s.pointerpro.com
Open in
urlscan Pro
52.222.214.98
Malicious Activity!
Public Scan
Submission: On March 28 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 23rd 2023. Valid for: 3 months.
This is the only time s.pointerpro.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 52.222.214.98 52.222.214.98 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2600:9000:223... 2600:9000:223c:1800:11:371a:cbc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 34.242.253.164 34.242.253.164 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 54.157.13.3 54.157.13.3 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 192.229.221.185 192.229.221.185 | 15133 (EDGECAST) (EDGECAST) | |
23 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-98.fra56.r.cloudfront.net
s.pointerpro.com |
ASN16509 (AMAZON-02, US)
assets.pointerpro.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-253-164.eu-west-1.compute.amazonaws.com
api.pointerpro.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-13-3.compute-1.amazonaws.com
api.raygun.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
pointerpro.com
s.pointerpro.com — Cisco Umbrella Rank: 587431 assets.pointerpro.com — Cisco Umbrella Rank: 825395 api.pointerpro.com — Cisco Umbrella Rank: 789916 |
638 KB |
3 |
raygun.io
api.raygun.io — Cisco Umbrella Rank: 11859 |
292 B |
1 |
msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 3692 |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
13 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
973 B |
23 | 5 |
Domain | Requested by | |
---|---|---|
10 | s.pointerpro.com |
s.pointerpro.com
|
4 | assets.pointerpro.com |
s.pointerpro.com
|
3 | api.raygun.io |
s.pointerpro.com
|
3 | api.pointerpro.com |
s.pointerpro.com
|
1 | logincdn.msftauth.net | |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
s.pointerpro.com
|
23 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.pointerpro.com |
s3.amazonaws.com |
pointerpro.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
s.pointerpro.com Amazon RSA 2048 M01 |
2023-02-23 - 2023-06-07 |
3 months | crt.sh |
assets.pointerpro.com Amazon RSA 2048 M01 |
2023-02-22 - 2023-07-15 |
5 months | crt.sh |
api.pointerpro.com R3 |
2023-01-28 - 2023-04-28 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.raygun.io Amazon RSA 2048 M02 |
2022-10-11 - 2023-11-09 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06 |
2022-08-23 - 2023-08-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://s.pointerpro.com/eikdndyb
Frame ID: 91D5018F25E8C9244DD8B3650C8C4C14
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
365Detected technologies
RequireJS (JavaScript Frameworks) ExpandDetected patterns
- require.*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: supported browsers & devices
Search URL Search Domain Scan URL
Title: UPDATE NOW
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
eikdndyb
s.pointerpro.com/ |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raygun.min.778df06aaa34da64c056890e581f59f2.js
s.pointerpro.com/js/lib/ |
63 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_release_number.json
s.pointerpro.com/ |
145 B 605 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-bg-grey.png
assets.pointerpro.com/app/themes/backgrounds/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.a461e3e5d40c60e24730af4489d6973d.js
s.pointerpro.com/js/ |
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.34c80d13807677b758a458fae471e918.js
s.pointerpro.com/js/lib/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.74ded2460cb2257d91e8c2a2c50bce2f.js
s.pointerpro.com/js/ |
618 KB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.11709a790ed7c966209eff59a57c64d6.css
s.pointerpro.com/css/ |
142 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
connection_check.txt
s.pointerpro.com/ |
0 443 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
questiontype_views.78f79dbfa272c8d55ad41c7e5783e5b9.js
s.pointerpro.com/js/v/ |
111 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_views.eabef391a4ab86bb4f6a02eb6af676ca.js
s.pointerpro.com/js/v/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eikdndyb
api.pointerpro.com/v1/surveys/ |
13 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 973 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NfB0QCRhSSikxuMkXTYa_adwords.css
assets.pointerpro.com/survey/27954/design/ |
59 B 415 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7BYCUXeNSUW0qc9Np47H_background.jpg
assets.pointerpro.com/survey/3aec466a-fc4f-469b-a2f5-ab4be2b4ec78/images/ |
270 KB 270 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.raygun.io/ |
2 B 98 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EaG8fZORKSGQzoAwntQw_background.jpg
assets.pointerpro.com/survey/3aec466a-fc4f-469b-a2f5-ab4be2b4ec78/images/ |
80 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PUT H2 |
start
api.pointerpro.com/v1/surveys/225251/sessions/ |
16 B 376 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
logincdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
start
api.pointerpro.com/v1/surveys/225251/sessions/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.raygun.io/ |
2 B 97 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
api.raygun.io/ |
2 B 97 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| _localStorageData object| addthis_config object| _messageArr function| _showSnackBarMessage function| _onerror object| _baseDomain object| defaultDomainList boolean| _isWhiteLabel string| RaygunObject function| rg4js object| serviceWorkerMessageList function| serviceWorkerOnMessage object| SA function| raygunCoreWebVitalFactory function| raygunFactory function| raygunRumFactory object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunNetworkTrackingFactory function| raygunBreadcrumbsFactory object| Raygun function| Spinner function| _func object| timeoutList function| oldSetTimeout function| oldClearTimeout function| clearAllTimeouts object| intervalList function| oldSetInterval function| oldClearInterval function| clearAllIntervals object| App object| _Errors object| _origErrors object| t function| n function| $ object| o object| s object| c object| a object| e function| r object| u object| d function| p function| f function| jQuery function| applyFocusVisiblePolyfill boolean| DEVELOPMENT_ONLY undefined| Backbone function| SASlider function| _ undefined| require boolean| rendered0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pointerpro.com
api.raygun.io
assets.pointerpro.com
fonts.googleapis.com
fonts.gstatic.com
logincdn.msftauth.net
s.pointerpro.com
192.229.221.185
2600:9000:223c:1800:11:371a:cbc0:93a1
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
34.242.253.164
52.222.214.98
54.157.13.3
04c5c175714330e8e1385cc1e2ca24cde947a6451f6f2bd7b1ce512bb3d09095
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
3589c6a77d47a72ba7507a04c9af592a0300e9f055d8808aeaa1cf1b82459dea
414f83ba055b084340f916a282388cef07058d22f965ff081f412c61abb14faa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a7abc35eee14a115091377cc6a2b9009eda945c0ebec96521dee095ed6b4799
53dd1e0500d8c43a4a79e8ee638f4b5a100d88da17ebfa8c6d7c10ff320c1b38
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
6752a2382fd0e02e4b9c68f9593e3f20c69c622b109306da89aee2faf7c4525b
681468c31bc59d7af8d7e301d802d040c75fb2b3cc928efa531a730d990b1396
6ce9b616ed55e9e0eb86aaac45ed154b32d98d6bac5cf7374100035f99f58daa
81e629061045e1dedbe85fa27eae4feb2556c4e131a42008436c9752c2ac25ce
b0ae0d4a0dfbc7d4a991504eb447d2251352fb7b0126df2937d94599e5de63ec
ba1504a0c5b472635aa86ab4bf671096ed1d5d2ea95662465e8ca36c980b96de
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d0f035602c50165186dbe356c6e795129c644a7a462356657a15543d06de14cb
e267e40453d2ebc47dbd6ce79f03bae3d71f402956281774fe5737f098ecf46f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0ff2f6f212e08f5736007219defe5702b5aaf486d864fe6c974b493d4260d2a