mylegacytrace.com
Open in
urlscan Pro
178.17.170.136
Malicious Activity!
Public Scan
Submission: On August 26 via automatic, source phishtank
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 24th 2020. Valid for: 3 months.
This is the only time mylegacytrace.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 178.17.170.136 178.17.170.136 | 43289 (TRABIA) (TRABIA) | |
5 | 1 |
ASN43289 (TRABIA, MD)
PTR: mos.code2.prayingandrunning.com
mylegacytrace.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
mylegacytrace.com
mylegacytrace.com |
37 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
5 | mylegacytrace.com |
mylegacytrace.com
|
5 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sparebank1.no |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.mylegacytrace.com Let's Encrypt Authority X3 |
2020-08-24 - 2020-11-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mylegacytrace.com/Spare1-norge/Sms/IDLog-on/e0b0281ff9d0de7c1e8df97801b2b431/engangskode/Nets.html
Frame ID: 36B05AEB39EEF897D5A1DCBE88BF4A8F
Requests: 5 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Hjelp
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Nets.html
mylegacytrace.com/Spare1-norge/Sms/IDLog-on/e0b0281ff9d0de7c1e8df97801b2b431/engangskode/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screen.css
mylegacytrace.com/Spare1-norge/Sms/IDLog-on/e0b0281ff9d0de7c1e8df97801b2b431/engangskode/Nfiles/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commons.js.download
mylegacytrace.com/Spare1-norge/Sms/IDLog-on/e0b0281ff9d0de7c1e8df97801b2b431/engangskode/Nfiles/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
visa-mastercard.gif
mylegacytrace.com/Spare1-norge/Sms/IDLog-on/e0b0281ff9d0de7c1e8df97801b2b431/engangskode/Nfiles/ |
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Spare8ank_1_logo.svg
mylegacytrace.com/Spare1-norge/Sms/IDLog-on/e0b0281ff9d0de7c1e8df97801b2b431/engangskode/Nfiles/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| changeLanguage function| submitEnter function| dotToComma function| updateViewportOrientation function| onBodyLoad function| submitenter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mylegacytrace.com
178.17.170.136
03b60bdf8d51111dd68222fda3d4b0debbaa0b05d5735a9d7c6b577fbea5d8ca
16661d6259ebe8148e1a65426a10ac4c57f5e31406a4c93183e0c98c8681f95f
2da2729846948ccfd97ed924936cdc406a1037b4af9bf77d98027c1576d8f8cd
4240658116347f70eea6163be279c9c3680dd81cb5f06275bd6a733dab1a91fc
80e731fa1dcd9c77006521a1759e514277a9a5a880a85c74fabb1611c232c14e