa function| Qa function| G function| Ra function| Sa string| Ta number| Ua function| Va function| Wa function| Xa function| Ya function| Za function| H function| $a function| ab function| I function| bb function| cb function| db function| eb function| fb function| J function| gb function| hb object| K function| ib function| L function| jb function| kb function| lb function| mb function| nb function| ob function| rb function| sb function| tb object| ub function| vb string| M object| wb string| xb boolean| yb boolean| zb boolean| Ab boolean| Bb function| Cb boolean| Db boolean| O boolean| P boolean| Q object| Eb string| Fb boolean| Gb function| Ib string| Jb object| Kb function| R object| Lb undefined| Mb boolean| Nb function| Ob function| Pb function| Rb function| Qb function| S function| Sb function| T function| Ub function| Tb function| Vb function| Wb function| Xb function| Yb function| Zb function| $b boolean| ac boolean| bc function| cc function| V function| dc string| ec function| fc number| gc function| hc function| ic function| jc string| kc object| lc number| mc function| W function| pc function| sc function| tc function| qc function| vc function| uc function| rc function| oc string| wc function| nc function| xc function| yc function| Bc object| Cc object| Dc function| Ec function| Gc function| Fc function| Hc function| Ic function| Jc function| X function| Kc function| Lc function| Nc function| Mc function| Y function| Z function| Oc function| $ function| Pc function| Qc function| Rc undefined| Sc function| Tc function| Uc object| cdl object| closure_lm_751978 object| eulaModal function| getConfigOptions object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mail.couturehollywood.com/reservationfile/view/document | Name: iid Value: %7BC1342F5F-5FB7-B956-35A9-8E755E202F38%7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
img.secureserver.net
img1.wsimg.com
mail.couturehollywood.com
tools.google.com
23.229.196.98
23.67.139.157
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
45.40.130.22
144833da7db985fa98ebd0a0b7d45ca3fb94df849cedb280957957f658211b27
228096fd6f7c6214fd4899f6d8ec7a3c6f3d2bb411c8ba745dd32f11a1a3de44
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
437398aae3cd98321fb24ce478d22a94e5f90f92d01284ea2bb61f0c1b8e74bd
45120993a137bcca95ccfe97fb236f8dd7827c89fe7385c76a63df739ce731a1
47f60f88513755e18ea6e52813e00e90225696d3566a662b62ac100182fcd42c
65deeb340f8bd78d2aee5d4c28dc4e5bc49a255f1bd38625925b56bd94226328
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8889e592d65dbf8cfa84026d728b9dda8ef61c02896d44ca0be8cd9ed5c16848
899a954829dd74b84d635b637521dc7600cf1a27647f151cfe28e729defb0c7f
95d52a05450613bc4f26a453c2b43c39e84e8bba15d945fe8a324f5c7cb0b4c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a20084c563557a3749c82c36298f84753cb51fdfa4a16964c61ed715ef75076f
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b927138c8add3717eeded4aed4a8d01cbace679715efafa1c2fa18aff32273d2
c3520de5b04afec506116b6bf980719dd2dce0b16f989a89f2cf48436ef95cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2256b73bc828ed2c8c92650c242c70da88e8e429c6d4d701cacdce24690c3
e76c2eee68acdf5bdb9aa39ba51a3697d45af022bbfef1dba87a4866e4868201
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be