web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Open in urlscan Pro
169.63.118.98  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request encrypt.html Show response web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/	2 MB 2 MB	396ms 216ms	Document text/html	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash c5557ebcf4b286a186313bf0f8d3477b34c509b7970dfdaa652d7a025716b495 Request headers Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 27 Sep 2021 12:35:12 GMT X-Clv-Request-Id 716cd728-0560-4045-9ba1-5a5da9a6bc6e Server Cleversafe X-Clv-S3-Version 2.5 Accept-Ranges bytes x-amz-request-id 716cd728-0560-4045-9ba1-5a5da9a6bc6e ETag "b597cb2e63f311904a56f05d38d5684c" Content-Type text/html x-amz-meta-aspera_transfer true Last-Modified Mon, 27 Sep 2021 12:14:45 GMT Content-Length 1755988
GET H/1.1	404 Not Found	entypo.css web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/entypo/font/	0 0	96ms 96ms	Stylesheet application/xml	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/entypo/font/entypo.css Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT Server Cleversafe x-amz-request-id 70824265-cbfe-47b6-8a17-22e504a2d3c2 Content-Type application/xml X-Clv-Request-Id 70824265-cbfe-47b6-8a17-22e504a2d3c2 Content-Length 315 Accept-Ranges bytes X-Clv-S3-Version 2.5
GET H/1.1	404 Not Found	font-awesome.css web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/font-awesome/css/	0 0	209ms 112ms	Stylesheet application/xml	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/font-awesome/css/font-awesome.css Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT Server Cleversafe x-amz-request-id f7f00cb9-7cd8-49c5-8d94-8ff2ea8c2b6e Content-Type application/xml X-Clv-Request-Id f7f00cb9-7cd8-49c5-8d94-8ff2ea8c2b6e Content-Length 326 Accept-Ranges bytes X-Clv-S3-Version 2.5
GET H/1.1	404 Not Found	mimecast-icons.css web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/mimecast-icons/css/	0 0	266ms 91ms	Stylesheet application/xml	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/mimecast-icons/css/mimecast-icons.css Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT Server Cleversafe x-amz-request-id 8d849549-36e2-43a2-80e0-0913707e75b3 Content-Type application/xml X-Clv-Request-Id 8d849549-36e2-43a2-80e0-0913707e75b3 Content-Length 330 Accept-Ranges bytes X-Clv-S3-Version 2.5
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	80ms 28ms	Stylesheet text/css	142.250.186.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f10.1e100.net Software ESF / Resource Hash d562e856fbfe2fc2ffa00479809da1ddf3b16bc9b4b90363e633bf4d86d38bde Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 27 Sep 2021 11:59:46 GMT server ESF date Mon, 27 Sep 2021 12:35:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Sep 2021 12:35:13 GMT
GET H/1.1	200 OK	pendo.js Show response cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/	439 KB 136 KB	24ms 8ms	Script application/javascript	18.66.112.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.112.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash 90e1c1dd1067eb6e31657fc7834ce8d7257e23a23d366cbf68a7135e900972d0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:31:45 GMT Content-Encoding gzip Age 208 X-GUploader-UploadID ADPycds5IMRozxabm5mZAOHP0srZiZUVR2kEgYIeBqz4-OxYEnzEVOONNerygTUnkPBHLUSk6O1TAou0tZCttLh0Jsw X-Cache Hit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip Connection keep-alive Content-Length 138618 Access-Control-Allow-Origin * Last-Modified Fri, 24 Sep 2021 16:11:56 GMT Server UploadServer ETag "a3d7e9641f1fef691233bb39dd931997" Vary Accept-Encoding x-goog-hash crc32c=bzMaug==, md5=o9fpZB8f72kSM7s53ZMZlw== x-goog-generation 1632499916400104 Via 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront) Access-Control-Expose-Headers * Cache-Control max-age=450 x-goog-stored-content-length 138618 X-Amz-Cf-Pop FRA56-P5 Accept-Ranges bytes Content-Type application/javascript X-Amz-Cf-Id hjj-LYlF9gXw-kxFATrv0Oa_nam85w-UJ6zsEYijFC609U6XZGuB7w== Expires Mon, 27 Sep 2021 12:39:15 GMT
