manulifeam-login.lvdtbtkhpgb.click
Open in
urlscan Pro
137.184.127.24
Malicious Activity!
Private Scan
Effective URL: https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission: On February 27 via api from DE — Scanned from ES
Summary
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.
This is the only time manulifeam-login.lvdtbtkhpgb.click was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sharepoint (Online) Microsoft (Consumer) OneDrive (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 216.58.212.131 216.58.212.131 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 142.250.186.67 142.250.186.67 | 15169 (GOOGLE) (GOOGLE) | |
2 2 | 142.250.186.35 142.250.186.35 | 15169 (GOOGLE) (GOOGLE) | |
3 3 | 142.250.181.227 142.250.181.227 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 104.20.139.65 104.20.139.65 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 104.21.67.53 104.21.67.53 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.213.212 172.67.213.212 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 142.250.186.164 142.250.186.164 | 15169 (GOOGLE) (GOOGLE) | |
9 21 | 137.184.127.24 137.184.127.24 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 172.217.16.202 172.217.16.202 | 15169 (GOOGLE) (GOOGLE) | |
3 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 152.199.19.161 152.199.19.161 | 15133 (EDGECAST) (EDGECAST) | |
2 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 13.107.213.45 13.107.213.45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 2 | 185.15.59.226 185.15.59.226 | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
5 | 185.15.59.224 185.15.59.224 | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
1 | 13.107.246.45 13.107.246.45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
31 | 10 |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com |
ASN14061 (DIGITALOCEAN-ASN, US)
vmmojuh.lvdtbtkhpgb.click | |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click | |
login.lvdtbtkhpgb.click | |
manulifeam-www.lvdtbtkhpgb.click | |
manulifeam-login.lvdtbtkhpgb.click |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net
fonts.googleapis.com |
ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com | |
stackpath.bootstrapcdn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure.aadcdn.microsoftonline-p.com | |
logincdn.msauth.net |
ASN14907 (WIKIMEDIA, US)
PTR: ncredir-lb.esams.wikimedia.org
wikipedia.com |
ASN14907 (WIKIMEDIA, US)
PTR: text-lb.esams.wikimedia.org
www.wikipedia.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
lvdtbtkhpgb.click
9 redirects
vmmojuh.lvdtbtkhpgb.click manulifeam-login.microsoftonline.lvdtbtkhpgb.click login.lvdtbtkhpgb.click manulifeam-www.lvdtbtkhpgb.click manulifeam-login.lvdtbtkhpgb.click |
247 KB |
5 |
wikipedia.org
www.wikipedia.org — Cisco Umbrella Rank: 11908 |
46 KB |
5 |
google.ae
5 redirects
google.ae — Cisco Umbrella Rank: 33079 www.google.ae — Cisco Umbrella Rank: 33944 |
5 KB |
4 |
google.es
4 redirects
www.google.es — Cisco Umbrella Rank: 23215 google.es — Cisco Umbrella Rank: 21024 |
3 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2859 |
50 KB |
2 |
wikipedia.com
2 redirects
wikipedia.com — Cisco Umbrella Rank: 136710 |
277 B |
2 |
msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 3724 aadcdn.msauth.net — Cisco Umbrella Rank: 893 |
2 KB |
2 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 14951 |
2 KB |
2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 729 |
162 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32 |
3 KB |
2 |
google.com
2 redirects
www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
2 |
qhilrswrxr.shop
2 redirects
tzvu8fqqp.qhilrswrxr.shop |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226 |
7 KB |
1 |
azureedge.net
spoppe-b.azureedge.net — Cisco Umbrella Rank: 6797 |
1 KB |
1 |
tinyurl.com
1 redirects
tinyurl.com — Cisco Umbrella Rank: 18784 |
831 B |
31 | 15 |
Domain | Requested by | |
---|---|---|
16 | manulifeam-login.microsoftonline.lvdtbtkhpgb.click |
5 redirects
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
code.jquery.com |
5 | www.wikipedia.org |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
www.wikipedia.org |
3 | www.google.ae | 3 redirects |
3 | www.google.es | 3 redirects |
2 | wikipedia.com | 2 redirects |
2 | secure.aadcdn.microsoftonline-p.com |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
2 | code.jquery.com |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
2 | maxcdn.bootstrapcdn.com |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
2 | fonts.googleapis.com |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
