www.isecuredigital.co.za
Open in
urlscan Pro
154.0.173.94
Malicious Activity!
Public Scan
Effective URL: https://www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/enterprise.php?check&nocache=page2&alt....
Submission: On February 02 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 29th 2018. Valid for: 3 months.
This is the only time www.isecuredigital.co.za was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 52.16.42.78 52.16.42.78 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
16 | 154.0.173.94 154.0.173.94 | 37611 (Afrihost) (Afrihost) | |
17 | 2 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-42-78.eu-west-1.compute.amazonaws.com
sams.droppages.com |
ASN37611 (Afrihost, ZA)
PTR: sevenc.dedicated.co.za
www.isecuredigital.co.za |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
isecuredigital.co.za
www.isecuredigital.co.za |
107 KB |
1 |
droppages.com
sams.droppages.com |
516 B |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | www.isecuredigital.co.za |
www.isecuredigital.co.za
|
1 | sams.droppages.com | |
17 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
isecuredigital.co.za Let's Encrypt Authority X3 |
2018-01-29 - 2018-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/enterprise.php?check&nocache=page2&alt.done=rem&docs&=gifpdf&1cvIrMuyvVOn8p2vv9
Frame ID: (C4314E085EA8D73D7C1B0E700505281B)
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://sams.droppages.com/ Page URL
- https://www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/index.php Page URL
- https://www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/enterprise.php?chec... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://sams.droppages.com/ Page URL
- https://www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/index.php Page URL
- https://www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/enterprise.php?check&nocache=page2&alt.done=rem&docs&=gifpdf&1cvIrMuyvVOn8p2vv9 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
sams.droppages.com/ |
147 B 516 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.php
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/ |
124 B 372 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
enterprise.php
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bodycontainer.css
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
html5modal.css
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/css/ |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
181x45_dropboxlogo.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
referral_34x54.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gm.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ym.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alo.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
htm.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owa-logo.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user-image.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whosint_230x17_1x.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e-mai.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
h-a2016.png
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up-456x115.gif
www.isecuredigital.co.za/wp-content/themes/twentyseventeen/assets/css/sauseit/pro/imgs/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| validations undefined| testresults function| checkemail function| checkbae0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sams.droppages.com
www.isecuredigital.co.za
154.0.173.94
52.16.42.78
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
27f8488c68cd9d2f41042994b06349f8fe0cb80a9a26ac58d9689c361dcf3021
3270d5011578222588e3bff1fa76b5f9c9f4357aa4bd3e781673a55efe418d9e
816529130037d32a1ec5690026d37e6c5e6cf0b1f174e19bd99d0a4dd2681c12
8579334c5da8f2a189d6aff378567a31a8ef3bd7ca43b02ec97d8a92f0321f6f
87131be39040b24936fae8b4f6d895ab5bde9b1dbbfac026cebe349af8abef3c
8c7aba64946c8c105c5275a8cb69ce2f126d946004dd9c6b8f46f9a68d174ea7
9441ce8f2f433f3e98ccce95a9835bb5bf514abde3533a4da74d6a9ed221407c
a1e8c9c44ee3e5453c93e6e1ea744839619b6cad7318fb62358e8c4f5cd0e7ee
a423107440361d58c8afac5dccd49ef06222a476b8cee36c747c84b062816c80
bbe0ad7fe890a21ef00f6af4d1d598af0932196982248920d96da3bacf647533
c434278a565f2d11c788fa2d6b9df770cbcdf1f8d381ae0fad208c2f8d6b9d6e
d3221cb1843c38ba3dbb1a20629b9cb9b4b0ae47a7b8a86eee43b5026ff3ac85
ed5cc6f85313d724afa6f5a9d4b0de8c55aaa4f28c4c89be4c1a6481bcff7fd8
fc1af8ee2f4a1ca38517dbb6f73900e018f2b97d216ed179f7e227704ea558f6