![](/screenshots/3f29f0b0-e808-48fe-bb7c-d1369d36040f.png)
www.sharepoint.com-files-download.obligadoli.xyz
Open in
urlscan Pro
198.54.115.112
Malicious Activity!
Public Scan
Submission: On December 23 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 23rd 2020. Valid for: a year.
This is the only time www.sharepoint.com-files-download.obligadoli.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 198.54.115.112 198.54.115.112 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 151.139.128.8 151.139.128.8 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
22 | 3 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server229-2.web-hosting.com
www.sharepoint.com-files-download.obligadoli.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
obligadoli.xyz
www.sharepoint.com-files-download.obligadoli.xyz |
749 KB |
3 |
fontawesome.com
kit-free.fontawesome.com |
97 KB |
1 |
jquery.com
code.jquery.com |
79 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
18 | www.sharepoint.com-files-download.obligadoli.xyz |
www.sharepoint.com-files-download.obligadoli.xyz
|
3 | kit-free.fontawesome.com |
www.sharepoint.com-files-download.obligadoli.xyz
kit-free.fontawesome.com |
1 | code.jquery.com |
www.sharepoint.com-files-download.obligadoli.xyz
|
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sharepoint.com-files-download.obligadoli.xyz Sectigo RSA Domain Validation Secure Server CA |
2020-12-23 - 2021-12-23 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sharepoint.com-files-download.obligadoli.xyz/
Frame ID: 061A1B59EF1F0D724354D831B5DC375B
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/3f29f0b0-e808-48fe-bb7c-d1369d36040f.png)
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.sharepoint.com-files-download.obligadoli.xyz/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
www.sharepoint.com-files-download.obligadoli.xyz/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.min.js.download
www.sharepoint.com-files-download.obligadoli.xyz/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
code.jquery.com/ |
265 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.sharepoint.com-files-download.obligadoli.xyz/ |
141 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
www.sharepoint.com-files-download.obligadoli.xyz/ |
1 KB 1 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
585b051251.js.download
www.sharepoint.com-files-download.obligadoli.xyz/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
www.sharepoint.com-files-download.obligadoli.xyz/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
www.sharepoint.com-files-download.obligadoli.xyz/file/ |
26 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logox.png
www.sharepoint.com-files-download.obligadoli.xyz/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exlogo.png
www.sharepoint.com-files-download.obligadoli.xyz/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js.download
www.sharepoint.com-files-download.obligadoli.xyz/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js.download
www.sharepoint.com-files-download.obligadoli.xyz/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js.download
www.sharepoint.com-files-download.obligadoli.xyz/ |
48 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js(1).download
www.sharepoint.com-files-download.obligadoli.xyz/ |
50 KB 50 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bck.jpg
www.sharepoint.com-files-download.obligadoli.xyz/ |
534 KB 534 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff2
www.sharepoint.com-files-download.obligadoli.xyz/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
kit-free.fontawesome.com/releases/latest/css/ |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
kit-free.fontawesome.com/releases/latest/css/ |
59 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff
www.sharepoint.com-files-download.obligadoli.xyz/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.ttf
www.sharepoint.com-files-download.obligadoli.xyz/webfonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ |
78 KB 79 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString function| Popper object| bootstrap function| turnOnPasswordStyle1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.sharepoint.com-files-download.obligadoli.xyz/ | Name: PHPSESSID Value: 8b546a77ec8cfc9029c5f37959002a72 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
kit-free.fontawesome.com
www.sharepoint.com-files-download.obligadoli.xyz
151.139.128.8
198.54.115.112
2001:4de0:ac19::1:b:1a
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
12c3862d7c4fcba287ee4789e488a5da0d002fbd559262b3f9652930a9f183a4
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6621675a14e6f8c5b13cfbaf380df6b9a25c58c0fb2b494bf8e1607ad78a05e4
78430aacded9bc766ca632d544407a3ded6eb62f7c296f29e668e21feefa5e3b
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
980a31cf37ef159fd3ff7df7f4dd98df4c6f8132a824f0dd6a48927b80e7b2e0
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a888037937dbbdc0c746ef197d6030c398c0a96eaafdd472b1bca406cfce9d95
a8f9c971cb1fdb238722b11da625491003082b87f64fa87d1a5b1057450ffd93
bca7a010a31b3fc32222b549ff5c5f2f0cf93363761bd29ceb5fcf2a89e7bb6e
c772eedf8f5200357b9044746d71231cd4804f8c073e51ad4f0685245048ceef
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b