serviceinternal.b-cdn.net
Open in
urlscan Pro
2400:52e0:1e00::1080:1
Malicious Activity!
Public Scan
Effective URL: https://serviceinternal.b-cdn.net/2resources147.html
Submission: On March 27 via manual from BE — Scanned from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 5th 2023. Valid for: a year.
This is the only time serviceinternal.b-cdn.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 213.167.81.22 213.167.81.22 | 60492 (MIMECAST-JE) (MIMECAST-JE) | |
1 1 | 195.130.217.180 195.130.217.180 | 42427 (MIMECAST-UK) (MIMECAST-UK) | |
4 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2400:52e0:1e0... 2400:52e0:1e00::1080:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 142.250.185.164 142.250.185.164 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.235.6.110 18.235.6.110 | 14618 (AMAZON-AES) (AMAZON-AES) | |
13 | 6 |
ASN60492 (MIMECAST-JE, GB)
PTR: jer-api.mimecast-offshore.com
url.jer.m.mimecastprotect.com |
ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
url.uk.m.mimecastprotect.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
assets-apj.mkt.dynamics.com | |
cxppusa1formui01cdnsa01-endpoint.azureedge.net |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-6-110.compute-1.amazonaws.com
image.thum.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
b-cdn.net
serviceinternal.b-cdn.net |
121 KB |
2 |
azureedge.net
cxppusa1formui01cdnsa01-endpoint.azureedge.net — Cisco Umbrella Rank: 456009 |
205 KB |
2 |
dynamics.com
assets-apj.mkt.dynamics.com — Cisco Umbrella Rank: 995690 public-apj.mkt.dynamics.com Failed |
8 KB |
2 |
mimecastprotect.com
2 redirects
url.jer.m.mimecastprotect.com — Cisco Umbrella Rank: 645626 url.uk.m.mimecastprotect.com — Cisco Umbrella Rank: 119999 |
3 KB |
1 |
thum.io
image.thum.io — Cisco Umbrella Rank: 249878 |
1 MB |
1 |
gstatic.com
t2.gstatic.com |
5 KB |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 5 |
18 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 728 |
31 KB |
0 |
bourbon-online.com
Failed
webmail.bourbon-online.com Failed |
|
13 | 9 |
Domain | Requested by | |
---|---|---|
3 | serviceinternal.b-cdn.net |
assets-apj.mkt.dynamics.com
serviceinternal.b-cdn.net |
2 | cxppusa1formui01cdnsa01-endpoint.azureedge.net |
assets-apj.mkt.dynamics.com
cxppusa1formui01cdnsa01-endpoint.azureedge.net |
2 | assets-apj.mkt.dynamics.com |
cxppusa1formui01cdnsa01-endpoint.azureedge.net
|
1 | image.thum.io |
serviceinternal.b-cdn.net
|
1 | t2.gstatic.com |
serviceinternal.b-cdn.net
|
1 | www.google.com | 1 redirects |
1 | ajax.googleapis.com |
serviceinternal.b-cdn.net
|
1 | url.uk.m.mimecastprotect.com | 1 redirects |
1 | url.jer.m.mimecastprotect.com | 1 redirects |
0 | webmail.bourbon-online.com Failed | |
0 | public-apj.mkt.dynamics.com Failed |
cxppusa1formui01cdnsa01-endpoint.azureedge.net
|
13 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
