urlscan.io logo urlscan.io
SecurityTrails logo

atleticfitness.com Open in urlscan Pro
202.43.45.134  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Submission: On October 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 202.43.45.134, located in Bangkok, Thailand and belongs to ISSP-AS Internet Solution & Service Provider Co., Ltd, TH. The main domain is atleticfitness.com.
This is the only time atleticfitness.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
5 202.43.45.134 24299 (ISSP-AS I...)
1 2a00:1288:110... 34010 (YAHOO-IRD)
6 2
Apex Domain
Subdomains		 Transfer
5 atleticfitness.com
atleticfitness.com
422 KB
1 yahoo.com
udc.yahoo.com
766 B
6 2
Domain Requested by
5 atleticfitness.com atleticfitness.com
1 udc.yahoo.com atleticfitness.com
6 2

This site contains links to these domains. Also see Links.

Domain
help.yahoo.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Frame ID: EC39E7F9C67ACC5D720EDFE8E3185AF5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^YAHOO$/i

Page Statistics

6
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

422 kB
Transfer

420 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
atleticfitness.com/msmsonline/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Protocol
HTTP/1.1
Server
202.43.45.134 Bangkok, Thailand, ASN24299 (ISSP-AS Internet Solution & Service Provider Co., Ltd, TH),
Reverse DNS
cloud-linux-04.chaiyohosting.com
Software
Apache / PleskLin
Resource Hash
370d0b4f0a85325e100b32fe5099bac8e7574da342b48c5965cb0fc583fb8a51

Request headers

Host
atleticfitness.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 16:07:13 GMT
Server
Apache
X-Powered-By
PleskLin
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
combo.css
atleticfitness.com/msmsonline/Settings_files/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atleticfitness.com/msmsonline/Settings_files/combo.css
Requested by
Host: atleticfitness.com
URL: http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Protocol
HTTP/1.1
Server
202.43.45.134 Bangkok, Thailand, ASN24299 (ISSP-AS Internet Solution & Service Provider Co., Ltd, TH),
Reverse DNS
cloud-linux-04.chaiyohosting.com
Software
Apache / PleskLin
Resource Hash
56509fcb8d84185984927217765bf1afab5b5e217a3c06377bf1388377bb0d1b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
atleticfitness.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Connection
keep-alive
Cache-Control
no-cache
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 16:07:14 GMT
Last-Modified
Wed, 10 Oct 2018 15:58:28 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a00fa0-7043-577e1ecd7afa7"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
28739
yahoo-main.css
atleticfitness.com/msmsonline/Settings_files/ 		213 KB
213 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://atleticfitness.com/msmsonline/Settings_files/yahoo-main.css
Requested by
Host: atleticfitness.com
URL: http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Protocol
HTTP/1.1
Server
202.43.45.134 Bangkok, Thailand, ASN24299 (ISSP-AS Internet Solution & Service Provider Co., Ltd, TH),
Reverse DNS
cloud-linux-04.chaiyohosting.com
Software
Apache / PleskLin
Resource Hash
758333df06112ff0bf02af1d8599ca9ebf5d312cc1bd99ba05da8e9814cefbfd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
atleticfitness.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Connection
keep-alive
Cache-Control
no-cache
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 16:07:14 GMT
Last-Modified
Wed, 10 Oct 2018 15:58:28 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a00fa4-3526e-577e1ecd8097f"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
217710
rapid-3.js
atleticfitness.com/msmsonline/Settings_files/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://atleticfitness.com/msmsonline/Settings_files/rapid-3.js
Requested by
Host: atleticfitness.com
URL: http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Protocol
HTTP/1.1
Server
202.43.45.134 Bangkok, Thailand, ASN24299 (ISSP-AS Internet Solution & Service Provider Co., Ltd, TH),
Reverse DNS
cloud-linux-04.chaiyohosting.com
Software
Apache / PleskLin
Resource Hash
bf6f8de5dd645d9c38fe0b2d2335970d32423c168674af9fd9ec025701d80798

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
atleticfitness.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Connection
keep-alive
Cache-Control
no-cache
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 16:07:14 GMT
Last-Modified
Wed, 10 Oct 2018 15:58:28 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a00fa2-b22a-577e1ecd7afa7"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
45610
bundle.js
atleticfitness.com/msmsonline/Settings_files/ 		125 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://atleticfitness.com/msmsonline/Settings_files/bundle.js
Requested by
Host: atleticfitness.com
URL: http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Protocol
HTTP/1.1
Server
202.43.45.134 Bangkok, Thailand, ASN24299 (ISSP-AS Internet Solution & Service Provider Co., Ltd, TH),
Reverse DNS
cloud-linux-04.chaiyohosting.com
Software
Apache / PleskLin
Resource Hash
98d6f0a61c8cd1c5c3ae2481e759909c7e9c0b0e8468f531db26904c92ca51f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
atleticfitness.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
Connection
keep-alive
Cache-Control
no-cache
Referer
http://atleticfitness.com/msmsonline/???hxxps://microsoftonline.com/cncelrqst/v8000839
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 12 Oct 2018 16:07:14 GMT
Last-Modified
Wed, 10 Oct 2018 15:58:28 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a00fa7-1f48f-577e1ecd80d67"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
128143
yql
udc.yahoo.com/v2/public/ 		0
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1197774520&yhlCT=2&yhlBTMS=1539360435488&yhlClientVer=3.50.3&yhlRnd=36kIq7HXSI7xq6ug&yhlCompressed=0
Requested by
Host: atleticfitness.com
URL: http://atleticfitness.com/msmsonline/Settings_files/rapid-3.js
Protocol
HTTP/1.1
Server
2a00:1288:110:c304::1000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://atleticfitness.com/
Origin
http://atleticfitness.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 12 Oct 2018 16:07:15 GMT
Via
http/1.1 o17.ycpi.ir2.yahoo.com (ApacheTrafficServer [cMs f ])
Referrer-Policy
no-referrer-when-downgrade
Server
ATS
Age
0
P3P
policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Access-Control-Allow-Origin
http://atleticfitness.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 01 Mar 1995 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oldError boolean| isGoodJS object| YUI_config object| I13N_config string| COMET_URL function| mbrSendError object| YAHOO object| jsModules boolean| mbrJSLoaded function| checkAssets number| lastApvTime

1 Cookies

Domain/Path Name / Value
.atleticfitness.com/ Name: rxx
Value: 1i1g8a1ihj1.1adwuv43&v=1