unitedglass.net
Open in
urlscan Pro
198.12.209.194
Malicious Activity!
Public Scan
Effective URL: https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/c9c4cp4de51zlks52vbijskv.php?rand=13InboxLig...
Submission: On September 21 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 21st 2020. Valid for: 3 months.
This is the only time unitedglass.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.54 167.89.115.54 | 11377 (SENDGRID) (SENDGRID) | |
2 16 | 198.12.209.194 198.12.209.194 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 192.229.221.185 192.229.221.185 | 15133 (EDGECAST) (EDGECAST) | |
7 | 2a02:26f0:10c... 2a02:26f0:10c:5af::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
22 | 3 |
ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u9874724.ct.sendgrid.net |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-12-209-194.ip.secureserver.net
unitedglass.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
unitedglass.net
2 redirects
unitedglass.net |
739 KB |
7 |
office365.com
r4.res.office365.com |
707 KB |
1 |
msauth.net
logincdn.msauth.net |
1 KB |
1 |
sendgrid.net
1 redirects
u9874724.ct.sendgrid.net |
274 B |
22 | 4 |
Domain | Requested by | |
---|---|---|
16 | unitedglass.net |
2 redirects
unitedglass.net
|
7 | r4.res.office365.com |
unitedglass.net
|
1 | logincdn.msauth.net |
unitedglass.net
|
1 | u9874724.ct.sendgrid.net | 1 redirects |
22 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.live.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
unitedglass.net cPanel, Inc. Certification Authority |
2020-09-21 - 2020-12-20 |
3 months | crt.sh |
identitycdn.msauth.net DigiCert SHA2 Secure Server CA |
2020-07-20 - 2021-07-20 |
a year | crt.sh |
*.res.outlook.com Microsoft IT TLS CA 2 |
2019-10-21 - 2021-10-21 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/c9c4cp4de51zlks52vbijskv.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=christopher.connors@us.army.mil&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: E57DE0FE8A9B64EBA299EFE1A7E638EF
Requests: 7 HTTP requests in this frame
Frame:
https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/prefetch.html
Frame ID: 2498A2BC49D3C5EE49627C3050923835
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://u9874724.ct.sendgrid.net/ls/click?upn=nwut4Q1J6SwNfSZpiwdXiGCyaL1hYVjGzPVG-2BcIsQFcsGKDvr8zRuVlGRs0hz...
HTTP 302
https://unitedglass.net/filetype/?email=christopher.connors@us.army.mil HTTP 302
https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/?email=christopher.conno... HTTP 302
https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/c9c4cp4de51zlks52vbijskv... Page URL
Detected technologies
OpenSSL (Web Server Extensions) ExpandDetected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Sign in with a security key
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u9874724.ct.sendgrid.net/ls/click?upn=nwut4Q1J6SwNfSZpiwdXiGCyaL1hYVjGzPVG-2BcIsQFcsGKDvr8zRuVlGRs0hznXXhWNOB0dytu6pLn07cSFS-2B0hbMouWtL-2BrMOpEsKy2jMI-3Dggi7_Zf9noBSXp6zmd8gcAmse0FrukMv1gmKV8h7pszl0enz5GkdgeixmsFBbMa2Wg919ZhwvZKaJvwyG8skfOIH2CoM2DkC4gGhdk6CbuPqjH0deX-2B2nDeXBBw3YctZzcewVE-2BTjtk11dU5eCcRG4Hdhe5qRD64u32aJx00DZVwKZ5h3hVPzgreEug4fqjTuSWIjZVNFoPcEWevZrIeP2m0-2FPrtZZ4W7rQYvUxSbB1xJjoU6-2FKttyMugvZfHdgwj3F0Q
HTTP 302
https://unitedglass.net/filetype/?email=christopher.connors@us.army.mil HTTP 302
https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/?email=christopher.connors@us.army.mil&loginpage=&reff=MzI3ZTBmNmMwNzY1ZjlmNTkyNmM2ZTY1ZDgzNDZhMTY= HTTP 302
https://unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/c9c4cp4de51zlks52vbijskv.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=christopher.connors@us.army.mil&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
c9c4cp4de51zlks52vbijskv.php
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/ Redirect Chain
|
26 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Converged_v21033_Vso4vqMV44DOHKPPa1RUKg2.css
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ |
100 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ |
513 B 376 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ |
900 B 312 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ |
915 B 323 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prefetch.html
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msauth.net/16.000.28595.2/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.0.mouse.js.download
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
648 KB 177 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.1.mouse.js.download
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
644 KB 161 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.2.mouse.js.download
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
647 KB 167 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.3.mouse.js.download
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
645 KB 143 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.png
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
16 KB 16 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.css
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.mouse.css
unitedglass.net/filetype/cmd-login=ef8acdd149a6d630d80645ff9a46eb95/owa_files/ Frame 2498 |
227 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.3712.0.2742281/scripts/ Frame 2498 |
648 KB 176 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.3712.0.2742281/scripts/ Frame 2498 |
644 KB 160 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.3712.0.2742281/scripts/ Frame 2498 |
647 KB 167 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.3712.0.2742281/scripts/ Frame 2498 |
645 KB 143 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.png
r4.res.office365.com/owa/prem/16.3712.0.2742281/resources/images/0/ Frame 2498 |
16 KB 17 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.css
r4.res.office365.com/owa/prem/16.3712.0.2742281/resources/images/0/ Frame 2498 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/16.3712.0.2742281/resources/styles/0/ Frame 2498 |
227 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
logincdn.msauth.net
r4.res.office365.com
u9874724.ct.sendgrid.net
unitedglass.net
167.89.115.54
192.229.221.185
198.12.209.194
2a02:26f0:10c:5af::753
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e0a47aa4c6c3ae2aa2bf960481b56d389a83ddea2ce3d05e4b492810406399b
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0ecaa3f89795d42cfbfd21dd2ebfbd6fca976c3cfcdb7d178f52deaa16e7efdb
15890123ac2184813485b314db48ffc7df2d72a47acdb4546cb1bb602ebe7c12
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
30bc3ba126e91f95d7480a073785a1d477006db381f181da67d29644674ba142
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942
88da7254eb00325266f2297f09cc17b46c644709463068e2e177f22102734775
8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
a53b73227c889007bf563167513ea5e275dc3a2b140382ae0b0a27af24fa01df
fa26e0423c31f84de5a9ad9383d04fad8c1145f662984b654098322db628f0c6