2 | vmmojuh.lvdtbtkhpgb.click | 2 redirects |
2 | www.google.com | 2 redirects |
2 | tzvu8fqqp.qhilrswrxr.shop | 2 redirects |
2 | google.ae | 2 redirects |
1 | manulifeam-login.lvdtbtkhpgb.click |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
1 | manulifeam-www.lvdtbtkhpgb.click | 1 redirects |
1 | login.lvdtbtkhpgb.click | 1 redirects |
1 | aadcdn.msauth.net |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
manulifeam-login.lvdtbtkhpgb.click |
1 | logincdn.msauth.net |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
1 | stackpath.bootstrapcdn.com |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
1 | cdnjs.cloudflare.com |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
1 | spoppe-b.azureedge.net |
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
|
1 | tinyurl.com | 1 redirects |
1 | google.es | 1 redirects |
31 | 23 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
lvdtbtkhpgb.click R3 |
2024-02-26 - 2024-05-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-01-28 - 2024-04-27 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-01-30 - 2025-01-30 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
secure.aadcdn.microsoftonline-p.com Microsoft Azure RSA TLS Issuing CA 04 |
2023-12-05 - 2024-11-29 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-01-17 - 2025-01-11 |
a year | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-10-18 - 2024-10-16 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-01-29 - 2025-01-29 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638446196818621877.ZjVlMGFmYmMtYjJkYy00MWMxLWIwMGUtYWMxNDZhMmE3NjQ3MDdiZjUyZjgtZjI2ZC00N2ZiLThhOTYtMjcwZDlkNTAyYTYz&ui_locales=es-ES&mkt=es-ES&client-request-id=9dbe073c-c8f8-4fd3-a423-4d38005b81e0&state=QGO2lvU6U519NGg3tYSz0Q4u0xD7mG8m32ubuekA41S8223yhySASkZmvlvf0QYs8ODOHb9sCSdkRdKh-3wkPJkI_dr6maeHfHvNCysOqV0K-KQ3KLnNsAEBUSCRBenbiBrG_gvm2fBk4bV_JRBx4amHe2RqUUpr80AIxVeio-uNmzdFLB09RHcUB92KFuvCgq-i_YvBbDuHY7ImtLVjGVOAzKH0MDASn8FCB0nov89Ww_Dp0VCVosUVTovKPYVO-hm_71FwEWGVjQ6E73WQ7A&x-client-SKU=ID_NET6_0&x-client-ver=7.2.0.0
Frame ID: 3352BD84C23531320E1BB0E30E6AD3BD
Requests: 22 HTTP requests in this frame
Frame:
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
Frame ID: AD041F7B304147195FAD357CBA9E224B
Requests: 8 HTTP requests in this frame
Frame:
https://www.wikipedia.org/
Frame ID: 22B82FE77ED5A8C817913DC859AA2DBC
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%2...
HTTP 302
https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQ... HTTP 301
https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQ... HTTP 302
https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
http://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
https://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://tinyurl.com/zjxb6szs HTTP 307
https://tinyurl.com/zjxb6szs HTTP 301
https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da... HTTP 302
http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b1... HTTP 302
http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a Page URL
-
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/rp/basel_kirmani@manulifeam.com
HTTP 301
https://login.lvdtbtkhpgb.click/ HTTP 302
https://manulifeam-www.lvdtbtkhpgb.click/login HTTP 302
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%26source%3Dcaz%26cd%3DHMZN%26cad%3DkYZs85%26ved%3DVJiceebXfwQbNW%26uact%3D246%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%257A%256A%2578%2562%2536%2573%257A%2573%26opi%3D6739163743380%26usg%3DekmYVJ39E85DXT&source=gmail&ust=1709106742570000&usg=AOvVaw06f-jLUS9CyZ_d3ESyt0_u
HTTP 302
https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%7A%6A%78%62%36%73%7A%73&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 301
https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2Fzjxb6szs&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 302
https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
http://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
https://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
http://tinyurl.com/zjxb6szs HTTP 307
https://tinyurl.com/zjxb6szs HTTP 301
https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a Page URL
-
https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/rp/basel_kirmani@manulifeam.com
HTTP 301
https://login.lvdtbtkhpgb.click/ HTTP 302
https://manulifeam-www.lvdtbtkhpgb.click/login HTTP 302
