urlscan.io logo urlscan.io
SecurityTrails logo

eco-caviar-fiskshop.dk Open in urlscan Pro
2a03:6f00:1::5c35:60a2  Public Scan

Go To Rescan Add Verdict Report
URL: https://eco-caviar-fiskshop.dk/outlook.htm
Submission: On February 24 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 4 HTTP transactions. The main IP is 2a03:6f00:1::5c35:60a2, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is eco-caviar-fiskshop.dk.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 5th 2019. Valid for: 3 months.
This is the only time eco-caviar-fiskshop.dk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a03:6f00:1::... 9123 (TIMEWEB-AS)
3 3 137.49.1.224 393337 (UOFHARTFORD)
2 2 40.97.164.146 8075 (MICROSOFT...)
2 2 2603:1026:c06... 8075 (MICROSOFT...)
6 6 2603:1026:c06... 8075 (MICROSOFT...)
2 40.126.1.162 8075 (MICROSOFT...)
1 1 40.97.148.226 8075 (MICROSOFT...)
1 1 2603:1026:c06... 8075 (MICROSOFT...)
1 40.126.9.67 8075 (MICROSOFT...)
4 4
1    2a03:6f00:1::5c35:60a2 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
eco-caviar-fiskshop.dk
3    137.49.1.224 (West Hartford, United States)

ASN393337 (UOFHARTFORD - University of Hartford, US)
PTR: mail.hartford.edu
hawkmail.hartford.edu
2    40.97.164.146 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.com
2    2603:1026:c06:20::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
www.outlook.com
6    2603:1026:c06:2e::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.office365.com
2    40.126.1.162 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.microsoftonline.com
1    40.97.148.226 (Cheyenne, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
outlook.com
1    2603:1026:c06:29::2 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
www.outlook.com
1    40.126.9.67 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.microsoftonline.com
Domain Requested by
6 outlook.office365.com 6 redirects
3 login.microsoftonline.com eco-caviar-fiskshop.dk
3 www.outlook.com 3 redirects
3 outlook.com 3 redirects
3 hawkmail.hartford.edu 3 redirects
1 eco-caviar-fiskshop.dk
4 6

This site contains no links.

Subject Issuer Validity Valid
eco-caviar-fiskshop.dk
Let's Encrypt Authority X3		 2019-02-05 -
2019-05-06		 3 months crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 1		 2018-09-24 -
2020-09-24		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://eco-caviar-fiskshop.dk/outlook.htm
Frame ID: CDF92B57AC28EF575DBA69AEDB1B28E6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
Overall confidence: 50%
Detected patterns
  • html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i
Overall confidence: 50%
Detected patterns
  • html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i

Page Statistics

4
Requests

100 %
HTTPS

44 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

20 kB
Transfer

25 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://hawkmail.hartford.edu/owa/14.3.210.2/themes/resources/logon.css HTTP 302
  • https://outlook.com/hartford.edu HTTP 301
  • https://www.outlook.com/hartford.edu HTTP 301
  • https://outlook.office365.com/hartford.edu HTTP 302
  • https://outlook.office365.com/owa/hartford.edu HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1af17f75-6c27-474b-ac6f-fc94b306c5a1&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750517600439.2ddf6a5a-7f40-43be-b8f3-f72733a46858&state=DcvBDYAgDEBR0AkcBKiWtjhOCTTeTIjG9eXw_u1759w6LZOHGSeMXJiEgHZhgIxnPFozVtIgliFkrD3UYhhMDkHUzIWKn--W7k_TpeOxe7TY2_sD
Request Chain 1
  • https://hawkmail.hartford.edu/owa/14.3.210.2/themes/resources/owafont.css HTTP 302
  • https://outlook.com/hartford.edu HTTP 301
  • https://www.outlook.com/hartford.edu HTTP 301
  • https://outlook.office365.com/hartford.edu HTTP 302
  • https://outlook.office365.com/owa/hartford.edu HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1fe420aa-2f29-40d2-b044-f8d82f8d40a9&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750517575086.7b0c9330-3909-4746-8e70-2be5d4629de2&state=FYtBDoAgDMBAX-BDgMlgg-eAw3gjIRq_Lx7anqqVUutkmWiYUkxIiSJHiDv_SWS5wpERwWCGbAIHMqkxGF9blEA-S_N6vpvrb3FXGffZh9gmzwc
Request Chain 2
  • https://hawkmail.hartford.edu/owa/14.3.210.2/scripts/premium/flogon.js HTTP 302
  • https://outlook.com/hartford.edu HTTP 301
  • https://www.outlook.com/hartford.edu HTTP 301
  • https://outlook.office365.com/hartford.edu HTTP 302
  • https://outlook.office365.com/owa/hartford.edu HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=284ba094-4634-4585-8c6c-eab2145f128a&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750518174241.2dcdbf4c-8ac4-455c-8660-b0bcb68a8a3d&state=DYtBDoAgDMBAX-BDUNBt7Dsb03gjIRq_7w5temkMIczO5MTsCpUOYsKKGQuXCjuUdbdmekFLLA0SIHoR5aRZmxILy2HR32Xrn2y3jOfqw9bT3h8