GET H2	200	galindo.js Show response static.srcspot.com/libs/	88 KB 39 KB	44ms 15ms	Script application/javascript	35.190.8.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.srcspot.com/libs/galindo.js Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.8.230 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 230.8.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 7dbff9accbb0eafe4f52685e30b2fb4b34c9529de86eb97ec83ec2fa21fb025d Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 12:27:46 GMT content-encoding gzip age 447 x-guploader-uploadid ADPycdsqiN-X0zUYPb5-gKMT3vEJS5l5EwrMNdQGM-ear-NCTf84bZSs1t0Vx1YuPHprRRvjKQXTQeSZyCg-6S-_lVY x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 39333 last-modified Sun, 26 Sep 2021 08:07:13 GMT server UploadServer etag "f8ec4aa3183a0b33b6cb6b8d07546bc8" x-goog-hash crc32c=0bfjmA==, md5=+OxKoxg6CzO2y2uNB1RryA== x-goog-generation 1632643633664972 cache-control no-transform, public, max-age=900 x-goog-stored-content-length 39333 accept-ranges bytes content-type application/javascript expires Mon, 27 Sep 2021 12:42:46 GMT
GET H/1.1	404 Not Found	lang-en.js web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/language/	0 0	299ms 92ms	Script application/xml	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/language/lang-en.js Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT Server Cleversafe x-amz-request-id d6732379-0c6b-48b0-9b0b-2a4b1831492f Content-Type application/xml X-Clv-Request-Id d6732379-0c6b-48b0-9b0b-2a4b1831492f Content-Length 305 Accept-Ranges bytes X-Clv-S3-Version 2.5
GET H2	200	guide.-323232.1607015848127.css pendo-static-5707797427912704.storage.googleapis.com/	10 KB 11 KB	92ms 23ms	Stylesheet text/css	142.250.185.144 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pendo-static-5707797427912704.storage.googleapis.com/guide.-323232.1607015848127.css Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.144 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f16.1e100.net Software UploadServer / Resource Hash eae613166bc3427db67c816a9d92a24f28a5a3f135053b4305c359d2ddc8a0b7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 12:04:48 GMT age 1825 x-guploader-uploadid ADPycdtGOS043ur4vPL1j7VDO_ch7xQrVXcdjoflEdnNdTNQVVYvyli-oWCT3uq5lcxcF-dPQxLzbrs8mpphkIKCO3zDjVuHoQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10663 last-modified Thu, 03 Dec 2020 17:17:28 GMT server UploadServer etag "4d7160ad8787c29877fcfaf04cbed7f2" x-goog-hash crc32c=IVwPAA==, md5=TXFgrYeHwph3/PrwTL7X8g== x-goog-generation 1607015848809269 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 10663 accept-ranges bytes content-type text/css expires Mon, 27 Sep 2021 13:04:48 GMT
GET H2	200	NJ-2jv853v7oWvrBiE5h2o8dCmE.guide.css pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/	2 KB 903 B	96ms 27ms	Stylesheet text/css	142.250.185.144 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/NJ-2jv853v7oWvrBiE5h2o8dCmE.guide.css?sha256=9lhkYz5ELE3r3uph6sB4dzEQOAYcTrQ5ZK8JEMtzh9E Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.144 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f16.1e100.net Software UploadServer / Resource Hash f65864633e442c4debdeea61eac07877311038061c4eb43964af0910cb7387d1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 11:49:04 GMT content-encoding