![](/screenshots/d1faeb9b-0032-42a4-bd50-859f0219cba5.png)
thomas.e-legance.net
Open in
urlscan Pro
79.124.76.85
Malicious Activity!
Public Scan
Effective URL: http://thomas.e-legance.net/directory/signin.php?id=6ef4dd0fa2102e5db4a5e996ce03427cac17c166
Submission: On November 10 via automatic, source openphish
Summary
This is the only time thomas.e-legance.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Dropbox (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 79.124.76.85 79.124.76.85 | 8877 (POWERNET-AS) (POWERNET-AS) | |
7 | 52.222.240.195 52.222.240.195 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 2620:100:6022... 2620:100:6022:1::a27d:4201 | 19679 (DROPBOX) (DROPBOX - Dropbox) | |
1 | 162.125.248.1 162.125.248.1 | 19679 (DROPBOX) (DROPBOX - Dropbox) | |
1 | 2a00:1450:400... 2a00:1450:400e:80a::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
21 | 7 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-240-195.lhr52.r.cloudfront.net
cf.dropboxstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
dropboxstatic.com
cf.dropboxstatic.com |
273 KB |
6 |
e-legance.net
1 redirects
thomas.e-legance.net |
68 KB |
5 |
dropbox.com
www.dropbox.com dropbox.com |
13 KB |
2 |
gstatic.com
fonts.gstatic.com |
17 KB |
1 |
googleapis.com
fonts.googleapis.com |
1001 B |
21 | 5 |
Domain | Requested by | |
---|---|---|
7 | cf.dropboxstatic.com |
thomas.e-legance.net
|
6 | thomas.e-legance.net |
1 redirects
thomas.e-legance.net
|
4 | www.dropbox.com |
thomas.e-legance.net
|
2 | fonts.gstatic.com |
thomas.e-legance.net
|
1 | fonts.googleapis.com |
thomas.e-legance.net
|
1 | dropbox.com |
thomas.e-legance.net
|
21 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dropbox.com |
blog.dropbox.com |
www.dropboxforum.com |
twitter.com |
facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cf.dropboxstatic.com DigiCert SHA2 High Assurance Server CA |
2016-12-05 - 2020-02-19 |
3 years | crt.sh |
www.dropbox.com DigiCert SHA2 Extended Validation Server CA |
2015-12-10 - 2017-12-13 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G2 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
*.google.com Google Internet Authority G2 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://thomas.e-legance.net/directory/signin.php?id=6ef4dd0fa2102e5db4a5e996ce03427cac17c166
Frame ID: 14162.1
Requests: 21 HTTP requests in this frame
Screenshot
![](/screenshots/d1faeb9b-0032-42a4-bd50-859f0219cba5.png)
Page URL History Show full URLs
-
http://thomas.e-legance.net/directory
HTTP 301
http://thomas.e-legance.net/directory/ Page URL
- http://thomas.e-legance.net/directory/signin.php?id=6ef4dd0fa2102e5db4a5e996ce03427cac17c166 Page URL
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Install
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: Pricing
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Tour
Search URL Search Domain Scan URL
Title: Dropbox Blog
Search URL Search Domain Scan URL
Title: Our team
Search URL Search Domain Scan URL
Title: Branding
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Get Started
Search URL Search Domain Scan URL
Title: Privacy & Terms
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Referrals
Search URL Search Domain Scan URL
Title: Forum
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://thomas.e-legance.net/directory
HTTP 301
http://thomas.e-legance.net/directory/ Page URL
- http://thomas.e-legance.net/directory/signin.php?id=6ef4dd0fa2102e5db4a5e996ce03427cac17c166 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://thomas.e-legance.net/directory HTTP 301
- http://thomas.e-legance.net/directory/
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
thomas.e-legance.net/directory/ Redirect Chain
|
287 B 287 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
