mysophlgml.space
Open in
urlscan Pro
104.21.95.213
Malicious Activity!
Public Scan
Effective URL: https://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={site}&uid={uid}&publish...
Submission: On November 28 via manual from SI — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on October 28th 2023. Valid for: 3 months.
This is the only time mysophlgml.space was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 5 | 172.67.148.160 172.67.148.160 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 104.21.95.213 104.21.95.213 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
mysophlgml.space
2 redirects
mysophlgml.space |
114 KB |
19 | 1 |
Domain | Requested by | |
---|---|---|
21 | mysophlgml.space |
2 redirects
mysophlgml.space
|
19 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.1c-bitrix.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mysophlgml.space GTS CA 1P5 |
2023-10-28 - 2024-01-26 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={site}&uid={uid}&publisher_id={feed}
Frame ID: C5C4B358A7E6760207CB087E6200BF20
Requests: 17 HTTP requests in this frame
Frame:
https://mysophlgml.space/bitrix/legal/license.php
Frame ID: 56B8563C05DB60701E0A7A009FE6DAF5
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
1С-Битрикс: Управление сайтомPage URL History Show full URLs
- http://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={sit... Page URL
-
http://mysophlgml.space/cdn-cgi/phish-bypass?atok=QjQiTexedOyzjflnKlbFltgblpo53T6pbYDDJM6_UHk-170120...
HTTP 301
http://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={sit... HTTP 301
https://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={sit... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: www.1c-bitrix.ru
Search URL Search Domain Scan URL
Title: Техподдержка
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={site}&uid={uid}&publisher_id={feed} Page URL
-
http://mysophlgml.space/cdn-cgi/phish-bypass?atok=QjQiTexedOyzjflnKlbFltgblpo53T6pbYDDJM6_UHk-1701202055-0-%2F%3Fcid%3D2480%26cost%3D%7Bprice%7D%26external_id%3D%7Bclick_id%7D%26creative_id%3D%7Bcamp%7D%26source%3D%7Bsite%7D%26uid%3D%7Buid%7D%26publisher_id%3D%7Bfeed%7D
HTTP 301
http://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={site}&uid={uid}&publisher_id={feed} HTTP 301
https://mysophlgml.space/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={site}&uid={uid}&publisher_id={feed} Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
mysophlgml.space/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cf.errors.css
mysophlgml.space/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-exclamation.png
mysophlgml.space/cdn-cgi/images/ |
452 B 889 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
mysophlgml.space/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
installer_style.css
mysophlgml.space/bitrix/images/install/ |
30 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box.jpg
mysophlgml.space/bitrix/images/install/ru/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
mysophlgml.space/bitrix/images/install/ru/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
license.php
mysophlgml.space/bitrix/legal/ Frame 56B8 |
58 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prev.gif
mysophlgml.space/bitrix/images/install/ |
771 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
error.gif
mysophlgml.space/bitrix/images/install/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wait.gif
mysophlgml.space/bitrix/images/install/ |
726 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
admin.gif
mysophlgml.space/bitrix/images/install/ |
661 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
public.gif
mysophlgml.space/bitrix/images/install/ |
741 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
left-side-bg.gif
mysophlgml.space/bitrix/images/install/ni/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
instal-sprite.png
mysophlgml.space/bitrix/images/install/ni/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
instal-left-shadow.png
mysophlgml.space/bitrix/images/install/ni/ |
1009 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
instal-line-bg.png
mysophlgml.space/bitrix/images/install/ni/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
instal-pattern-bg.gif
mysophlgml.space/bitrix/images/install/ni/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
mysophlgml.space/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 56B8 |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| EnterKeyPress function| CancelBubble function| NeedRootUser function| NeedUTFSection function| htmlspecialchars function| strip_tags function| CAjaxForm function| OnBeforeUserExit function| PreloadImages1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mysophlgml.space/ | Name: __cf_mw_byp Value: QjQiTexedOyzjflnKlbFltgblpo53T6pbYDDJM6_UHk-1701202055-0-/?cid=2480&cost={price}&external_id={click_id}&creative_id={camp}&source={site}&uid={uid}&publisher_id={feed} |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mysophlgml.space
104.21.95.213
172.67.148.160
04023f2e17e3f55cd8b9574d2c7e93d18596280976930b2d2cfc5dc34a8dcfcd
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4aac168589f6481ee6281f9c5d33706b7292e227e6963efb6ae23e7df3a31738
632cde1eed889745c657ae873237ab135a89145b05c25e0133f23fefb813a141
7acdd9ed98beca59cc21f4f4ca18693dee03af10e0a3351967972f89ee7bae12
7c8fc779bfbf3611d8a3fb4b9b51f94daa792c9dc74669d1ffa06bc36460c4b8
95e297f5a836ca4618520dc8436c50cbd5cf69ba51732fdda8ee966a1002a6ab
a6d3a7e576c803af74eff97b4ae0740f4131ed2511b55fcdd28816fd10b13f61
b5da95fddf5f6870373f6a0bc53cabbbfecfd8e7319ad5117aa59132d4075d9a
b9754db3a1993f3c06359b30ee9a991754cad7e6736d45766c7e6c0dfa833c7c
c3dc04e973fabddfaab9629eb6b7a7a454d80fab5c58de1f3023add87710be88
d38c511027a2e0ac709b692fb73a668b306f407b9facc1727658ec3987e7c2ed
d4e24989795e38dd3df5b755525e3d92a8bf00a0ef6a7ff371247df7fc8d0b48
d920f8adde798e41f0dbc02a169b02d0262d2759150e6f305cbeda7a23a3114b
edcfca9c55358e3057f4ada3ac960a03bca51a279812f60e2b4f7ff9367d0f82
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f1a07179ab9a1fbd17a59ccc8accacff94838b889e802c712ab57dc29b97bc3c
ff483dcb43cbc5c9adf8c99d4e98e33a791233c3ecc532379039b6c75f3d6ce2