margieiafeta.com
Open in
urlscan Pro
23.254.240.28
Malicious Activity!
Public Scan
Submission: On May 05 via api from CA
Summary
This is the only time margieiafeta.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: US Universities (Education)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 23.254.240.28 23.254.240.28 | 54290 (HOSTWINDS) (HOSTWINDS - Hostwinds LLC.) | |
1 | 34.200.30.249 34.200.30.249 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
7 | 2 |
ASN54290 (HOSTWINDS - Hostwinds LLC., US)
PTR: client-23-254-240-28.hostwindsdns.com
margieiafeta.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-30-249.compute-1.amazonaws.com
www.wright.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
margieiafeta.com
margieiafeta.com |
17 KB |
1 |
wright.edu
www.wright.edu |
4 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
6 | margieiafeta.com |
margieiafeta.com
|
1 | www.wright.edu | |
7 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.wright.edu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.wright.edu InCommon RSA Server CA |
2017-02-16 - 2020-02-16 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://margieiafeta.com/x3/Wright/Sign_one.html
Frame ID: 9288.1
Requests: 7 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Password Management
Search URL Search Domain Scan URL
Title: CaTS Help Desk
Search URL Search Domain Scan URL
Title: Wright State Accounts
Search URL Search Domain Scan URL
Title: Copyright © 2016
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Accreditation
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Title IX
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Sign_one.html
margieiafeta.com/x3/Wright/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
margieiafeta.com/x3/Wright/Sign%20in%20to%20continue_files/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wsu.css
margieiafeta.com/x3/Wright/Sign%20in%20to%20continue_files/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ping-wrightstate-wordmark.png
margieiafeta.com/x3/Wright/Sign%20in%20to%20continue_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ping-biplane_white.png
margieiafeta.com/x3/Wright/Sign%20in%20to%20continue_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ping-logo.40.png
margieiafeta.com/x3/Wright/images/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.wright.edu/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: US Universities (Education)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
margieiafeta.com
www.wright.edu
23.254.240.28
34.200.30.249
3fa3daff86edb5cd757631278b3916c8127ecf9ecc2557619f15256327296e3b
574c734c0df2b98c2399ac70c279a963607ae712ee0c26679f1173d8a87a798a
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83
82c1f117b95aa0eb9b744902b6b848cbfd5bde968dce2b8d7e0bc6c1385e9aba
871a25d0d2a597c48e500dad69bfc972e5a4251dbbdc539dd5366f69a516636a
a39d8d4d614571c10ceb4f457fdb72fc0960107c31bda004383e165684cbc6eb
fc0a24ebac66fe5f5f499c6956540fd25f5db5b7de0aae06e928e297f4c7d1cf