signin.php
thomas.e-legance.net/directory/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-vflJ6DXJ2.css
cf.dropboxstatic.com/static/css/ |
311 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web_sprites-vfl_rvr7W.css
cf.dropboxstatic.com/static/css/ |
110 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components-vflk8-9-C.css
cf.dropboxstatic.com/static/css/packaged/ |
45 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recaptcha_challenge-vflz9aQSc.css
cf.dropboxstatic.com/static/css/ |
4 KB 785 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-js-vflhurwvO.css
cf.dropboxstatic.com/static/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
thomas.e-legance.net/directory/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in-vflchypbO.png
thomas.e-legance.net/directory/images/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-reload.png
www.dropbox.com/static/images/icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-audio.png
www.dropbox.com/static/images/icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-words.png
www.dropbox.com/static/images/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha-help.png
www.dropbox.com/static/images/icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_spacer-vflN3BYt2.gif
cf.dropboxstatic.com/static/images/icons/ |
55 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oauth.png
thomas.e-legance.net/directory/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hstsping
dropbox.com/ |
0 0 |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1001 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
web_sprites-vfl8qlzlw.png
cf.dropboxstatic.com/static/images/sprites/ |
203 KB 203 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jse
thomas.e-legance.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- thomas.e-legance.net
- URL
- http://thomas.e-legance.net/jse?e=failed+to+load+script&loc=http%3A%2F%2Fthomas.e-legance.net%2Fdirectory%2Fsignin.php%3Fid%3D6ef4dd0fa2102e5db4a5e996ce03427cac17c166&f=http%3A%2F%2Fthomas.e-legance.net%2Fdirectory%2Fsignin.php%3Fid%3D6ef4dd0fa2102e5db4a5e996ce03427cac17c166
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Dropbox (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cf.dropboxstatic.com
dropbox.com
fonts.googleapis.com
fonts.gstatic.com
thomas.e-legance.net
www.dropbox.com
thomas.e-legance.net
162.125.248.1
2620:100:6022:1::a27d:4201
2a00:1450:4001:806::2003
2a00:1450:400e:80a::200a
52.222.240.195
79.124.76.85
18b8f1c7340461d03746204d7eee39d8c3b98739fafc2bcdb73648060ba17c26
1be289ce7edaa3f8e53510422af0c33aae80e91f00bcba90dbd5d0b0f098b89e
28a4bf6f75a1946d95e28a3132f52d385c948c01c5a0e12235f55ff907b31d1e
31986e72e7805e6262c8ba7a21ac5dc3e9f5f2e8865d357a0c5231e34a614ad1
3c3dbf9abc00c05204be607b949df581016f519c5d664f8cd65d44cb3d133658
4c9dc34b06d501e8853a88f4ee3e7558f2fdae457da0ec1ed22df6e29718c076
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
6f08a24a586a7e00c817bef64afec415518e2196357e3fffb8ed8518b3a3a0bd
87dbdc4222e35d4c110e0b33b3fea9a0588b0d08195b8c098a95e906f57ad651
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
958a804828621781e971e96ce2c0102748573e9aa460fe49cc80cad8282cceaa
9cc6a5f0c0d2e59d911dc3613dfbdde6e2459fbee45bf3070f700f64c89eaa78
9d9b7c93e102eea3be6f7ddcb0bf216e8337b9987ba6b3aa50226adabbd728f6
af4f0d49eeed41186a81d09b20d0699e943bbfabe609f9f3552810788d667ebe
beabd3cca57e92d63879c8a6cbff1bf8c72b2315b56aafbfc2ea78c2d72eb53c
c653f5756e19325567b94ffe5c3dbfc81063e44e984bcc4424a80bed6aeb40b1
d32c8ba8b668f17fde80354f21265f8eb38eb56223ccf1385994cf71d3101805
dd2d64a6b4dc901db4c72fb860db5e1b49372a4abf1425bcac4c4fc2d5cf128b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed36bb8525741f67de9fe61e93441e68e3c73ae867ad791a3fe938772e8cf332