gzip age 2769 x-guploader-uploadid ADPycduAnhRq0dTtirRS3dzsC4ERGhjobiuo0YUkN3HrYf-KkaY8jBbYRQ2rqIvi3w_Mq47luawrcUhKngOHYn6Zzh4 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 628 last-modified Tue, 11 May 2021 10:01:18 GMT server UploadServer etag "6c2ff70c3998e642d0ebcdb74c995902" vary Accept-Encoding x-goog-hash crc32c=Y1Thfg==, md5=bC/3DDmY5kLQ6823TJlZAg== x-goog-generation 1620727278600210 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 628 accept-ranges bytes content-type text/css; charset=utf-8 expires Mon, 27 Sep 2021 12:49:04 GMT
GET H2	200	oqtaoRe4R18hkIdR4O_20l2GLu0.guide.css pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/	2 KB 1 KB	91ms 22ms	Stylesheet text/css	142.250.185.144 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/oqtaoRe4R18hkIdR4O_20l2GLu0.guide.css?sha256=Wi2FJ287sAohUChB4VkWmQVpaacGa5Kp7O35gghy2_M Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.144 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f16.1e100.net Software UploadServer / Resource Hash 5a2d85276f3bb00a21502841e1591699056969a7066b92a9ecedf9820872dbf3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 11:54:44 GMT content-encoding gzip age 2429 x-guploader-uploadid ADPycdsaSDG69_pmJSRpTuSHhiW_muRAV53h6ezexQL6xqKRS4w4xY1dv0Eow77L8rvKlCnRV8RqYgPBNQtxg9LO9Uk x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 632 last-modified Fri, 05 Jun 2020 14:29:15 GMT server UploadServer etag "82a5e331671feae5660520a277d01f1f" vary Accept-Encoding x-goog-hash crc32c=AIvKdQ==, md5=gqXjMWcf6uVmBSCid9AfHw== x-goog-generation 1591367355620576 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 632 accept-ranges bytes content-type text/css; charset=utf-8 expires Mon, 27 Sep 2021 12:54:44 GMT
GET H2	200	bJyAC8_hb_ekyBtjHXR4EZgc4i4.guide.css pendo-static-5707797427912704.storage.googleapis.com/guide-content/W8wLAJJ-I1c5HQpcqjSuP-dHcdk/K-kKCZLF_TcoZSdvI4U8Mdo7t2Q/	62 B 362 B	95ms 27ms	Stylesheet text/css	142.250.185.144 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/W8wLAJJ-I1c5HQpcqjSuP-dHcdk/K-kKCZLF_TcoZSdvI4U8Mdo7t2Q/bJyAC8_hb_ekyBtjHXR4EZgc4i4.guide.css Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.144 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f16.1e100.net Software UploadServer / Resource Hash 46a7155334ab24474f5aa34b9ca50b0de97988a3961552d845c87e1a47a61a0b Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 12:02:38 GMT content-encoding gzip age 1955 x-guploader-uploadid ADPycduEvFjmSRfvSrenXdV8l0BxieWt9nlP6HW7R33NVjxZeeBoexZiANkdwT75A796_BBzflqbiFc0nZpzlX6Blf0 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86 last-modified Tue, 20 Oct 2020 14:47:31 GMT server UploadServer etag "679174816421a94d35848e845658ab43" vary Accept-Encoding x-goog-hash crc32c=89QYJQ==, md5=Z5F0gWQhqU01hI6EVlirQw== x-goog-generation 1603205251839852 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 86 accept-ranges bytes content-type text/css; charset=utf-8 expires Mon, 27 Sep 2021 13:02:38 GMT
GET H/1.1	404 Not Found	cache.6d53eb50124dfcd1437d99c299d1090b.login-lib.js web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/	0 0	267ms 91ms	Script application/xml	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/cache.6d53eb50124dfcd1437d99c299d1090b.login-lib.js Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT Server Cleversafe x-amz-request-id fc6a95f0-7f93-4e34-9079-fac2758608bd Content-Type application/xml X-Clv-Request-Id fc6a95f0-7f93-4e34-9079-fac2758608bd Content-Length 337 Accept-Ranges bytes X-Clv-S3-Version 2.5
