fm.riggrodigital.com Open in urlscan Pro
103.117.212.186 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u20207536.ct.sendgrid.net/ls/click?upn=KI-2FTYxvv9a0cRy-2FKM3kdH6SissvFVd8wYSFK0MYZNAiA6Q1YA0GGdSded0HHONc1SddLKQvJrxKxS01...
Effective URL:
https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov
Submission: On March 29 via manual (March 29th 2021, 4:58:43 pm UTC) from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 103.117.212.186, located in India and belongs to WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN. The main domain is fm.riggrodigital.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 22nd 2021. Valid for: 3 months.

This is the only time fm.riggrodigital.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
8	103.117.212.186 103.117.212.186	133296 (WEBWERKS-...) (WEBWERKS-AS-IN Web Werks India Pvt. Ltd.)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
9	2

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u20207536.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.117.212.186 (India)

ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)
PTR: india1.ownmyserver.com

fm.riggrodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	riggrodigital.com fm.riggrodigital.com	622 KB
1	jquery.com code.jquery.com	33 KB
1	sendgrid.net 1 redirects u20207536.ct.sendgrid.net	258 B
9	3

	Domain	Requested by
8	fm.riggrodigital.com	fm.riggrodigital.com
1	code.jquery.com	fm.riggrodigital.com
1	u20207536.ct.sendgrid.net	1 redirects
9	3

This site contains no links.

Subject Issuer	Validity	Valid
fm.riggrodigital.com cPanel, Inc. Certification Authority	`2021-02-22` - `2021-05-23`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov
Frame ID: 6A6DF9B12473F59316100710BF037167
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u20207536.ct.sendgrid.net/ls/click?upn=KI-2FTYxvv9a0cRy-2FKM3kdH6SissvFVd8wYSFK0MYZNAiA6Q1YA0GGdSded0H... HTTP 302
https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