https://manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.lvdtbtkhpgb.click%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638446196818621877.ZjVlMGFmYmMtYjJkYy00MWMxLWIwMGUtYWMxNDZhMmE3NjQ3MDdiZjUyZjgtZjI2ZC00N2ZiLThhOTYtMjcwZDlkNTAyYTYz&ui_locales=es-ES&mkt=es-ES&client-request-id=9dbe073c-c8f8-4fd3-a423-4d38005b81e0&state=QGO2lvU6U519NGg3tYSz0Q4u0xD7mG8m32ubuekA41S8223yhySASkZmvlvf0QYs8ODOHb9sCSdkRdKh-3wkPJkI_dr6maeHfHvNCysOqV0K-KQ3KLnNsAEBUSCRBenbiBrG_gvm2fBk4bV_JRBx4amHe2RqUUpr80AIxVeio-uNmzdFLB09RHcUB92KFuvCgq-i_YvBbDuHY7ImtLVjGVOAzKH0MDASn8FCB0nov89Ww_Dp0VCVosUVTovKPYVO-hm_71FwEWGVjQ6E73WQ7A&x-client-SKU=ID_NET6_0&x-client-ver=7.2.0.0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.google.es/url?hl=en&q=https://google.es/url?sa%3Dt%26q%3Ddk%26rct%3DmT%26esrc%3Dlfgf%26source%3Dcaz%26cd%3DHMZN%26cad%3DkYZs85%26ved%3DVJiceebXfwQbNW%26uact%3D246%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%257A%256A%2578%2562%2536%2573%257A%2573%26opi%3D6739163743380%26usg%3DekmYVJ39E85DXT&source=gmail&ust=1709106742570000&usg=AOvVaw06f-jLUS9CyZ_d3ESyt0_u HTTP 302
- https://google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%7A%6A%78%62%36%73%7A%73&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 301
- https://www.google.es/url?sa=t&q=dk&rct=mT&esrc=lfgf&source=caz&cd=HMZN&cad=kYZs85&ved=VJiceebXfwQbNW&uact=246&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2Fzjxb6szs&opi=6739163743380&usg=ekmYVJ39E85DXT HTTP 302
- https://www.google.es/amp/google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
- http://google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
- http://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 301
- https://www.google.ae/amp/tinyurl.com/zjxb6szs HTTP 302
- http://tinyurl.com/zjxb6szs HTTP 307
- https://tinyurl.com/zjxb6szs HTTP 301
- https://google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
- https://www.google.ae/amp/tzVu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
- http://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 301
- https://tzvu8fqqp.qhilrswrxr.shop/8zYytVyXq HTTP 302
- https://www.google.com/amp/vmmOJUh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
- http://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
- https://vmmojuh.lvdtbtkhpgb.click/bdd600/1/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
- https://www.google.com/amp/manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 302
- http://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a HTTP 301
- https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a
- https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click//Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true HTTP 301
- https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/65da079163e77c1b2211937a?gif=outlook&itb1=true
- https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/Sign%20in%20to%20your%20account_files/prefetch(1).html HTTP 301
- https://wikipedia.com/ HTTP 301
- https://www.wikipedia.org/
- https://manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/Sign%20in%20to%20your%20account_files/ellipsis_grey.svg HTTP 301
- https://wikipedia.com/ HTTP 301
- https://www.wikipedia.org/
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
65da079163e77c1b2211937a
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/ Redirect Chain
|
59 KB 59 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
0 2 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
docx.png
spoppe-b.azureedge.net/files/fabric-cdn-prod_20211104.001/assets/item-types/32_2x/ |
975 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.js
code.jquery.com/ |
274 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/ |
23 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mac-chrome.css
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
65da079163e77c1b2211937a
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/ Frame AD04 Redirect Chain
|
146 KB 146 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssl.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ |
563 B 751 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ |
720 B 908 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-right.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ |
1023 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
settings.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new-tab.svg
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/uploads/images/ |
468 B 656 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.js
code.jquery.com/ Frame AD04 |
274 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame AD04 |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_left.svg
logincdn.msauth.net/16.000.28345.6/images/ Frame AD04 |