assets-apj.mkt.dynamics.com Microsoft Azure RSA TLS Issuing CA 07 |
2024-02-11 - 2025-02-05 |
a year | crt.sh |
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 07 |
2024-02-25 - 2025-02-19 |
a year | crt.sh |
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA |
2023-11-05 - 2024-11-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.thum.io Amazon RSA 2048 M01 |
2023-09-24 - 2024-10-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://serviceinternal.b-cdn.net/2resources147.html
Frame ID: BE16409012CF39B0DC18199FE3023E48
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Outlook Web AppPage URL History Show full URLs
-
https://url.jer.m.mimecastprotect.com/s/PGnACO7AZtZ3qRNIv_2v5
HTTP 307
https://url.uk.m.mimecastprotect.com/r/Z5-8ADclGfcb_-MvIEC6q-Zdrcx9nL8Pqk-7KuJzZZOSG35Bo1tDchFCDqlcR6xcSJ9maMdekH... HTTP 307
https://assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/c4547401-... Page URL
- https://serviceinternal.b-cdn.net/2resources147.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://url.jer.m.mimecastprotect.com/s/PGnACO7AZtZ3qRNIv_2v5
HTTP 307
https://url.uk.m.mimecastprotect.com/r/Z5-8ADclGfcb_-MvIEC6q-Zdrcx9nL8Pqk-7KuJzZZOSG35Bo1tDchFCDqlcR6xcSJ9maMdekHxoJz_oxERp68YLPrlyXtNYmv1qNHH7dc5FGH_odiR7MYKk4lMVgKykRSl3h67ADSIBrGhvUlY2AZBA4KGfR1Yvk62aMn-36EapnFzyZxPFMlBEz0fNd1RKOqQFoDbsqE7wUlxdhnEi9W4kkhQKHzC2H35X5TMHivfIv1CkGLeccagofBojEp0a8uJ_X8O5s-PbSM9BOvag0iZFfG--t75YUJl4MfXRjT8U_RhveTma2TCB9AmgjRyCSB7PibvMMh0foVNbDsWu1CEgT2wg8a2amavKF_Do4HTKZ9Y_iUchHrtFEd3XWSafMXUxOhFyUNnIApelrfcxaVgS35CC83_4EubGq_uv0Iku1SqoLWVQeCmo13v_sP9_MpZP90-HHdncNMULGcklrsFhOFfeqloS8OFPKzO5MyUKXeuMV1L307Dezmm_QMOTG5SqwS7KWCOoMCYIW13-L2cJJSwuVGNAYJzJMv10mUzV-2r5NCRxd0paIT5MECYCCX6krtzneMfXG0XugD6_62Bw6trc9XlaMZy3QY4k2EePCChbxnbJkHekOCZHFOpSEoaq6gJMuXk17JSkS-mHr3qIi1b6NZ7ck6KEbstN8vnKW-d8b76DtVbuejwlNdeMzOxlYuVFnNbye_Yb53NMAkMxyGFiKDTupLNdc11jvH-76LLI8mFmXWM0NXfrvjtB23wfD7A22Cqqv-PwgQjOBK3l0aiumTXoKAL3qa2nyJBkqbzj2AM_Pt03zkZNhgglKU2BwCoRDYqwVHPv-FL1LURMROkXt9H2Kk7wmc4zZHMbWHJrqUCZ03q5rkPkRnYS-fRy8VIdALeFipJuJO6FrUAUPgLJ8g71c7wuc_apVACTq1tn5r5fE7FiSQMvdtnGQUPhCa8meNTprXdHofIHTonNCWuqiy8RV0eAFd8DmYDFVlqXX70kyzrUnS9lzQ24v4_yXk8tVEab9SDY_a2_2oirlyOU9E5AoUmb8KdaDIBD8W9UXA0PDwcvmOFDJHQlXpoAbC2DxxsCgmGl-OOCHqD4xxWntVXTxDGhSWi_tzAeDFbKINZCX1hhm8XNLUzgrGpbssvaSLgLZmuHN7F3_-hTq53i0pSixFFyjiWkZ7qijhl5Nb9Ko3ybdeKJze9h8wyzZ084eMCY9sxMaZgn1H0eFb490EVn0W0uBVY6WMHrZDgG2CI88qtu3gRqjhf3ciPvU_mspXN4ypvoV8F91RxZ4NNVmxF8nbGOfFDgCTq8Am_w2UF9kgeRUEH_6NqJz-QAUjjErpJZXaN3MlG711w3qpsxU46POJN6Ap739F01LHMIiD8DDp8qOFUM_9oAHULhcctMu2zuYjjYxizE_MRWILpMD3kUjOdxyOrm3wt6mIBDlz4z1_3m3w4lTrgP_PFFFw6UFxxuJ_TC9kSlwiD55KP8-BQGNi83a2HEa2fR3_XUEFAzq0_vrNiFUOwpLweP5xWLH1qvUh3upx04-xXe2OaGxqSJ8_SE1PgcQdCpcHoFqUQdWastiuWzMPacvfCRuso05Gf9wMkk2vfJ6rimp6WWLbE2Ze2tpe85LWtakv21uoM5k2n4d2mrUNokbNfEscCMHen56LnvVqwyetEMB6B2T-oTXEv8DumyaHNndTzEblaCiC_2d_MbjtTGbypkKLSRK916XFbWZNj8Wk7PTaukznVG7Vkswb5uImh3L--bbHuDOUbXoTUYEv5HdvXB4P0GD4jf7UxZs1aNuoXcd4vdD4_r6NRUUQFVFo5S4wPzpfn4GWt0-XJk74auU_ML5S67X0V6Igxaws6cpMFHaumY4EfEW_LffQsSytlsavo9ji5YThLgScLp-zaiH4UoBn6I2jba92F7HWyDxS_T4ayu1He3zfOGj0AUgZeOPH4Cz4LrzriX2fVDGqtiVGRqX5Yeves0WIrVzh43hE1JtUYg1ir81gjtieVg3PMczk-Iw8X3-JqPq5yibIAgp8rQBwkDcL98ARQqKccxIKEQEGMWBmtuQX0h3X0M2K2wOfW3aP4SfAzfc_-LT639neAi8RUiE_d0lySjZnFuSVACXiirrZXruwcU2NlhYSij0nP5vZwpzFpdMps_VI8VKOFmL_Dn-H2OVxeBFxuUjEfs6b1GdtWgdvmpKTTj-PyLn3h_QSkKm6Eco0ekzdquVzX6yrGhhEVEgtJ7yxdYEetfQNqWGT6FGeKS4Nowk5ZJsD3HxQ64h4gE1UpFWYFVxbTIIVR8EMoSuBuidMfqaLumxVS9OYJak6R7Rs-bV4MVvAPJ9x_oTt0EzlbSG0mILOFcm7WvjB4DA1SmvQw4iT_NrS-5CrNI37mxIICPopF1qcRdCm6hmz5pD9eORqKjM-Ly13emA-TuD7lnAcebcZrHAlU_egrsG-GWxy6DLVePQX2wfzKvqO91nVHNVNhy8JFPGdO5C_5b054OtpIQOw HTTP 307
https://assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/c4547401-24ec-ee11-a1fd-6045bd2172c1 Page URL
- https://serviceinternal.b-cdn.net/2resources147.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://url.jer.m.mimecastprotect.com/s/PGnACO7AZtZ3qRNIv_2v5 HTTP 307
- https://url.uk.m.mimecastprotect.com/r/Z5-8ADclGfcb_-MvIEC6q-Zdrcx9nL8Pqk-7KuJzZZOSG35Bo1tDchFCDqlcR6xcSJ9maMdekHxoJz_oxERp68YLPrlyXtNYmv1qNHH7dc5FGH_odiR7MYKk4lMVgKykRSl3h67ADSIBrGhvUlY2AZBA4KGfR1Yvk62aMn-36EapnFzyZxPFMlBEz0fNd1RKOqQFoDbsqE7wUlxdhnEi9W4kkhQKHzC2H35X5TMHivfIv1CkGLeccagofBojEp0a8uJ_X8O5s-PbSM9BOvag0iZFfG--t75YUJl4MfXRjT8U_RhveTma2TCB9AmgjRyCSB7PibvMMh0foVNbDsWu1CEgT2wg8a2amavKF_Do4HTKZ9Y_iUchHrtFEd3XWSafMXUxOhFyUNnIApelrfcxaVgS35CC83_4EubGq_uv0Iku1SqoLWVQeCmo13v_sP9_MpZP90-HHdncNMULGcklrsFhOFfeqloS8OFPKzO5MyUKXeuMV1L307Dezmm_QMOTG5SqwS7KWCOoMCYIW13-L2cJJSwuVGNAYJzJMv10mUzV-2r5NCRxd0paIT5MECYCCX6krtzneMfXG0XugD6_62Bw6trc9XlaMZy3QY4k2EePCChbxnbJkHekOCZHFOpSEoaq6gJMuXk17JSkS-mHr3qIi1b6NZ7ck6KEbstN8vnKW-d8b76DtVbuejwlNdeMzOxlYuVFnNbye_Yb53NMAkMxyGFiKDTupLNdc11jvH-76LLI8mFmXWM0NXfrvjtB23wfD7A22Cqqv-PwgQjOBK3l0aiumTXoKAL3qa2nyJBkqbzj2AM_Pt03zkZNhgglKU2BwCoRDYqwVHPv-FL1LURMROkXt9H2Kk7wmc4zZHMbWHJrqUCZ03q5rkPkRnYS-fRy8VIdALeFipJuJO6FrUAUPgLJ8g71c7wuc_apVACTq1tn5r5fE7FiSQMvdtnGQUPhCa8meNTprXdHofIHTonNCWuqiy8RV0eAFd8DmYDFVlqXX70kyzrUnS9lzQ24v4_yXk8tVEab9SDY_a2_2oirlyOU9E5AoUmb8KdaDIBD8W9UXA0PDwcvmOFDJHQlXpoAbC2DxxsCgmGl-OOCHqD4xxWntVXTxDGhSWi_tzAeDFbKINZCX1hhm8XNLUzgrGpbssvaSLgLZmuHN7F3_-hTq53i0pSixFFyjiWkZ7qijhl5Nb9Ko3ybdeKJze9h8wyzZ084eMCY9sxMaZgn1H0eFb490EVn0W0uBVY6WMHrZDgG2CI88qtu3gRqjhf3ciPvU_mspXN4ypvoV8F91RxZ4NNVmxF8nbGOfFDgCTq8Am_w2UF9kgeRUEH_6NqJz-QAUjjErpJZXaN3MlG711w3qpsxU46POJN6Ap739F01LHMIiD8DDp8qOFUM_9oAHULhcctMu2zuYjjYxizE_MRWILpMD3kUjOdxyOrm3wt6mIBDlz4z1_3m3w4lTrgP_PFFFw6UFxxuJ_TC9kSlwiD55KP8-BQGNi83a2HEa2fR3_XUEFAzq0_vrNiFUOwpLweP5xWLH1qvUh3upx04-xXe2OaGxqSJ8_SE1PgcQdCpcHoFqUQdWastiuWzMPacvfCRuso05Gf9wMkk2vfJ6rimp6WWLbE2Ze2tpe85LWtakv21uoM5k2n4d2mrUNokbNfEscCMHen56LnvVqwyetEMB6B2T-oTXEv8DumyaHNndTzEblaCiC_2d_MbjtTGbypkKLSRK916XFbWZNj8Wk7PTaukznVG7Vkswb5uImh3L--bbHuDOUbXoTUYEv5HdvXB4P0GD4jf7UxZs1aNuoXcd4vdD4_r6NRUUQFVFo5S4wPzpfn4GWt0-XJk74auU_ML5S67X0V6Igxaws6cpMFHaumY4EfEW_LffQsSytlsavo9ji5YThLgScLp-zaiH4UoBn6I2jba92F7HWyDxS_T4ayu1He3zfOGj0AUgZeOPH4Cz4LrzriX2fVDGqtiVGRqX5Yeves0WIrVzh43hE1JtUYg1ir81gjtieVg3PMczk-Iw8X3-JqPq5yibIAgp8rQBwkDcL98ARQqKccxIKEQEGMWBmtuQX0h3X0M2K2wOfW3aP4SfAzfc_-LT639neAi8RUiE_d0lySjZnFuSVACXiirrZXruwcU2NlhYSij0nP5vZwpzFpdMps_VI8VKOFmL_Dn-H2OVxeBFxuUjEfs6b1GdtWgdvmpKTTj-PyLn3h_QSkKm6Eco0ekzdquVzX6yrGhhEVEgtJ7yxdYEetfQNqWGT6FGeKS4Nowk5ZJsD3HxQ64h4gE1UpFWYFVxbTIIVR8EMoSuBuidMfqaLumxVS9OYJak6R7Rs-bV4MVvAPJ9x_oTt0EzlbSG0mILOFcm7WvjB4DA1SmvQw4iT_NrS-5CrNI37mxIICPopF1qcRdCm6hmz5pD9eORqKjM-Ly13emA-TuD7lnAcebcZrHAlU_egrsG-GWxy6DLVePQX2wfzKvqO91nVHNVNhy8JFPGdO5C_5b054OtpIQOw HTTP 307
- https://assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/c4547401-24ec-ee11-a1fd-6045bd2172c1
- https://www.google.com/s2/favicons?domain=greenergy.com&sz=64 HTTP 301
- https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://greenergy.com&size=64
- https://webmail.bourbon-online.com/owa/14.3.513.0/themes/resources/favicon.ico HTTP 302
- https://webmail.bourbon-online.com/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.bourbon-online.com%2fowa%2f14.3.513.0%2fthemes%2fresources%2ffavicon.ico&reason=0
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
c4547401-24ec-ee11-a1fd-6045bd2172c1
assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/standaloneforms/ Redirect Chain
|
491 B 821 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FormLoader.bundle.js
cxppusa1formui01cdnsa01-endpoint.azureedge.net/apj/FormLoader/ |
694 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c4547401-24ec-ee11-a1fd-6045bd2172c1
assets-apj.mkt.dynamics.com/3432604b-b4e5-ee11-9049-000d3ac6dd9e/digitalassets/forms/ |
32 KB 7 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translation.json
cxppusa1formui01cdnsa01-endpoint.azureedge.net/apj/FormLoader/public/locales/en-us/ |
1 KB 995 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
2resources147.html
serviceinternal.b-cdn.net/ |
420 KB 120 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
visits
public-apj.mkt.dynamics.com/api/v1.0/orgs/3432604b-b4e5-ee11-9049-000d3ac6dd9e/landingpageforms/forms/c4547401-24ec-ee11-a1fd-6045bd2172c1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
visits
public-apj.mkt.dynamics.com/api/v1.0/orgs/3432604b-b4e5-ee11-9049-000d3ac6dd9e/landingpageforms/forms/c4547401-24ec-ee11-a1fd-6045bd2172c1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lgnexlogo.gif
serviceinternal.b-cdn.net/Outlook%20Web%20App_files/ |
678 B 678 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lgnbotr.gif
serviceinternal.b-cdn.net/Outlook%20Web%20App_files/ |
678 B 678 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
290 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
232 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
76 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