654 kB
Transfer

711 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u20207536.ct.sendgrid.net/ls/click?upn=KI-2FTYxvv9a0cRy-2FKM3kdH6SissvFVd8wYSFK0MYZNAiA6Q1YA0GGdSded0HHONc1SddLKQvJrxKxS0138qQH7x-2FGwgW-2BS5a-2BIreoxwgOoH0-3DINVk_3ocXwVqKSpLSjES61jKpdsmHP5wDLCnL-2BClRSoVbd0Qjdwv9zt3rPb80nlpXppUV3YRyvSvOxDSRfcndrjOTdYtMmIjGrqkcM8Gk1NdKXvc473KS4lY-2BDBG-2FD7yEJWeYLqKtEmwWizey9tjXUYkwuRW8bd0n-2FnuOyTZ3BMzrsQXu5yD-2F-2B74O4vSYYmyCjebNjkS0Wb7c0Q98Egzo4mYDVt3ERJL4iT2ECL9PjMEw3k4-3D HTTP 302
https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fm.riggrodigital.com/kpk/ Redirect Chain https://u20207536.ct.sendgrid.net/ls/click?upn=KI-2FTYxvv9a0cRy-2FKM3kdH6SissvFVd8wYSFK0MYZNAiA6Q1YA0GGdSded0HHONc1SddLKQvJrxKxS0138qQH7x-2FGwgW-2BS5a-2BIreoxwgOoH0-3DINVk_3ocXwVqKSpLSjES61jKpdsmHP... https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov	5 KB 5 KB	505ms 154ms	Document text/html	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Full URL https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `e67dd72e129254576b4de87bda6b4f5c2eaed8392662b5a99a36ddd557fa88d6` Request headers :method GET :authority fm.riggrodigital.com :scheme https :path /kpk/?email=abusch@cftc.gov pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:23 GMT server Apache content-type text/html; charset=UTF-8 Redirect headers Server nginx Date Mon, 29 Mar 2021 16:58:25 GMT Content-Type text/html; charset=utf-8 Content-Length 78 Connection keep-alive Location https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov X-Robots-Tag noindex, nofollow
GET H2	200	out.css fm.riggrodigital.com/kpk/fall/	8 KB 8 KB	151ms 151ms	Stylesheet text/css	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Full URL https://fm.riggrodigital.com/kpk/fall/out.css Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `a9e8782acba9715a98295879a4092a437efddc16a035a2ec8ba79e0a42a84007` Request headers Referer https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:23 GMT last-modified Thu, 27 Dec 2018 18:32:04 GMT server Apache accept-ranges bytes content-length 7808 content-type text/css
GET H2	200	jquery.min.js Show response code.jquery.com/	94 KB 33 KB	26ms 10ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery.min.js Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376` Request headers Referer https://fm.riggrodigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:26 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag W/"54499a48-1764d" vary Accept-Encoding x-hw 1617037106.dop141.fr8.t,1617037106.cds233.fr8.hc,1617037106.cds103.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33226
GET H2	200	dust.svg fm.riggrodigital.com/kpk/fall/	4 KB 4 KB	151ms 150ms	Image image/svg+xml	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Show image Full URL https://fm.riggrodigital.com/kpk/fall/dust.svg Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers Referer https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:23 GMT last-modified Thu, 27 Dec 2018 14:14:32 GMT server Apache accept-ranges bytes content-length 3651 content-type image/svg+xml
GET H2	200	aro.svg fm.riggrodigital.com/kpk/fall/	513 B 589 B	150ms 150ms	Image image/svg+xml	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Show image Full URL https://fm.riggrodigital.com/kpk/fall/aro.svg Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58` Request headers Referer https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:24 GMT last-modified Thu, 27 Dec 2018 16:00:02 GMT server Apache accept-ranges bytes content-length 513 content-type image/svg+xml
GET H2	200	na.svg fm.riggrodigital.com/kpk/fall/	756 B 809 B	155ms 154ms	Image image/svg+xml	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Show image Full URL https://fm.riggrodigital.com/kpk/fall/na.svg Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69` Request headers Referer https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:24 GMT last-modified Thu, 27 Dec 2018 14:24:00 GMT server Apache accept-ranges bytes content-length 756 content-type image/svg+xml
GET H2	200	nc.svg fm.riggrodigital.com/kpk/fall/	899 B 952 B	155ms 154ms	Image image/svg+xml	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Show image Full URL https://fm.riggrodigital.com/kpk/fall/nc.svg Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2` Request headers Referer https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:24 GMT last-modified Thu, 27 Dec 2018 14:33:56 GMT server Apache accept-ranges bytes content-length 899 content-type image/svg+xml
GET H2	200	nb.svg fm.riggrodigital.com/kpk/fall/	222 B 274 B	155ms 155ms	Image image/svg+xml	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Show image Full URL https://fm.riggrodigital.com/kpk/fall/nb.svg Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2` Request headers Referer https://fm.riggrodigital.com/kpk/?email=abusch@cftc.gov User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:24 GMT last-modified Thu, 27 Dec 2018 14:24:06 GMT server Apache accept-ranges bytes content-length 222 content-type image/svg+xml
GET H2	200	1ite.jpg fm.riggrodigital.com/kpk/fall/	598 KB 602 KB	154ms 154ms	Image image/jpeg	103.117.212.186 WEBWERKS-AS-IN We...
General Check archive.org Show headers Download Go to Show image Full URL https://fm.riggrodigital.com/kpk/fall/1ite.jpg Requested by Host: fm.riggrodigital.com URL: https://fm.riggrodigital.com/kpk/fall/out.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.117.212.186 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN), Reverse DNS india1.ownmyserver.com Software Apache / Resource Hash `339cb15f7e37fedeae3ef1d8355d0f2d4f7322f870636bd5a74956224f9aacdd` Request headers Referer https://fm.riggrodigital.com/kpk/fall/out.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 16:58:24 GMT last-modified Thu, 27 Dec 2018 14:06:38 GMT server Apache accept-ranges bytes content-length 612559 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fm.riggrodigital.com
u20207536.ct.sendgrid.net
103.117.212.186
167.89.123.122
2001:4de0:ac18::1:a:1b
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
339cb15f7e37fedeae3ef1d8355d0f2d4f7322f870636bd5a74956224f9aacdd
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2
a9e8782acba9715a98295879a4092a437efddc16a035a2ec8ba79e0a42a84007
b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2
e67dd72e129254576b4de87bda6b4f5c2eaed8392662b5a99a36ddd557fa88d6

fm.riggrodigital.com Open in urlscan Pro 103.117.212.186 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

654 kBTransfer

711 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

fm.riggrodigital.com Open in urlscan Pro
103.117.212.186 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

654 kB
Transfer

711 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!