update.eos-ski.si
Open in
urlscan Pro
213.157.243.59
Malicious Activity!
Public Scan
Effective URL: http://update.eos-ski.si/eos_files.html?id=info
Submission: On January 31 via automatic, source openphish — Scanned from DE
Summary
This is the only time update.eos-ski.si was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
36 | 213.157.243.59 213.157.243.59 | 21283 (A1SI-AS A...) (A1SI-AS A1 Slovenija) | |
3 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
39 | 2 |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
eos-ski.si
update.eos-ski.si |
2 MB |
3 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 943 |
49 KB |
39 | 2 |
Domain | Requested by | |
---|---|---|
36 | update.eos-ski.si |
update.eos-ski.si
aadcdn.msftauth.net |
3 | aadcdn.msftauth.net |
update.eos-ski.si
|
39 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
passwordreset.microsoftonline.com |
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://update.eos-ski.si/eos_files.html?id=info
Frame ID: 5FE2BDF09781789B2D5B4EC504050FA3
Requests: 17 HTTP requests in this frame
Frame:
http://update.eos-ski.si/files/prefetch.htm
Frame ID: 78915291D81A00675F22B763CE7D75DF
Requests: 7 HTTP requests in this frame
Frame:
http://update.eos-ski.si/files/prefetch_data/prefetch.htm
Frame ID: 77B30D0CBF71500C66982749FFC8DD53
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
- http://update.eos-ski.si/profile_update.php Page URL
- http://update.eos-ski.si/eos_files.html?id=info Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Forgot my password
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://update.eos-ski.si/profile_update.php Page URL
- http://update.eos-ski.si/eos_files.html?id=info Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
profile_update.php
update.eos-ski.si/ |
77 B 336 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
eos_files.html
update.eos-ski.si/ |
76 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
update.eos-ski.si/files/ |
0 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
converged.css
update.eos-ski.si/files/ |
106 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConvergedLogin_PCore_x0nO6m8fG7ZeYuac8AM0sw2.js
update.eos-ski.si/files/ |
419 KB 121 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.js
update.eos-ski.si/files/ |
42 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
convergedlogin_ppassword_d6cc7396cd18034977d2.js
update.eos-ski.si/files/ |
18 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bannerlogo10.png
update.eos-ski.si/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
update.eos-ski.si/files/ |
513 B 801 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
converged.css
update.eos-ski.si/files/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux.js
update.eos-ski.si/files/ |
0 13 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.htm
update.eos-ski.si/files/ Frame 7891 |
737 B 694 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration100.jpg
update.eos-ski.si/ |
257 KB 257 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills-bundle-7dc0d5b075a8655ec03c.js
update.eos-ski.si/files/ Frame 7891 |
0 31 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sharedscripts-46c2082441.js
update.eos-ski.si/files/ Frame 7891 |
0 15 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticscripts-e0bd7c2142.js
update.eos-ski.si/files/ Frame 7891 |
0 5 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-bundle-5c67a629d3d14738430d.js
update.eos-ski.si/files/ Frame 7891 |
0 251 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-bundle-f56e0ff941a3d2590519.css
update.eos-ski.si/files/ Frame 7891 |
0 13 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-default-desktop-652cc04392.svg
update.eos-ski.si/files/ Frame 7891 |
0 7 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.htm
update.eos-ski.si/files/prefetch_data/ Frame 77B3 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.js
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
648 KB 176 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot_004.js
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
644 KB 160 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot_003.js
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
647 KB 166 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot_002.js
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
645 KB 143 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.png
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
132 B 415 B |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.css
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
994 B 623 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.css
update.eos-ski.si/files/prefetch_data/prefetch_data/ Frame 77B3 |
227 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.0.mouse.js
update.eos-ski.si/files/prefetch_data/%5Efiles/ Frame 77B3 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
117 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.1.mouse.js
update.eos-ski.si/files/ Frame 77B3 |
644 KB 160 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watson.min_ybdb1ixzkv-fkor2mu6q6w2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
watson
update.eos-ski.si/common/handlers/ |
279 B 495 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
watson
update.eos-ski.si/common/handlers/ |
279 B 495 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.2.mouse.js
update.eos-ski.si/files/ Frame 77B3 |
647 KB 166 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.3.mouse.js
update.eos-ski.si/files/ Frame 77B3 |
645 KB 143 KB |
Stylesheet
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.png
update.eos-ski.si/files/ Frame 77B3 |
132 B 415 B |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.css
update.eos-ski.si/files/ Frame 77B3 |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.mouse.css
update.eos-ski.si/files/ Frame 77B3 |
227 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_ppassword_d6cc7396cd18034977d2 function| vladimir2 object| Telemetry function| __assign function| __extends function| $ function| jQuery object| $Api1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
update.eos-ski.si/ | Name: OWAPF Value: p:undefined01111011& |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
update.eos-ski.si
213.157.243.59
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
0c42aa87eccd3a813760d3bdf76916c7c97bca8fb6caf6dcf2a3f150a79cca23
0edef2f99395be4398797ed6c766fc909ed2092c1e3ca19700ecbfa4f84d0602
1a7fbb6f3b951698ab2307bf2b1165770ca78954c0ba375cb6282e5e5d819645
25be33b9b038763b73a8c8f0ed1e1ffc9cc50bda263b2071ec2b1ded1bcad182
2d7a11ba79b08b7c687e4a80e11e5004e2ce2786fa96666104bfe3a4289f658b
331d8bdccc50291d6598c40a737eae1fc20e5072005e22c88a7f84be94fdbfc1
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
37619b16288166cc76403f0b7df6586349b2d5628de00d5850c815d019b17904
37f5e27d8a11c76f1e1097da551bab8e1db77c51cbe91772648c0268adeb6565
3ab09a213eedd51a0eb0e4bc5e6e96c472032dd937420e7e233ea54775c7e024
425f054b330c3126e2f95a8b0bd9f2dd0ef03f033942be09c22082c3243a53ab
57c47f2938f0311134363cf0fec95f3e8f5575e4f486dd680fa8f027a26abd30
58eacd6958675b2640b9efb0344cace3298b5d60a4b2b6bb5654b7ebf15891a2
5a116c894e4519558933e293ec229ebc1414b720af33b9ac0bc2e6ee9e67cd49
6d1be7ed96dd494447f348986317faf64728ccf788be551f2a621b31ddc929ac
7d0e13bd6a070c63c7189f915f6c2e26bcf963cd5dede563fdb4780de0ca3a53
9e2fa5b1c0ba4c91d9afc33f57886a37ad853ed1a4ebb3e302ff36a416c73d04
b1d6e99878c5e8f1e134878f42889f79ebecb1e8e8afbf7cab462e1c84c2f441
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0
e371c7af11929d45596537e7f739e4cba6e06e9e8bfee3553848066d3dd893f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855