99 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t2.gstatic.com/ Redirect Chain
|
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
greenergy.com
image.thum.io/get/65490-1671030344805-37a36e07674665dbe1105f1044aab44d/width/1200/https:// |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logon.aspx
webmail.bourbon-online.com/owa/auth/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- public-apj.mkt.dynamics.com
- URL
- https://public-apj.mkt.dynamics.com/api/v1.0/orgs/3432604b-b4e5-ee11-9049-000d3ac6dd9e/landingpageforms/forms/c4547401-24ec-ee11-a1fd-6045bd2172c1/visits
- Domain
- public-apj.mkt.dynamics.com
- URL
- https://public-apj.mkt.dynamics.com/api/v1.0/orgs/3432604b-b4e5-ee11-9049-000d3ac6dd9e/landingpageforms/forms/c4547401-24ec-ee11-a1fd-6045bd2172c1/visits
- Domain
- webmail.bourbon-online.com
- URL
- https://webmail.bourbon-online.com/owa/auth/logon.aspx?url=https%3a%2f%2fwebmail.bourbon-online.com%2fowa%2f14.3.513.0%2fthemes%2fresources%2ffavicon.ico&reason=0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| _0x1a1f function| _0x174902 function| _0x57aa function| $ function| jQuery function| _0x427757 function| _0x470bcb function| _0x588508 function| _0x59da function| _0x4e1ad6 function| _0x3b69 function| _0xb94714 function| _0x260a66 function| _0x536212 function| _0xc678b8 function| _0x10e29e function| _0x1935 function| _0x4b72aa function| showEl function| hideEl function| _0x43e578 number| g_fFcs0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets-apj.mkt.dynamics.com
cxppusa1formui01cdnsa01-endpoint.azureedge.net
image.thum.io
public-apj.mkt.dynamics.com
serviceinternal.b-cdn.net
t2.gstatic.com
url.jer.m.mimecastprotect.com
url.uk.m.mimecastprotect.com
webmail.bourbon-online.com
www.google.com
public-apj.mkt.dynamics.com
webmail.bourbon-online.com
142.250.185.164
18.235.6.110
195.130.217.180
213.167.81.22
2400:52e0:1e00::1080:1
2620:1ec:bdf::45
2a00:1450:4001:808::2004
2a00:1450:4001:80f::200a
2934659cf06ca3ba6b87e7b5b64cbfb54ac6d85ffd2dd3428eecc741e3eac732
301ab4a659a609d5ddc2155d403291d1de337b7adf437aa3db4d2e77560aadb4
472a298697e1f307ec09f5052aea428a947d156c628f6ed4d6f92ea668871561
491377db69c365d489c88bd4ac641d341b52e6a70b034390a5fc3d161268bca5
779b4fbe4a213e68edb39d99832b2eb3c3eeceb8dc06004ee5bffa104a56b239
77ced2e5d2bc9e62715d3450cc91cb2fd42c9b1354a9bf8ca316969cc5633a02
7acfa3d76cd77b3aba2cb0e53c167a116ed8d8c104bd4df1345a32854e658519
7cc623ae411b358d670e9a9da00770e719e99facc6e49a94f07eca2a086aa88e
a1b9737661e01a0f00db4f5292d1366a5b06421ba6c27afbf370b801ee3f73b4
be17924f6d0d8a6ece9dc5666983fe23af7d0e67eed9c64b279ec71a9b95143b
cf4dfde05d0d871e2ef8485694acdf47c96a6d3a772ff114b52a15fe39b8e081
e7c8f9a8eeec5e657afb08a443c61ba96fa843168626ea5a68a0ca58d444bcb0
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcfdd4889011e5d982bab2a6a3ea3b9116d1f844a62b4810fe40bd66814c6bcf