inner.website
Open in
urlscan Pro
2606:4700:20::681a:3aa
Malicious Activity!
Public Scan
Submission: On February 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2023. Valid for: a year.
This is the only time inner.website was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 2606:4700:20:... 2606:4700:20::681a:3aa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700:20:... 2606:4700:20::ac43:4a8b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cybeready.net
lp.cybeready.net |
200 KB |
5 |
inner.website
1 redirects
inner.website |
7 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
31 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
7 | lp.cybeready.net |
inner.website
lp.cybeready.net |
5 | inner.website |
1 redirects
inner.website
cdnjs.cloudflare.com |
2 | cdnjs.cloudflare.com |
inner.website
|
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.microsoftonline.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-17 - 2024-04-16 |
a year | crt.sh |
cybeready.net Cloudflare Inc ECC CA-3 |
2023-05-19 - 2024-05-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://inner.website/x2aa5c84ccc4364cbd1af4aa54azad298878.html
Frame ID: 50826E1F3D5D8138805C79F6D8D78545
Requests: 11 HTTP requests in this frame
Frame:
https://inner.website/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 5819E5E22899546E9BA5E778E1DF062D
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://inner.website/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://inner.website/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
x2aa5c84ccc4364cbd1af4aa54azad298878.html
inner.website/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sanitize.css
lp.cybeready.net/Forms/MS-online/ |
526 B 674 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
lp.cybeready.net/Forms/MS-online/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ |
82 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validator.js
lp.cybeready.net/Forms/MS-online/ |
1 KB 797 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing-page.js
lp.cybeready.net/common/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo.png
lp.cybeready.net/Forms/MS-online/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo.png
lp.cybeready.net/Forms/MS-online/ |
659 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heroillustration.jpg
lp.cybeready.net/Forms/MS-online/ |
192 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
inner.website/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 5819 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
85240646285774ae
inner.website/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5819 |
0 520 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
x2aa5c84ccc4364cbd1af4aa54azad298878.html
inner.website/ |
0 338 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| getcrrid function| $ function| jQuery object| validator2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.inner.website/ | Name: cf_clearance Value: 6GqRDErqJq5E3l3eXprESY_L9pjMP8K6l1SW08svrdI-1707396902-1-AVfBpxIk14q43yHMSZxAmhFzkqImJcQq2j5/tuE7bbkMHyX7hx20rTyuF5MeKzcroQDiNCGCUMhvnf1+Yav2J8c= |
|
inner.website/ | Name: requestid Value: 94c8df69a6fe8cf9c73c669f21acacab |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
inner.website
lp.cybeready.net
2606:4700:20::681a:3aa
2606:4700:20::ac43:4a8b
2606:4700::6811:190e
12534efd19cbc22653589a977c1d34536ca87b97cff8685c7c4cc9d32502ff53
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
42c3b447edeedb0e6a41c17a64ac65e1c38dd1a33722871399cd5aba83d0d9a8
4e9b51d07ce50cf3d2e065c34ba5f30d95d75227cd7642ae8d262d6772867e61
531af0d0ceaca3ebdc13b4285eb12ca7089f628a149e842c5a2205b959018e4c
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
614053027d354bbdf7fbc3becaab261fb1e00cccc4cfc1e38192c83943e68ff8
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca
7d07ffc8f9e7620f82bbc8d3930ebf428f185d6d3f8cde05580ecb3530c5bbea
94b7701b1b2fa80a6dd628584c6fcf311f4a02017334c77b0faa57c209443be1
bd5d2516f5c4a874a8f3d1c03b60ce1c33854626f0bb98ef55e56dda4e46db56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855