www.sharepoint.com-files-download.obligadoli.xyz Open in urlscan Pro
198.54.115.112 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sharepoint.com-files-download.obligadoli.xyz/
Submission: On December 23 via automatic, source certstream-suspicious (December 23rd 2020, 11:56:55 pm UTC)

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 198.54.115.112, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is www.sharepoint.com-files-download.obligadoli.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 23rd 2020. Valid for: a year.

This is the only time www.sharepoint.com-files-download.obligadoli.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
18	198.54.115.112 198.54.115.112	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
22	3

18 198.54.115.112 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server229-2.web-hosting.com

www.sharepoint.com-files-download.obligadoli.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

kit-free.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	obligadoli.xyz www.sharepoint.com-files-download.obligadoli.xyz	749 KB
3	fontawesome.com kit-free.fontawesome.com	97 KB
1	jquery.com code.jquery.com	79 KB
22	3

	Domain	Requested by
18	www.sharepoint.com-files-download.obligadoli.xyz	www.sharepoint.com-files-download.obligadoli.xyz
3	kit-free.fontawesome.com	www.sharepoint.com-files-download.obligadoli.xyz kit-free.fontawesome.com
1	code.jquery.com	www.sharepoint.com-files-download.obligadoli.xyz
22	3

This site contains no links.

Subject Issuer	Validity	Valid
sharepoint.com-files-download.obligadoli.xyz Sectigo RSA Domain Validation Secure Server CA	`2020-12-23` - `2021-12-23`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.sharepoint.com-files-download.obligadoli.xyz/
Frame ID: 061A1B59EF1F0D724354D831B5DC375B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

