seg-seglog.live
Open in
urlscan Pro
151.106.97.215
Malicious Activity!
Public Scan
Effective URL: http://seg-seglog.live/login.php?micro=04,16,000000,30,Fri,%2016%20Apr%202021%2004:13:50%20+0000,21,04,13,50,4,4.bemvindo
Submission: On April 16 via manual from US
Summary
This is the only time seg-seglog.live was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.93.101.66 54.93.101.66 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 13.224.193.39 13.224.193.39 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2600:9000:20e... 2600:9000:20e8:7c00:1d:11cf:5800:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 35.173.63.32 35.173.63.32 | 14618 (AMAZON-AES) (AMAZON-AES) | |
9 | 151.106.97.215 151.106.97.215 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 192.229.221.185 192.229.221.185 | 15133 (EDGECAST) (EDGECAST) | |
18 | 8 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
unbouncepages.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-39.fra2.r.cloudfront.net
builder-assets.unbounce.com |
ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-63-32.compute-1.amazonaws.com
events.ub-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
seg-seglog.live
seg-seglog.live |
472 KB |
2 |
cloudfront.net
d34qb8suadcc4g.cloudfront.net |
32 KB |
2 |
unbounce.com
builder-assets.unbounce.com |
37 KB |
1 |
msauth.net
logincdn.msauth.net |
1 KB |
1 |
googleapis.com
fonts.googleapis.com |
614 B |
1 |
ub-analytics.com
events.ub-analytics.com |
343 B |
1 |
unbouncepages.com
unbouncepages.com |
3 KB |
18 | 7 |
Domain | Requested by | |
---|---|---|
9 | seg-seglog.live |
seg-seglog.live
unbouncepages.com |
2 | d34qb8suadcc4g.cloudfront.net |
unbouncepages.com
d34qb8suadcc4g.cloudfront.net |
2 | builder-assets.unbounce.com |
unbouncepages.com
|
1 | logincdn.msauth.net |
seg-seglog.live
|
1 | fonts.googleapis.com |
seg-seglog.live
|
1 | events.ub-analytics.com |
unbouncepages.com
|
1 | unbouncepages.com | |
18 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cloudfront.net DigiCert Global CA G2 |
2021-02-22 - 2022-02-21 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
identitycdn.msauth.net DigiCert SHA2 Secure Server CA |
2020-07-20 - 2021-07-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://seg-seglog.live/login.php?micro=04,16,000000,30,Fri,%2016%20Apr%202021%2004:13:50%20+0000,21,04,13,50,4,4.bemvindo
Frame ID: FCE5D806D2F6B15D57ECD80F46B6967D
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://unbouncepages.com/3453422345234523453452345234523452345567/ Page URL
- http://seg-seglog.live/login.php?micro=04,16,000000,30,Fri,%2016%20Apr%202021%2004:13:50%20+0000,21... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://unbouncepages.com/3453422345234523453452345234523452345567/ Page URL
- http://seg-seglog.live/login.php?micro=04,16,000000,30,Fri,%2016%20Apr%202021%2004:13:50%20+0000,21,04,13,50,4,4.bemvindo Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
unbouncepages.com/3453422345234523453452345234523452345567/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ub.js
d34qb8suadcc4g.cloudfront.net/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ |
104 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ |
98 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i
events.ub-analytics.com/ |
43 B 343 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
73902f66-7887-4ccd-bd2f-1cdb920a5116
http://unbouncepages.com/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.php
seg-seglog.live/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
seg-seglog.live/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-theme.min.css
seg-seglog.live/css/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 614 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
seg-seglog.live/js/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-vv.min.js
seg-seglog.live/js/ |
30 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
verificarUsuario.js
seg-seglog.live/js/ |
602 B 727 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.svg
seg-seglog.live/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
logincdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
webserver.php
seg-seglog.live/ |
450 B 635 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
003.jpg
seg-seglog.live/img/ |
418 KB 418 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| validation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
logincdn.msauth.net
seg-seglog.live
unbouncepages.com
13.224.193.39
151.106.97.215
192.229.221.185
2600:9000:20e8:7c00:1d:11cf:5800:93a1
2a00:1450:4001:801::200a
35.173.63.32
54.93.101.66
005b287d977c17d5cf6677103cc353babb47fa4c302ec8b5ea2c86817d8cb0d0
04cd045df80c1afa7672ca9d1566c1b1e892c2506196cd6c48046dd77f08fb11
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
26f89432f26835fdb007dbf41441a6f7440865cc0fbd0f36e880dc4c26d00d7d
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f9f71d96d253ecafb0d73e4cc37e7a4c843cc0d082c757c80cc5de8a0edc2df
45f31a2d176b9f061d1d9ca0d56f9bc87a1a99c4dbe8ac6341b6572bdf09adeb
49ef4eeff12b3edbfa4ba3f94939d95526ff7a634eb23a64a69791819abb8175
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
6bc21e325f9e92c5571194ff99852960f3e85876f69aaf05579c1e83ea2a0422
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
80c91304be4aae19bb772567e542db75010766d71e9ba4073e793fcfbbdd4aed
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a2d6ed29beb947d2a55c75373ac1cfe5a12cc81278a42c4ba0c70f556090aded
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ef483ba9c12b65c89278af42b7e5c83c68fae4d9ce6958bc692615312fcc46d1