GET H/1.1	404 Not Found	cache.df1a8fbf961ceb54242fb898d3cb77bf.login.js web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/	0 0	302ms 113ms	Script application/xml	169.63.118.98 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/cache.df1a8fbf961ceb54242fb898d3cb77bf.login.js Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.63.118.98 Ashburn, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 62.76.3fa9.ip4.static.sl-reverse.com Software Cleversafe / Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT Server Cleversafe x-amz-request-id cc36a268-9443-4f5e-967f-08632c08a70e Content-Type application/xml X-Clv-Request-Id cc36a268-9443-4f5e-967f-08632c08a70e Content-Length 333 Accept-Ranges bytes X-Clv-S3-Version 2.5
GET H/1.1	200 OK	mimecast-logo.png webmail.mimecast.com/u/assets/images/	7 KB 8 KB	92ms 19ms	Image image/png	195.130.217.179 MIMECAST-UK
General Check archive.org Show headers Download Go to Show image Full URL https://webmail.mimecast.com/u/assets/images/mimecast-logo.png Requested by Host: web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/encrypt.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.130.217.179 , United Kingdom, ASN42427 (MIMECAST-UK, GB), Reverse DNS webmail-uk.mimecast.com Software / Resource Hash 5faad6b4a627d67a4527be1c56a591cb9510696f396de537dc631894ea6e1ef8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 12:35:13 GMT X-Content-Type-Options nosniff Last-Modified Fri, 13 Aug 2021 14:19:32 GMT ETag W/"owK7uqi9CswowK6wZdcyj4" X-Frame-Options SAMEORIGIN Content-Type image/png Strict-Transport-Security max-age=31536000; includeSubDomains; preload Accept-Ranges bytes Content-Length 7634 X-XSS-Protection 1; mode=block
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	79ms 24ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 17:03:52 GMT x-content-type-options nosniff age 329481 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 23 Sep 2022 17:03:52 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mimecast (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| branding string| rootPath string| dirPath string| urlPrefix string| grid object| appsConfig object| appMessagesConfig string| appversion boolean| secureMessagingNewPasswordExpiry object| pendo object| _0x3515948c function| _0x3515948d

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/entypo/font/entypo.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/font-awesome/css/font-awesome.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/assets/mimecast-icons/css/mimecast-icons.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/cache.6d53eb50124dfcd1437d99c299d1090b.login-lib.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/language/lang-en.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud/cache.df1a8fbf961ceb54242fb898d3cb77bf.login.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
fonts.googleapis.com
fonts.gstatic.com
pendo-static-5707797427912704.storage.googleapis.com
static.srcspot.com
web-mimecast-msg65767988.s3.us-east.cloud-object-storage.appdomain.cloud
webmail.mimecast.com
142.250.185.144
142.250.186.106
142.250.186.99
169.63.118.98
18.66.112.14
195.130.217.179
35.190.8.230
46a7155334ab24474f5aa34b9ca50b0de97988a3961552d845c87e1a47a61a0b
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5a2d85276f3bb00a21502841e1591699056969a7066b92a9ecedf9820872dbf3
5faad6b4a627d67a4527be1c56a591cb9510696f396de537dc631894ea6e1ef8
7dbff9accbb0eafe4f52685e30b2fb4b34c9529de86eb97ec83ec2fa21fb025d
90e1c1dd1067eb6e31657fc7834ce8d7257e23a23d366cbf68a7135e900972d0
c5557ebcf4b286a186313bf0f8d3477b34c509b7970dfdaa652d7a025716b495
d562e856fbfe2fc2ffa00479809da1ddf3b16bc9b4b90363e633bf4d86d38bde
eae613166bc3427db67c816a9d92a24f28a5a3f135053b4305c359d2ddc8a0b7
f65864633e442c4debdeea61eac07877311038061c4eb43964af0910cb7387d1