ms.uniccongroup.com - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 154.120.65.34, located in Abuja, Nigeria and belongs to Spectranet, NG. The main domain is ms.uniccongroup.com.
TLS certificate: Issued by R3 on February 11th 2024. Valid for: 3 months.

This is the only time ms.uniccongroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
7	154.120.65.34 154.120.65.34		37340 (Spectranet) (Spectranet)
7	1

7 154.120.65.34 (Abuja, Nigeria)

ASN37340 (Spectranet, NG)

ms.uniccongroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	uniccongroup.com ms.uniccongroup.com	7 KB
7	1

	Domain	Requested by
7	ms.uniccongroup.com	ms.uniccongroup.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
ms.uniccongroup.com R3	`2024-02-11` - `2024-05-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ms.uniccongroup.com/
Frame ID: 8D2DAB934DC6373F165514D04276D929
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your Microsoft account

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

7 kB
Transfer

16 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ms.uniccongroup.com/	4 KB 1004 B	772ms 254ms	Document text/html	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Full URL https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `3820b42a25ea032d8a3f4763144bc17810577b5807970d7f7613be0a390705cc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding br content-type text/html date Wed, 14 Feb 2024 23:45:09 GMT etag W/"65c8b592-e6d" last-modified Sun, 11 Feb 2024 11:54:58 GMT server nginx x-powered-by PleskLin
GET H2	200	app.css ms.uniccongroup.com/assets/	5 KB 2 KB	256ms 254ms	Stylesheet text/css	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Full URL https://ms.uniccongroup.com/assets/app.css Requested by Host: ms.uniccongroup.com URL: https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `197c76c1a2269a85ae84d0b33d64e0381d0cca1f4651f81a2a15476c9f3919f9` Request headers accept-language en-US,en;q=0.9 Referer https://ms.uniccongroup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 23:45:10 GMT content-encoding br last-modified Sun, 11 Feb 2024 11:55:06 GMT server nginx etag W/"65c8b59a-152a" x-powered-by PleskLin content-type text/css
GET H2	200	logo.png ms.uniccongroup.com/assets/	1 KB 2 KB	260ms 259ms	Image image/png	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Show image Full URL https://ms.uniccongroup.com/assets/logo.png Requested by Host: ms.uniccongroup.com URL: https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `8702292cbc365e9f0488143e2b309b85efe09c61fd2e0a2e21c53735a309313c` Request headers accept-language en-US,en;q=0.9 Referer https://ms.uniccongroup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 23:45:10 GMT last-modified Sun, 11 Feb 2024 11:55:06 GMT server nginx etag "65c8b59a-578" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 1400
GET H2	200	question.png ms.uniccongroup.com/assets/	412 B 581 B	267ms 266ms	Image image/png	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Show image Full URL https://ms.uniccongroup.com/assets/question.png Requested by Host: ms.uniccongroup.com URL: https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `e8d06c0a072a671e5843de9a12f4cd826ca5e17bbeb4c57ee9c410ee878998e8` Request headers accept-language en-US,en;q=0.9 Referer https://ms.uniccongroup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 23:45:10 GMT last-modified Sun, 11 Feb 2024 11:55:06 GMT server nginx x-accel-version 0.01 etag "19c-61119d5051a80" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 412
GET H2	200	key.png ms.uniccongroup.com/assets/	727 B 896 B	263ms 261ms	Image image/png	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Show image Full URL https://ms.uniccongroup.com/assets/key.png Requested by Host: ms.uniccongroup.com URL: https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652` Request headers accept-language en-US,en;q=0.9 Referer https://ms.uniccongroup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 23:45:10 GMT last-modified Sun, 11 Feb 2024 11:55:06 GMT server nginx x-accel-version 0.01 etag "2d7-61119d5051a80" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 727
GET H2	200	back.png ms.uniccongroup.com/assets/	231 B 399 B	258ms 258ms	Image image/png	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Show image Full URL https://ms.uniccongroup.com/assets/back.png Requested by Host: ms.uniccongroup.com URL: https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4` Request headers accept-language en-US,en;q=0.9 Referer https://ms.uniccongroup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 23:45:10 GMT last-modified Sun, 11 Feb 2024 11:55:06 GMT server nginx x-accel-version 0.01 etag "e7-61119d5051a80" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 231
GET H2	200	app.js Show response ms.uniccongroup.com/assets/	4 KB 1 KB	263ms 262ms	Script text/javascript	154.120.65.34 Spectranet
General Check archive.org Show headers Download Go to Full URL https://ms.uniccongroup.com/assets/app.js Requested by Host: ms.uniccongroup.com URL: https://ms.uniccongroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.120.65.34 Abuja, Nigeria, ASN37340 (Spectranet, NG), Reverse DNS Software nginx / PleskLin Resource Hash `9208a0b3d9f6999475169677c079e00089cf3102143eac8bcbfbc9daaf1aaa37` Request headers accept-language en-US,en;q=0.9 Referer https://ms.uniccongroup.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 23:45:10 GMT content-encoding br last-modified Sun, 11 Feb 2024 12:33:40 GMT server nginx etag W/"65c8bea4-1085" x-powered-by PleskLin content-type text/javascript

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| pwdVal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ms.uniccongroup.com
154.120.65.34
197c76c1a2269a85ae84d0b33d64e0381d0cca1f4651f81a2a15476c9f3919f9
3820b42a25ea032d8a3f4763144bc17810577b5807970d7f7613be0a390705cc
40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652
70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4
8702292cbc365e9f0488143e2b309b85efe09c61fd2e0a2e21c53735a309313c
9208a0b3d9f6999475169677c079e00089cf3102143eac8bcbfbc9daaf1aaa37
e8d06c0a072a671e5843de9a12f4cd826ca5e17bbeb4c57ee9c410ee878998e8

ms.uniccongroup.com Open in urlscan Pro 154.120.65.34 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

7 kBTransfer

16 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

ms.uniccongroup.com Open in urlscan Pro
154.120.65.34 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

7 kB
Transfer

16 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!