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request outlook.htm
eco-caviar-fiskshop.dk/ 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eco-caviar-fiskshop.dk/outlook.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6f00:1::5c35:60a2 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
2baf30df11ad6cbda06129159230345c041b4144a89d59da46c2d5ee00356dcd

Request headers

:method
GET
:authority
eco-caviar-fiskshop.dk
:scheme
https
:path
/outlook.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx/1.14.1
date
Sun, 24 Feb 2019 03:17:30 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Sat, 23 Feb 2019 21:17:31 GMT
etag
W/"556e-582963c464fba"
content-encoding
gzip
authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • https://hawkmail.hartford.edu/owa/14.3.210.2/themes/resources/logon.css
  • https://outlook.com/hartford.edu
  • https://www.outlook.com/hartford.edu
  • https://outlook.office365.com/hartford.edu
  • https://outlook.office365.com/owa/hartford.edu
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
0
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1af17f75-6c27-474b-ac6f-fc94b306c5a1&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750517600439.2ddf6a5a-7f40-43be-b8f3-f72733a46858&state=DcvBDYAgDEBR0AkcBKiWtjhOCTTeTIjG9eXw_u1759w6LZOHGSeMXJiEgHZhgIxnPFozVtIgliFkrD3UYhhMDkHUzIWKn--W7k_TpeOxe7TY2_sD
Requested by
Host: eco-caviar-fiskshop.dk
URL: https://eco-caviar-fiskshop.dk/outlook.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.1.162 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eco-caviar-fiskshop.dk/outlook.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

X-BEServer
CWLP265MB0706
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-BackEndHttpStatus
302, 302
X-BackEnd-End
2019-02-24T03:17:31.761
X-CalculatedFETarget
CWLP265CU013.internal.outlook.com
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-CalculatedBETarget
CWLP265MB0706.GBRP265.PROD.OUTLOOK.COM
X-FEProxyInfo
CWLP265CA0305.GBRP265.PROD.OUTLOOK.COM
X-RUM-Validated
1
request-id
1af17f75-6c27-474b-ac6f-fc94b306c5a1
Content-Length
724
X-BackEnd-Begin
2019-02-24T03:17:31.759
X-UA-Compatible
IE=EmulateIE7
Server
Microsoft-IIS/10.0
Date
Sun, 24 Feb 2019 03:17:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1af17f75-6c27-474b-ac6f-fc94b306c5a1&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750517600439.2ddf6a5a-7f40-43be-b8f3-f72733a46858&state=DcvBDYAgDEBR0AkcBKiWtjhOCTTeTIjG9eXw_u1759w6LZOHGSeMXJiEgHZhgIxnPFozVtIgliFkrD3UYhhMDkHUzIWKn--W7k_TpeOxe7TY2_sD
X-DiagInfo
CWLP265MB0706
X-Content-Type-Options
nosniff
X-FEServer
CWLP265CA0305, LO2P265CA0324
authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • https://hawkmail.hartford.edu/owa/14.3.210.2/themes/resources/owafont.css
  • https://outlook.com/hartford.edu
  • https://www.outlook.com/hartford.edu
  • https://outlook.office365.com/hartford.edu
  • https://outlook.office365.com/owa/hartford.edu
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
0
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1fe420aa-2f29-40d2-b044-f8d82f8d40a9&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750517575086.7b0c9330-3909-4746-8e70-2be5d4629de2&state=FYtBDoAgDMBAX-BDgMlgg-eAw3gjIRq_Lx7anqqVUutkmWiYUkxIiSJHiDv_SWS5wpERwWCGbAIHMqkxGF9blEA-S_N6vpvrb3FXGffZh9gmzwc
Requested by
Host: eco-caviar-fiskshop.dk
URL: https://eco-caviar-fiskshop.dk/outlook.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.1.162 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eco-caviar-fiskshop.dk/outlook.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

