steelltreu.com Open in urlscan Pro
91.234.99.223 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://steelltreu.com/up/da/te/?email=user@host
Submission: On August 24 via manual (August 24th 2020, 11:04:08 am UTC) from HU

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 91.234.99.223, located in Netherlands and belongs to PIHL-AS, RU. The main domain is steelltreu.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 11th 2020. Valid for: 3 months.

This is the only time steelltreu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
4	91.234.99.223 91.234.99.223	213058 (PIHL-AS) (PIHL-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
7	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

4 91.234.99.223 (Netherlands)

ASN213058 (PIHL-AS, RU)

steelltreu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	unpkg.com unpkg.com	8 KB
4	steelltreu.com steelltreu.com	23 KB
1	jquery.com code.jquery.com	30 KB
12	3

	Domain	Requested by
7	unpkg.com	steelltreu.com unpkg.com
4	steelltreu.com	steelltreu.com
1	code.jquery.com	steelltreu.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
*.steelltreu.com Let's Encrypt Authority X3	`2020-08-11` - `2020-11-09`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://steelltreu.com/up/da/te/?email=user@host
Frame ID: 2260F0B7FBC2CB2060A992827839FA23
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

61 kB
Transfer

124 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
steelltreu.com/up/da/te/ 2 KB
3 KB 218ms
63ms Document
text/html 91.234.99.223
PIHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://steelltreu.com/up/da/te/?email=user@host
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.234.99.223 , Netherlands, ASN213058 (PIHL-AS, RU),
Reverse DNS
Software: Apache /
Resource Hash: f11a52755120a48fb7ff157530d87a11eea3247736ca2633af62ed9df7b21fe4

Request headers

Host: steelltreu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 11:03:52 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK skeleton.css
steelltreu.com/up/da/te/css/ 11 KB
11 KB 62ms
61ms Stylesheet
text/css 91.234.99.223
PIHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://steelltreu.com/up/da/te/css/skeleton.css
Requested by: Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.234.99.223 , Netherlands, ASN213058 (PIHL-AS, RU),
Reverse DNS
Software: Apache /
Resource Hash: b763726786f77aa79a0d1e262133b54fb20a4b75f1882a393192933e13408665

Request headers

Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 11:03:52 GMT
Last-Modified: Tue, 11 Aug 2020 21:02:51 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11452

GET
H/1.1 200
OK normalize.css
steelltreu.com/up/da/te/css/ 8 KB
8 KB 127ms
64ms Stylesheet
text/css 91.234.99.223
PIHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://steelltreu.com/up/da/te/css/normalize.css
Requested by: Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.234.99.223 , Netherlands, ASN213058 (PIHL-AS, RU),
Reverse DNS
Software: Apache /
Resource Hash: f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51

Request headers

Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 11:03:52 GMT
Last-Modified: Tue, 11 Aug 2020 21:02:51 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7797

GET
H/1.1 200
OK skin.css
steelltreu.com/up/da/te/css/ 566 B
807 B 158ms
56ms Stylesheet
text/css 91.234.99.223
PIHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://steelltreu.com/up/da/te/css/skin.css
Requested by: Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.234.99.223 , Netherlands, ASN213058 (PIHL-AS, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8e0e725e5b2423057a9030f062096fc91b93c9f800cecdac21d2b7c989fd22d8

Request headers

Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 11:03:52 GMT
Last-Modified: Tue, 11 Aug 2020 21:02:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 566

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 30ms
13ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://steelltreu.com
Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:52 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
status: 200
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1598267032.dop142.fr8.t,1598267032.cds242.fr8.hc,1598267032.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 ionicons.js Show response
unpkg.com/ionicons@5.1.2/dist/ 962 B
451 B 15ms
15ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons.js

Requested by

Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5111011
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9cf00000dfd7b00d6200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3c2-ekNqUptqD1AEc5D0dUT6kSacGE0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d94ff42233ebca1e519d7a27a7093b4b
cache-control: public, max-age=31536000
cf-ray: 5c7c96db1e02dfd7-FRA

GET
H2 200 ionicons.esm.js Show response
unpkg.com/ionicons@5.1.2/dist/ionicons/ 291 B
325 B 18ms
18ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons/ionicons.esm.js

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.1.2/dist/ionicons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6767311b869d6f91af9a9adddf6239ecfb0e51ff1feb72a92a244dbfa5a1b064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://steelltreu.com
Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5114355
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9d91000096f80f205200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"123-quuj4MASn5A6b/Ny9bpZJCg512g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e5022bebb850c924604839aa6110f473
cache-control: public, max-age=31536000
cf-ray: 5c7c96dc1f0596f8-FRA

GET
H2 200 p-6f4eae92.js Show response
unpkg.com/ionicons@5.1.2/dist/ionicons/ 8 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-6f4eae92.js

