thomas.e-legance.net
Open in
urlscan Pro
79.124.76.85
Malicious Activity!
Public Scan
Submission: On February 08 via automatic, source phishtank
Summary
This is the only time thomas.e-legance.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Dropbox (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 79.124.76.85 79.124.76.85 | 8877 (POWERNET-AS ) (POWERNET-AS ) | |
7 | 54.230.9.150 54.230.9.150 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 162.125.66.1 162.125.66.1 | 19679 (DROPBOX) (DROPBOX - Dropbox) | |
1 | 108.160.172.206 108.160.172.206 | 19679 (DROPBOX) (DROPBOX - Dropbox) | |
1 | 2a00:1450:400... 2a00:1450:400e:805::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
2 | 2a00:1450:400... 2a00:1450:400e:805::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
19 | 6 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-9-150.lhr3.r.cloudfront.net
cf.dropboxstatic.com |
ASN19679 (DROPBOX - Dropbox, Inc., US)
PTR: www.v.dropbox.com
dropbox.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
dropboxstatic.com
cf.dropboxstatic.com |
273 KB |
5 |
dropbox.com
www.dropbox.com dropbox.com |
13 KB |
4 |
e-legance.net
thomas.e-legance.net |
68 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
googleapis.com
fonts.googleapis.com |
913 B |
19 | 5 |
Domain | Requested by | |
---|---|---|
7 | cf.dropboxstatic.com |
thomas.e-legance.net
|
4 | www.dropbox.com |
thomas.e-legance.net
|
4 | thomas.e-legance.net |
thomas.e-legance.net
|
2 | fonts.gstatic.com |
thomas.e-legance.net
|
1 | fonts.googleapis.com |
thomas.e-legance.net
|
1 | dropbox.com |
thomas.e-legance.net
|
19 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dropbox.com |
blog.dropbox.com |
www.dropboxforum.com |
twitter.com |
facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cf.dropboxstatic.com DigiCert SHA2 High Assurance Server CA |
2016-12-05 - 2020-02-19 |
3 years | crt.sh |
www.dropbox.com DigiCert SHA2 Extended Validation Server CA |
2015-12-10 - 2017-12-13 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G2 |
2017-01-25 - 2017-04-19 |
3 months | crt.sh |
*.google.com Google Internet Authority G2 |
2017-01-25 - 2017-04-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://thomas.e-legance.net/directory/signin.php
Frame ID: 19788.1
Requests: 19 HTTP requests in this frame
20 Outgoing links
These are links going to different origins than the main page.
Title: Install
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: Pricing
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Tour
Search URL Search Domain Scan URL
Title: Dropbox Blog
Search URL Search Domain Scan URL
Title: Our team
Search URL Search Domain Scan URL
Title: Branding
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Get Started
Search URL Search Domain Scan URL
Title: Privacy & Terms
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Referrals
Search URL Search Domain Scan URL
Title: Forum
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
signin.php
thomas.e-legance.net/directory/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-vflJ6DXJ2.css
cf.dropboxstatic.com/static/css/ |
311 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web_sprites-vfl_rvr7W.css
cf.dropboxstatic.com/static/css/ |
110 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components-vflk8-9-C.css
cf.dropboxstatic.com/static/css/packaged/ |
45 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha_challenge-vflz9aQSc.css
cf.dropboxstatic.com/static/css/ |
4 KB 785 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-js-vflhurwvO.css
cf.dropboxstatic.com/static/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
thomas.e-legance.net/directory/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in-vflchypbO.png
thomas.e-legance.net/directory/images/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-reload.png
www.dropbox.com/static/images/icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-audio.png
www.dropbox.com/static/images/icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-words.png
www.dropbox.com/static/images/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-help.png
www.dropbox.com/static/images/icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_spacer-vflN3BYt2.gif
cf.dropboxstatic.com/static/images/icons/ |
55 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oauth.png
thomas.e-legance.net/directory/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hstsping
dropbox.com/ |
0 0 |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 913 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web_sprites-vfl8qlzlw.png
cf.dropboxstatic.com/static/images/sprites/ |
203 KB 203 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Dropbox (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cf.dropboxstatic.com
dropbox.com
fonts.googleapis.com
fonts.gstatic.com
thomas.e-legance.net
www.dropbox.com
108.160.172.206
162.125.66.1
2a00:1450:400e:805::2003
2a00:1450:400e:805::200a
54.230.9.150
79.124.76.85
18b8f1c7340461d03746204d7eee39d8c3b98739fafc2bcdb73648060ba17c26
1be289ce7edaa3f8e53510422af0c33aae80e91f00bcba90dbd5d0b0f098b89e
31986e72e7805e6262c8ba7a21ac5dc3e9f5f2e8865d357a0c5231e34a614ad1
3c3dbf9abc00c05204be607b949df581016f519c5d664f8cd65d44cb3d133658
4c9dc34b06d501e8853a88f4ee3e7558f2fdae457da0ec1ed22df6e29718c076
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6f08a24a586a7e00c817bef64afec415518e2196357e3fffb8ed8518b3a3a0bd
87dbdc4222e35d4c110e0b33b3fea9a0588b0d08195b8c098a95e906f57ad651
9cc6a5f0c0d2e59d911dc3613dfbdde6e2459fbee45bf3070f700f64c89eaa78
9d9b7c93e102eea3be6f7ddcb0bf216e8337b9987ba6b3aa50226adabbd728f6
a3b3b1e852908a30a8591cbb6fea75b5fca3a90c288d7760740feba2e401c9ea
af4f0d49eeed41186a81d09b20d0699e943bbfabe609f9f3552810788d667ebe
beabd3cca57e92d63879c8a6cbff1bf8c72b2315b56aafbfc2ea78c2d72eb53c
c653f5756e19325567b94ffe5c3dbfc81063e44e984bcc4424a80bed6aeb40b1
cf541646a8b0bc9ee1f9392ae04a9b6b208753cf95b3127faf3d73e09a524e23
d32c8ba8b668f17fde80354f21265f8eb38eb56223ccf1385994cf71d3101805
dd2d64a6b4dc901db4c72fb860db5e1b49372a4abf1425bcac4c4fc2d5cf128b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e