![](/screenshots/425c7487-614b-437e-bc08-03e6f2f16cbf.png)
mail.hsitesreviewmail.com
Open in
urlscan Pro
103.148.42.2
Public Scan
Submission Tags: phishing malicious Search All
Submission: On September 28 via api from IT — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time mail.hsitesreviewmail.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.148.42.2 103.148.42.2 | 49645 (SOFT-EXPE...) (SOFT-EXPERT-AS) | |
1 | 1 |
ASN49645 (SOFT-EXPERT-AS, RO)
PTR: mta2.mail.soperfectmails.com
mail.hsitesreviewmail.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
hsitesreviewmail.com
mail.hsitesreviewmail.com |
635 B |
1 | 1 |
Domain | Requested by | |
---|---|---|
1 | mail.hsitesreviewmail.com | |
1 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.hsitesreviewmail.com R3 |
2021-08-30 - 2021-11-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mail.hsitesreviewmail.com/owl/show?vertical=18&template=sweeps-3&cid=4023&sId=42&svId=5&toUserId=V4HyV4JLVqF&secure=54ace0cc5d753b7b9f429412b356311e&mailId=c7bd18282fb48eb17c47fe39c232b743
Frame ID: A3E8E8251E682AFB9CFD603775B1D288
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() mail.hsitesreviewmail.com/owl/ |
35 B 635 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mail.hsitesreviewmail.com/ | Name: landing-coordinates Value: %7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22cid%22%3A%224023%22%2C%22shortname%22%3A%22owl_base%22%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mail.hsitesreviewmail.com
103.148.42.2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015