Requested by

Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://steelltreu.com
Referer: https://unpkg.com/ionicons@5.1.2/dist/ionicons/ionicons.esm.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5114343
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9e04000096f80f208200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1f7c-gfDDha4bujGL8M3AApXNE3RBbwQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a4fe7654ef4aa2ba3b1345b0c35338d1
cache-control: public, max-age=31536000
cf-ray: 5c7c96dcdfa296f8-FRA

GET
H2 200 p-4372c4bc.js Show response
unpkg.com/ionicons@5.1.2/dist/ionicons/ 1 KB
726 B 15ms
14ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-4372c4bc.js

Requested by

Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://steelltreu.com
Referer: https://unpkg.com/ionicons@5.1.2/dist/ionicons/ionicons.esm.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5114343
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9e04000096f80f209200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4a1-eLv8UEu9cOFw7ZcY76wJ+IRRvYI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 27b49c798966947cdc8fb134f597c25a
cache-control: public, max-age=31536000
cf-ray: 5c7c96dcdfa496f8-FRA

GET
H2 200 p-7815a89a.entry.js Show response
unpkg.com/ionicons@5.1.2/dist/ionicons/ 4 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-7815a89a.entry.js

Requested by

Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

556d58b6bb7765a2e765ab463f697eaa4bd1e6a6d08104723d45f792361d5f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://steelltreu.com
Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5114300
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9e18000096f80f20a200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"ead-eBWomtQSseh69fTQfJ2CbJ8BPaQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c4ee53fe74c92773b77547c2961f1d87
cache-control: public, max-age=31536000
cf-ray: 5c7c96dcffbc96f8-FRA

GET
H2 200 p-27972752.js Show response
unpkg.com/ionicons@5.1.2/dist/ionicons/ 807 B
552 B 16ms
15ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-27972752.js

Requested by

Host: steelltreu.com
URL: https://steelltreu.com/up/da/te/?email=user@host

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d3af5437719d1184f672cae7c042ef5d9206a4213fe5de7dddbb8e9a3f42b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://steelltreu.com
Referer: https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-7815a89a.entry.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5114298
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9e2c000096f80f20b200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"327-iDnGRj+fHRf0JjqFvGGPeB+3JIg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 0bd6ad4fac9a8e88905545ec6a4e9912
cache-control: public, max-age=31536000
cf-ray: 5c7c96dd1fd696f8-FRA

GET
H2 200 mail-outline.svg Show response
unpkg.com/ionicons@5.1.2/dist/ionicons/svg/ 370 B
268 B 36ms
36ms Fetch
image/svg+xml 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.1.2/dist/ionicons/svg/mail-outline.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-7815a89a.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ba419e2ea72d3a031f477a09d4ea15d9ab88d8712da4651d06794335c9dfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://steelltreu.com/up/da/te/?email=user@host
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4833281
status: 200
vary: Accept-Encoding
cf-request-id: 04c1bc9e3f000096f80f20c200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"172-m2IWbJ3C2JtdcFr/BOId6AXD+Oc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-cloud-trace-context: 7f48b245790f3a2270fd24203b178800
cache-control: public, max-age=31536000
cf-ray: 5c7c96dd3fe796f8-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| __sc_import_ionicons object| Ionicons

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://unpkg.com/ionicons@5.1.2/dist/ionicons.js(Line 28) Message: [ionicons] Deprecated script, please remove: <script src="https://unpkg.com/ionicons@5.1.2/dist/ionicons.js"></script> To improve performance it is recommended to set the differential scripts in the head as follows: <script type="module" src="https://unpkg.com/ionicons@5.1.2/dist/ionicons/ionicons.esm.js"></script> <script nomodule="" src="https://unpkg.com/ionicons@5.1.2/dist/ionicons/ionicons.js"></script>

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
steelltreu.com
unpkg.com
2001:4de0:ac19::1:b:1b
2606:4700::6810:7eaf
91.234.99.223
556d58b6bb7765a2e765ab463f697eaa4bd1e6a6d08104723d45f792361d5f86
6767311b869d6f91af9a9adddf6239ecfb0e51ff1feb72a92a244dbfa5a1b064
88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded
8e0e725e5b2423057a9030f062096fc91b93c9f800cecdac21d2b7c989fd22d8
937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e
998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5
b763726786f77aa79a0d1e262133b54fb20a4b75f1882a393192933e13408665
d5d3af5437719d1184f672cae7c042ef5d9206a4213fe5de7dddbb8e9a3f42b2
e2ba419e2ea72d3a031f477a09d4ea15d9ab88d8712da4651d06794335c9dfc9
f11a52755120a48fb7ff157530d87a11eea3247736ca2633af62ed9df7b21fe4
f4d7e8250f8f124f8b7d087e5e260766a34b079fddc43e7b20d8c18ca1e92e51
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

steelltreu.com Open in urlscan Pro 91.234.99.223 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

61 kBTransfer

124 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

steelltreu.com Open in urlscan Pro
91.234.99.223 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

61 kB
Transfer

124 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!