sibaconsultores.com
Open in
urlscan Pro
162.214.75.94
Malicious Activity!
Public Scan
Submission: On January 28 via api from US — Scanned from US
Summary
This is the only time sibaconsultores.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 162.214.75.94 162.214.75.94 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
7 | 18.234.22.29 18.234.22.29 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b | 15133 (EDGECAST) (EDGECAST) | |
11 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: dedi-194041.virtualeduca.mx
sibaconsultores.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-22-29.compute-1.amazonaws.com
www.arcgis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
arcgis.com
www.arcgis.com — Cisco Umbrella Rank: 13628 |
121 KB |
3 |
sibaconsultores.com
sibaconsultores.com |
10 KB |
1 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943 |
2 KB |
11 | 3 |
Domain | Requested by | |
---|---|---|
7 | www.arcgis.com |
sibaconsultores.com
www.arcgis.com |
3 | sibaconsultores.com |
www.arcgis.com
|
1 | aadcdn.msftauth.net |
sibaconsultores.com
|
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.arcgis.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.arcgis.com Amazon RSA 2048 M01 |
2023-07-23 - 2024-08-20 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://sibaconsultores.com/homes.html
Frame ID: 3C94EE2BFF09C302660C050B758D028F
Requests: 11 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
homes.html
sibaconsultores.com/ |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
detector.min.js
www.arcgis.com/sharing/files/scripts/ |
619 B 568 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.css
www.arcgis.com/sharing/files/css/ |
70 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
www.arcgis.com/sharing/files/scripts/ |
646 B 609 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-dark.min.css
www.arcgis.com/sharing/files/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oauth2.js
www.arcgis.com/sharing/files/scripts/ |
370 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
domReady.js
www.arcgis.com/sharing/files/scripts/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-light.min.css
sibaconsultores.com/sharing/files/css/ |
2 B 207 B |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
09ab0626-bb45-4650-acc8-0182d693df02.woff2
www.arcgis.com/sharing/files/css/fonts/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
domReady.js
sibaconsultores.com/sharing/files/scripts/ |
2 B 208 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| setTheme object| oAuthInfo function| requirejs function| require function| define0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
sibaconsultores.com
www.arcgis.com
162.214.75.94
18.234.22.29
2606:2800:21f:1b88:6342:f8de:86c:e98b
04cd25bf99a2ba70bda5fbe43bf00f88f36f7b25e6bf803ee6ed6bb4cf4d8015
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
64a37e30d7b0f4bad7d92aed87aa29a7e26ae0ab24d10ad2a0b128d6af5dd36e
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7a61390da2f1200faa43b5296291e4035a110e4f3d7057c9f3bdfec834826794
9ebd1cdc26228ca1a58bb49293a992641557dbb1d130d5b6f8f77672e038a6a3
b666dbedda604a0fc2e14737568278b5adb7414a4799a090be0293c761a9a642
b75ef05280e1f739a55cf51261b02bee9c9e63f215bd0b69eafb63465edb0a21
d90cb22909a17a90f7957047526e960670dd1edb89492e57c8fccfa1fea59313
ed19e71532c13c0af247a2d62b1af56e459639ced8953e9ac8ae776aced92afc