513 B 929 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.wikipedia.org/ Frame 22B8 Redirect Chain
|
76 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
aadcdn.msauth.net/shared/1.0/content/images/ Frame AD04 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ellipsis_white.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ Frame AD04 |
915 B 752 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.wikipedia.org/ Frame AD04 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
65da079163e77c1b2211937a
manulifeam-login.microsoftonline.lvdtbtkhpgb.click/Applicationview/bd1b18bfc947528a76ae3e067f148799/ Frame AD04 |
0 177 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Wikipedia-logo-v2.png
www.wikipedia.org/portal/wikipedia.org/assets/img/ Frame 22B8 |
15 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-24c3e2ca18.js
www.wikipedia.org/portal/wikipedia.org/assets/js/ Frame 22B8 |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gt-ie9-ce3fe8e88d.js
www.wikipedia.org/portal/wikipedia.org/assets/js/ Frame 22B8 |
614 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
manulifeam-login.lvdtbtkhpgb.click/common/oauth2/v2.0/ Redirect Chain
|
21 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aadcdn.msauth.net
- URL
- https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sharepoint (Online) Microsoft (Consumer) OneDrive (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.es/ | Name: __Secure-ENID Value: 17.SE=RvgeS0RXL4WEx1jhxhDF80jJWNuNnkv6rfAmeM6FCcyFdqfoYRzhFybH1gELdb1CjzbTNlv7vjENmbnXw33pUsOZeGHYQjmOno5hoB1dVE0IIeGrZZqNmXiDiiwR7zIIUMTTAoFguan2XBwdimQt0noYt3C7lQy2j64FhvCWZXZXlzo |
|
.google.ae/ | Name: __Secure-ENID Value: 17.SE=ZOs4vTI6HI-fDwAufQOBuLZOKHFUsJ3ZLQ7nqlQAKI5qvyxZyyAzlD4UhCCSHlEMCjlq0XAn3BBDbaybhJoGYSZI1IYt5d7JKunCUCsIvZ_w9AS9fNRJqK0KMTsaT0YP-saqLobV0vtaVxyNOzLtk7GUYTi6028DI8teON9MWKH7rKc |
|
.tinyurl.com/ | Name: __cf_bm Value: 9TVspl5tjekKtm7MOTr1dPPavVUKbe0TYeotUNcZt2A-1709022861-1.0-AZngI1ENB3u0rKCKh8zPyqOM6ZOC9U1yk++P8zgF21vDidGgNmS4t75K73QnLXNE+CyVn6AtMXTcErJXEhjO3Xk= |
|
.google.com/ | Name: __Secure-ENID Value: 17.SE=ubwWfgJWnR5JwfM0iwFXcq-e9Ff9Ww2xEpzK2S9WVbGxSfbY4SI-sGQ-dvIogE5vSl9ccsfQaVdxNs5S9A6ywmEolbBe5J5Er0quzBzhsCtYDWmVm8LFdDZRyyXwdMzRxos8N6CzX_dEWpHQZ_quFIaCaiLwHadoXOy2kj2BNBU |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
google.ae
google.es
login.lvdtbtkhpgb.click
logincdn.msauth.net
manulifeam-login.lvdtbtkhpgb.click
manulifeam-login.microsoftonline.lvdtbtkhpgb.click
manulifeam-www.lvdtbtkhpgb.click
maxcdn.bootstrapcdn.com
secure.aadcdn.microsoftonline-p.com
spoppe-b.azureedge.net
stackpath.bootstrapcdn.com
tinyurl.com
tzvu8fqqp.qhilrswrxr.shop
vmmojuh.lvdtbtkhpgb.click
wikipedia.com
www.google.ae
www.google.com
www.google.es
www.wikipedia.org
aadcdn.msauth.net
104.17.25.14
104.18.10.207
104.20.139.65
104.21.67.53
13.107.213.45
13.107.246.45
137.184.127.24
142.250.181.227
142.250.186.164
142.250.186.35
142.250.186.67
151.101.2.137
152.199.19.161
172.217.16.202
172.67.213.212
185.15.59.224
185.15.59.226
216.58.212.131
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
076adb70dec01ca99ad6325565ffdaabd47a3213e3224c26faa1d01100af9d31
29b7a9358abdc68c51db5a5af4a4f4e2e041a67527adee2366b1f84f116fe9a5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
314253e27fd3392df6c58f38e27abcabcd178ea709fdb738cda64708141dc105
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
395ac2049c0bede9ee7d4f58915c52104cb338ec2544483a8afd923dc0a2a2fa
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5d0992782b6d45c3153c0f4d096c48bba6a0fa8acf9f617dec1d04f15af96fb8
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
75038605ff9e35cc393e0ed8200069601c889100607cde67d2af68b9eb88e5d4
7a659e3b9a835c1585742ae9f3544481528ca7c7a9ec6cf93470f14d6291d9c8
825de044d5ac6442a094ff95099f9f67e9249a8110a2fbd57128285776632adb
833e4f5e3cebfe70b9687cf08afd5a3f47f1ef8ccf15013c573149954f08c7d8
86fd50197d175e54a0a41cfde6dca8061e60a9f4fdae4d2a1b88235b82e29666
94b9d1f65f9e2a5f7a3f5a77730182b91fbfc81a03228d28985e6d566c181ee4
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
b19808e35d2be36afee40661f06cc879b5d80e45929c75f1d6a852bb21143f72
b4e544b010077ceacf159dfdf566b37d06f8ab3c151e9561720e392b8f1ea38e
c98a51021441557bc974e25392d183705fbf3347345aa7e5adc7cae3ded0165a
cf5916e86bb18875db4e12ee5e799cce7b23bc1cd1ad721fb65d3879de629bec
d4b2aac3bcfbd9aa265d5640347ca941ed220ca43d067029dc078112e746cc9a
df23366e64df78ae0a6c6d46d94490107074b8f08450da606abd01a44814d696
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f237f435eb554271638068a47f5cc80ebae8ac4140a2a1c7e226c489e67fb0a9
fe51e51e5890cf5c1ec7a55bb137460d8d906c00ad60b3e1e686910cd93db59c