www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com
Open in
urlscan Pro
192.236.178.180
Malicious Activity!
Public Scan
Submission: On November 23 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by mail-logging-user-data-authenticate-l... on November 23rd 2020. Valid for: a year.
This is the only time www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 192.236.178.180 192.236.178.180 | 54290 (HOSTWINDS) (HOSTWINDS) | |
11 | 1 |
ASN54290 (HOSTWINDS, US)
PTR: main-techno.com
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
main-techno.com
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com |
127 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com |
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail-logging-user-data-authenticate-lturn-suport.main-techno.com mail-logging-user-data-authenticate-lturn-suport.main-techno.com |
2020-11-23 - 2021-11-23 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/
Frame ID: 59B043EA6EAEC5B7023A0C1E92A7F191
Requests: 9 HTTP requests in this frame
Frame:
https://www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ad.htm
Frame ID: 9D9F82A083729CE5B23ACE0057A51408
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c_005.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
83 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c_004.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
322 B 168 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
5 KB 894 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c_006.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
186 B 144 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c_007.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
238 B 223 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c_003.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
2 KB 585 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c_002.css
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
93 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
be2x.png
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad.htm
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ Frame 9D9F |
2 KB 748 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com/inss/ Frame 9D9F |
86 KB 86 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| validateForm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.mail-logging-user-data-authenticate-lturn-suport.main-techno.com
192.236.178.180
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
2b68fcdbe54949961ad0170cfb4d5afa283dbd3323dbe35075a973313cfbd7be
6f0a4c9dbc8aac0c0d34d5eafe6826ef75517ff85693e7b05ab8475149883e20
77b08d0895f0256d7f38b2728c9b9919ba7b5fdd1203cebfc4c9ee7f42ebb7cd
826e7f63ef77cb3e746e640a76fca84793e1239baa88737b1a21dc97c6c3593e
9d049eeaa8e0f644236c44f06c4eb50bfcdc87d21f2f2fc48ee375aa02039a99
b319bc535eb60c1c6d165053bfd5f18207793471835092152bd1e3bb1557a88d
be246bda1aed8741ae3c1059406ee6542927e8a7aac82579928b3b6c048ce295
c44e366d801dbcaa60cf116d23c636f82360f9d04addde7a8eb281a47be837a6
cf09d29de356543e9ac39b3c9316be23511b56eabc7148687b3c182be3dacb84
d47c44923797de4a53c80389b7d0a44e2a135870d3b6827ad07dcfdf27fda88c