electricalengineeringassignmenthelp.com
Open in
urlscan Pro
207.174.215.159
Malicious Activity!
Public Scan
Effective URL: https://electricalengineeringassignmenthelp.com/voice/?ss=2&ea=zvonimir.kotnik@hexagonmetrology.com&session=c2cab8cf33b3d6ee5bd50a5eb2fe3ed1c2ca...
Submission: On July 02 via manual from IN
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 7th 2020. Valid for: 3 months.
This is the only time electricalengineeringassignmenthelp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 37.230.110.61 37.230.110.61 | 42807 (AEROTEK-AS) (AEROTEK-AS) | |
1 6 | 207.174.215.159 207.174.215.159 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
2 | 152.199.23.72 152.199.23.72 | 15133 (EDGECAST) (EDGECAST) | |
7 | 2 |
ASN42807 (AEROTEK-AS, TR)
PTR: srvc57.trwww.com
themeaningofname.com |
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-64.webhostbox.net
electricalengineeringassignmenthelp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
electricalengineeringassignmenthelp.com
1 redirects
electricalengineeringassignmenthelp.com |
31 KB |
2 |
msauthimages.net
aadcdn.msauthimages.net |
33 KB |
1 |
themeaningofname.com
1 redirects
themeaningofname.com |
390 B |
7 | 3 |
Domain | Requested by | |
---|---|---|
6 | electricalengineeringassignmenthelp.com |
1 redirects
electricalengineeringassignmenthelp.com
|
2 | aadcdn.msauthimages.net |
electricalengineeringassignmenthelp.com
|
1 | themeaningofname.com | 1 redirects |
7 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
electricalengineeringassignmenthelp.com Let's Encrypt Authority X3 |
2020-06-07 - 2020-09-05 |
3 months | crt.sh |
aadcdn.msauthimages.net Microsoft IT TLS CA 1 |
2018-12-07 - 2020-12-07 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://electricalengineeringassignmenthelp.com/voice/?ss=2&ea=zvonimir.kotnik@hexagonmetrology.com&session=c2cab8cf33b3d6ee5bd50a5eb2fe3ed1c2cab8cf33b3d6ee5bd50a5eb2fe3ed1
Frame ID: A753DDA6D7B162CD9F948F03CF8312CE
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://themeaningofname.com/voicenotes/enZvbmltaXIua290bmlrQGhleGFnb25tZXRyb2xvZ3kuY29t
HTTP 302
https://electricalengineeringassignmenthelp.com/voice?ss=2&ea=zvonimir.kotnik@hexagonmetrology.com&session=c2cab8cf33b3d6ee5... HTTP 301
https://electricalengineeringassignmenthelp.com/voice/?ss=2&ea=zvonimir.kotnik@hexagonmetrology.com&session=c2cab8cf33b3d6ee... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://themeaningofname.com/voicenotes/enZvbmltaXIua290bmlrQGhleGFnb25tZXRyb2xvZ3kuY29t
HTTP 302
https://electricalengineeringassignmenthelp.com/voice?ss=2&ea=zvonimir.kotnik@hexagonmetrology.com&session=c2cab8cf33b3d6ee5bd50a5eb2fe3ed1c2cab8cf33b3d6ee5bd50a5eb2fe3ed1 HTTP 301
https://electricalengineeringassignmenthelp.com/voice/?ss=2&ea=zvonimir.kotnik@hexagonmetrology.com&session=c2cab8cf33b3d6ee5bd50a5eb2fe3ed1c2cab8cf33b3d6ee5bd50a5eb2fe3ed1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
electricalengineeringassignmenthelp.com/voice/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Converged1033.css
electricalengineeringassignmenthelp.com/voice/files2/ |
86 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load2.gif
electricalengineeringassignmenthelp.com/voice/files/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-6osl4yb9v6qnqurft5xjwkoc2-ucdrwfd1nplxpbdo/logintenantbranding/0/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_left.png
electricalengineeringassignmenthelp.com/voice/files/ |
240 B 278 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0-small.jpg
electricalengineeringassignmenthelp.com/voice/files2/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/c1c6b6c8-6osl4yb9v6qnqurft5xjwkoc2-ucdrwfd1nplxpbdo/logintenantbranding/0/ |
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| empty function| change function| myFunction object| form object| button1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
electricalengineeringassignmenthelp.com/ | Name: PHPSESSID Value: auc21qjcfbmkn1aaupd72uq3n6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauthimages.net
electricalengineeringassignmenthelp.com
themeaningofname.com
152.199.23.72
207.174.215.159
37.230.110.61
4ab7658cf047ebb6d8ca59ad1c66a3dc4edf94b2b26ff98e2525fc57320de69c
61f042cc3bb4b27963e79e567aef325709fb00e03674ef6fc424e0b818ffed1b
9c4df3f72862ff3dfe74c90d5d7456f03fe2216e23add47a690b7566b54d34e0
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
d996ba44deef8a017338d220cdd7dd6711d54e52c7d3511476a775578dcb6e84