X-BEServer
CWXP265MB1703
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-BackEndHttpStatus
302, 302
X-BackEnd-End
2019-02-24T03:17:31.758
X-CalculatedFETarget
CWLP265CU002.internal.outlook.com
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-CalculatedBETarget
CWXP265MB1703.GBRP265.PROD.OUTLOOK.COM
X-FEProxyInfo
CWLP265CA0048.GBRP265.PROD.OUTLOOK.COM
X-RUM-Validated
1
request-id
1fe420aa-2f29-40d2-b044-f8d82f8d40a9
Content-Length
723
X-BackEnd-Begin
2019-02-24T03:17:31.757
X-UA-Compatible
IE=EmulateIE7
Server
Microsoft-IIS/10.0
Date
Sun, 24 Feb 2019 03:17:31 GMT
Content-Type
text/html; charset=utf-8
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1fe420aa-2f29-40d2-b044-f8d82f8d40a9&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750517575086.7b0c9330-3909-4746-8e70-2be5d4629de2&state=FYtBDoAgDMBAX-BDgMlgg-eAw3gjIRq_Lx7anqqVUutkmWiYUkxIiSJHiDv_SWS5wpERwWCGbAIHMqkxGF9blEA-S_N6vpvrb3FXGffZh9gmzwc
X-DiagInfo
CWXP265MB1703
X-Content-Type-Options
nosniff
X-FEServer
CWLP265CA0048, LO2P265CA0322
authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain
  • https://hawkmail.hartford.edu/owa/14.3.210.2/scripts/premium/flogon.js
  • https://outlook.com/hartford.edu
  • https://www.outlook.com/hartford.edu
  • https://outlook.office365.com/hartford.edu
  • https://outlook.office365.com/owa/hartford.edu
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0...
0
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=284ba094-4634-4585-8c6c-eab2145f128a&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750518174241.2dcdbf4c-8ac4-455c-8660-b0bcb68a8a3d&state=DYtBDoAgDMBAX-BDUNBt7Dsb03gjIRq_7w5temkMIczO5MTsCpUOYsKKGQuXCjuUdbdmekFLLA0SIHoR5aRZmxILy2HR32Xrn2y3jOfqw9bT3h8
Requested by
Host: eco-caviar-fiskshop.dk
URL: https://eco-caviar-fiskshop.dk/outlook.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.9.67 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eco-caviar-fiskshop.dk/outlook.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

X-BEServer
LNXP265MB1129
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-BackEndHttpStatus
302
X-BackEnd-End
2019-02-24T03:17:31.818
X-FEServer
LO2P265CA0322
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server
Microsoft-IIS/10.0
X-RUM-Validated
1
request-id
284ba094-4634-4585-8c6c-eab2145f128a
Content-Length
723
X-BackEnd-Begin
2019-02-24T03:17:31.817
X-UA-Compatible
IE=EmulateIE7
X-CalculatedBETarget
LNXP265MB1129.GBRP265.PROD.OUTLOOK.COM
Date
Sun, 24 Feb 2019 03:17:31 GMT
Content-Type
text/html; charset=utf-8
Location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=284ba094-4634-4585-8c6c-eab2145f128a&protectedtoken=true&domain_hint=hartford.edu&nonce=636865750518174241.2dcdbf4c-8ac4-455c-8660-b0bcb68a8a3d&state=DYtBDoAgDMBAX-BDUNBt7Dsb03gjIRq_7w5temkMIczO5MTsCpUOYsKKGQuXCjuUdbdmekFLLA0SIHoR5aRZmxILy2HR32Xrn2y3jOfqw9bT3h8
X-DiagInfo
LNXP265MB1129
X-Content-Type-Options
nosniff
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ecdf56bf8a51301e8c84659c56754f78b3436a08e6fbc1b60011afa65e3b336

Request headers

Response headers

Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask number| a_fRC number| g_fFcs number| a_fLOff number| a_fCAC number| a_fEnbSMm function| IsMimeCtlInst function| RndMimeCtl function| RndMimeCtlHlpr

0 Cookies