opens.nicepage.io
Open in
urlscan Pro
151.101.194.132
Malicious Activity!
Public Scan
Submission: On September 04 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.
This is the only time opens.nicepage.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 151.101.194.132 151.101.194.132 | 54113 (FASTLY) (FASTLY) | |
2 | 2a02:6ea0:e20... 2a02:6ea0:e200::2 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c06::5f | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:246... 2600:9000:246c:a200:6:4afb:9140:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 52.216.209.129 52.216.209.129 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c17::5e | 15169 (GOOGLE) (GOOGLE) | |
14 | 6 |
ASN60068 (CDN77 ^_^, GB)
static.nicepage.com | |
capp.nicepage.com |
ASN16509 (AMAZON-02, US)
cdn.mcauto-images-production.sendgrid.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
marketing-image-production.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
amazonaws.com
marketing-image-production.s3.amazonaws.com — Cisco Umbrella Rank: 45268 |
8 KB |
3 |
sendgrid.net
cdn.mcauto-images-production.sendgrid.net — Cisco Umbrella Rank: 18408 |
63 KB |
2 |
nicepage.com
static.nicepage.com capp.nicepage.com |
81 KB |
2 |
nicepage.io
opens.nicepage.io |
93 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41 |
2 KB |
14 | 6 |
Domain | Requested by | |
---|---|---|
5 | marketing-image-production.s3.amazonaws.com |
opens.nicepage.io
|
3 | cdn.mcauto-images-production.sendgrid.net |
opens.nicepage.io
|
2 | opens.nicepage.io |
opens.nicepage.io
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
opens.nicepage.io
|
1 | capp.nicepage.com |
opens.nicepage.io
|
1 | static.nicepage.com |
opens.nicepage.io
|
14 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.orimas.o2o.my |
www.facebook.com |
twitter.com |
instagram.com |
pinterest.com |
linkedin.com |
nicepage.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nicepage.io R3 |
2023-07-24 - 2023-10-22 |
3 months | crt.sh |
1832675839.rsc.cdn77.org R3 |
2023-06-29 - 2023-09-27 |
3 months | crt.sh |
1156509985.rsc.cdn77.org R3 |
2023-07-01 - 2023-09-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
cdn.mcauto-images-production.sendgrid.net Amazon RSA 2048 M02 |
2023-04-19 - 2024-05-17 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-03-21 - 2023-12-19 |
9 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://opens.nicepage.io/Page-1.html
Frame ID: 59CAC0DEF50AE398918BE39D96409F62
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Page 1Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: View Document
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Website Templates
Search URL Search Domain Scan URL
Title: Website Builder Software
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Page-1.html
opens.nicepage.io/ |
31 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nicepage.css
opens.nicepage.io/ |
915 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.9.1.min.js
static.nicepage.com/shared/assets/ |
90 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nicepage.js
capp.nicepage.com/7a416b186e7abe17a61deb139f0f799040d0396e/ |
147 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
52 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
469x107.png
cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/ef118e0f-126b-4dce-bb7e-15870d850db0/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
466x288.png
cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/fee04730-2e11-46f8-a27c-9d6fa89b1d97/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
149x87.png
cdn.mcauto-images-production.sendgrid.net/07d9ac8cc71e2271/2ca8985f-8769-4456-b98c-94a807c1ea45/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.png
marketing-image-production.s3.amazonaws.com/social/white/ |
746 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.png
marketing-image-production.s3.amazonaws.com/social/white/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram.png
marketing-image-production.s3.amazonaws.com/social/white/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pinterest.png
marketing-image-production.s3.amazonaws.com/social/white/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin.png
marketing-image-production.s3.amazonaws.com/social/white/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| cssBgParser function| ResponsiveMenu function| Dialog function| MailChimpForm object| jQuery19107938103431487737 object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader object| Utils object| Const object| Wait object| Previews function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| AnimationInfo function| CountUp function| CountUpAdapter function| CounterAnimation function| AnimateCssAnimation object| AnimationFactory object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint object| _npScrollAnchor function| _npScrollSpyInit function| ImageZoom function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig function| _npDialogsInit object| _responsive0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
capp.nicepage.com
cdn.mcauto-images-production.sendgrid.net
fonts.googleapis.com
fonts.gstatic.com
marketing-image-production.s3.amazonaws.com
opens.nicepage.io
static.nicepage.com
151.101.194.132
2600:9000:246c:a200:6:4afb:9140:93a1
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c17::5e
2a02:6ea0:e200::2
52.216.209.129
0154369b7faddde0dd9042555d53afab09935a99d1e4c035ba6dab3ba91e1728
035ffda1f12b59c12b3e8e702cf98d555634e088dacc3d4d6f836290ffe92cfc
31cd010d4129451a24e7a27700c8602fa695f7dc3e57f7189418e17c18605d2b
350e08d6c89250b2b21329e80037651b733cd1619e0861c78fca8494a4fcf754
40d145934118f5fa7dc39207d3f63992143bcd74d58f54ef0837b321df072029
4a9495f2f89c6d9dd257d696b1f0ef43e02196364c893ff313c13d71dc2dac66
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
9b126c3aad0ba7b56b9f36ccdc0de6ece3fd4abb5aaf4ddd8649ddb6dd0241e1
a6007bc753977879bb74f610f4c193eb5ac81648b8de4e0582554017c1ba1791
ad759fa2c31b5d717c304d14567cf436338b054b247bc10bdc736b394944d463
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cee502c5b67f76895134d68fd3a23374dc9b57e32ca42b72855ae5e33a541097
cf79c8dcb1bcdd4ef05c21b9e577369091315a6fca0f9a40c42005b20b18be60
d83af247def45828af6233ddafc93309bd81d5c64817a66b24e8b9ed572123ee