924 kB
Transfer

1573 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.sharepoint.com-files-download.obligadoli.xyz/	7 KB 2 KB	501ms 173ms	Document text/html	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash `c772eedf8f5200357b9044746d71231cd4804f8c073e51ad4f0685245048ceef` Request headers :method GET :authority www.sharepoint.com-files-download.obligadoli.xyz :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT server Apache x-powered-by PHP/7.2.34 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=8b546a77ec8cfc9029c5f37959002a72; path=/ vary Accept-Encoding content-encoding gzip content-length 2123 content-type text/html; charset=UTF-8
GET H2	200	jquery.min.js.download Show response www.sharepoint.com-files-download.obligadoli.xyz/	84 KB 29 KB	587ms 586ms	Script application/javascript	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/jquery.min.js.download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:32 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 29822
GET H2	200	jquery-3.1.1.min.js.download Show response www.sharepoint.com-files-download.obligadoli.xyz/	85 KB 30 KB	449ms 447ms	Script application/javascript	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/jquery-3.1.1.min.js.download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:32 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 30080
GET H2	200	jquery-3.3.1.js Show response code.jquery.com/	265 KB 79 KB	32ms 11ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.js Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad` Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Sat, 20 Jan 2018 17:26:44 GMT server nginx etag W/"5a637bd4-42587" vary Accept-Encoding x-hw 1608767788.dop220.fr8.t,1608767788.cds235.fr8.hn,1608767788.cds165.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80268
GET H2	200	bootstrap.min.css www.sharepoint.com-files-download.obligadoli.xyz/	141 KB 20 KB	311ms 310ms	Stylesheet text/css	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/bootstrap.min.css Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d` Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:34 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 20560
GET H2	200	css www.sharepoint.com-files-download.obligadoli.xyz/	1 KB 1 KB	167ms 166ms	Stylesheet text/plain	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/css Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `12c3862d7c4fcba287ee4789e488a5da0d002fbd559262b3f9652930a9f183a4` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT last-modified Mon, 25 May 2020 18:03:34 GMT server Apache accept-ranges bytes content-length 1329
GET H2	200	585b051251.js.download Show response www.sharepoint.com-files-download.obligadoli.xyz/	4 KB 2 KB	170ms 169ms	Script application/javascript	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/585b051251.js.download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b` Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:34 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1709
GET H2	200	free.min.css www.sharepoint.com-files-download.obligadoli.xyz/	58 KB 13 KB	586ms 585ms	Stylesheet text/css	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `980a31cf37ef159fd3ff7df7f4dd98df4c6f8132a824f0dd6a48927b80e7b2e0` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:36 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 12704
GET H2	200	free-v4-shims.min.css www.sharepoint.com-files-download.obligadoli.xyz/file/	26 KB 4 KB	169ms 168ms	Stylesheet text/css	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/file/free-v4-shims.min.css Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `a8f9c971cb1fdb238722b11da625491003082b87f64fa87d1a5b1057450ffd93` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:36 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4227
GET H2	200	logox.png www.sharepoint.com-files-download.obligadoli.xyz/	17 KB 17 KB	426ms 425ms	Image image/png	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/logox.png Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `6621675a14e6f8c5b13cfbaf380df6b9a25c58c0fb2b494bf8e1607ad78a05e4` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT last-modified Thu, 15 Oct 2020 07:57:26 GMT server Apache accept-ranges bytes content-length 17715 content-type image/png
GET H2	200	exlogo.png www.sharepoint.com-files-download.obligadoli.xyz/	3 KB 3 KB	166ms 166ms	Image image/png	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/exlogo.png Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `bca7a010a31b3fc32222b549ff5c5f2f0cf93363761bd29ceb5fcf2a89e7bb6e` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT last-modified Thu, 15 Oct 2020 07:59:40 GMT server Apache accept-ranges bytes content-length 2612 content-type image/png
GET H2	200	jquery-3.2.1.slim.min.js.download Show response www.sharepoint.com-files-download.obligadoli.xyz/	68 KB 24 KB	177ms 176ms	Script application/javascript	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/jquery-3.2.1.slim.min.js.download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:38 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 23898
GET H2	200	popper.min.js.download Show response www.sharepoint.com-files-download.obligadoli.xyz/	19 KB 7 KB	171ms 171ms	Script application/javascript	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/popper.min.js.download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:40 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 6911
GET H2	200	bootstrap.min.js.download Show response www.sharepoint.com-files-download.obligadoli.xyz/	48 KB 13 KB	447ms 446ms	Script application/javascript	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/bootstrap.min.js.download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 25 May 2020 18:03:40 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 13105
GET H2	200	bootstrap.min.js(1).download Show response www.sharepoint.com-files-download.obligadoli.xyz/	50 KB 50 KB	276ms 275ms	Script text/plain	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/bootstrap.min.js(1).download Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT last-modified Mon, 25 May 2020 18:03:42 GMT server Apache accept-ranges bytes content-length 51039
GET H2	200	bck.jpg www.sharepoint.com-files-download.obligadoli.xyz/	534 KB 534 KB	304ms 304ms	Image image/jpeg	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/bck.jpg Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash `a888037937dbbdc0c746ef197d6030c398c0a96eaafdd472b1bca406cfce9d95` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT last-modified Fri, 17 Jul 2020 03:55:44 GMT server Apache accept-ranges bytes content-length 546371 content-type image/jpeg
GET H2	404	free-fa-solid-900.woff2 www.sharepoint.com-files-download.obligadoli.xyz/webfonts/	0 0	421ms 421ms	Font text/html	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/webfonts/free-fa-solid-900.woff2 Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	free-v4-shims.min.css kit-free.fontawesome.com/releases/latest/css/	26 KB 5 KB	74ms 28ms	Stylesheet text/css	151.139.128.8 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://kit-free.fontawesome.com/releases/latest/css/free-v4-shims.min.css Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/585b051251.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash `cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 05 Oct 2020 16:00:41 GMT etag "1601913641" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-hw 1608767788.cds036.pa1.hn,1608767788.cds209.pa1.c content-type text/css access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, private, must-revalidate access-control-allow-methods GET accept-ranges bytes content-length 4429
GET H2	200	free.min.css kit-free.fontawesome.com/releases/latest/css/	59 KB 14 KB	74ms 29ms	Stylesheet text/css	151.139.128.8 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://kit-free.fontawesome.com/releases/latest/css/free.min.css Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/585b051251.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash `4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590` Request headers Referer https://www.sharepoint.com-files-download.obligadoli.xyz/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:28 GMT content-encoding gzip last-modified Mon, 05 Oct 2020 16:00:45 GMT etag "1601913645" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding x-hw 1608767788.cds036.pa1.hn,1608767788.cds027.pa1.c content-type text/css access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, private, must-revalidate access-control-allow-methods GET accept-ranges bytes content-length 13753
GET H2	404	free-fa-solid-900.woff www.sharepoint.com-files-download.obligadoli.xyz/webfonts/	0 0	327ms 327ms	Font text/html	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/webfonts/free-fa-solid-900.woff Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:29 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	free-fa-solid-900.ttf www.sharepoint.com-files-download.obligadoli.xyz/webfonts/	0 0	166ms 165ms	Font text/html	198.54.115.112 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.sharepoint.com-files-download.obligadoli.xyz/webfonts/free-fa-solid-900.ttf Requested by Host: www.sharepoint.com-files-download.obligadoli.xyz URL: https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.112 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server229-2.web-hosting.com Software Apache / Resource Hash Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://www.sharepoint.com-files-download.obligadoli.xyz/free.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:29 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	free-fa-solid-900.woff2 kit-free.fontawesome.com/releases/latest/webfonts/	78 KB 79 KB	70ms 24ms	Font font/woff2	151.139.128.8 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2 Requested by Host: kit-free.fontawesome.com URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash `01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d` Request headers Origin https://www.sharepoint.com-files-download.obligadoli.xyz Referer https://kit-free.fontawesome.com/releases/latest/css/free.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 23 Dec 2020 23:56:29 GMT last-modified Mon, 05 Oct 2020 16:12:05 GMT etag "1601914325" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, private, must-revalidate accept-ranges bytes content-length 80284 x-hw 1608767789.cds036.pa1.hn,1608767789.cds027.pa1.c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.sharepoint.com-files-download.obligadoli.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8b546a77ec8cfc9029c5f37959002a72

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
kit-free.fontawesome.com
www.sharepoint.com-files-download.obligadoli.xyz
151.139.128.8
198.54.115.112
2001:4de0:ac19::1:b:1a
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
12c3862d7c4fcba287ee4789e488a5da0d002fbd559262b3f9652930a9f183a4
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6621675a14e6f8c5b13cfbaf380df6b9a25c58c0fb2b494bf8e1607ad78a05e4
78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
980a31cf37ef159fd3ff7df7f4dd98df4c6f8132a824f0dd6a48927b80e7b2e0
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a888037937dbbdc0c746ef197d6030c398c0a96eaafdd472b1bca406cfce9d95
a8f9c971cb1fdb238722b11da625491003082b87f64fa87d1a5b1057450ffd93
bca7a010a31b3fc32222b549ff5c5f2f0cf93363761bd29ceb5fcf2a89e7bb6e
c772eedf8f5200357b9044746d71231cd4804f8c073e51ad4f0685245048ceef
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

www.sharepoint.com-files-download.obligadoli.xyz Open in urlscan Pro 198.54.115.112 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

924 kBTransfer

1573 kBSize

1 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

1 Cookies

Indicators

www.sharepoint.com-files-download.obligadoli.xyz Open in urlscan Pro
198.54.115.112 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

924 kB
Transfer

1573 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!