office365-parsec-280413.uc.r.appspot.com Open in urlscan Pro
2a00:1450:4001:809::2014 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://office365-parsec-280413.uc.r.appspot.com/
Submission: On July 05 via api (July 5th 2020, 3:04:43 am UTC) from TW

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2a00:1450:4001:809::2014, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is office365-parsec-280413.uc.r.appspot.com.

This is the only time office365-parsec-280413.uc.r.appspot.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
9	2a00:1450:400... 2a00:1450:4001:809::2014		15169 (GOOGLE) (GOOGLE)
9	1

9 2a00:1450:4001:809::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

office365-parsec-280413.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	appspot.com office365-parsec-280413.uc.r.appspot.com	466 KB
9	1

	Domain	Requested by
9	office365-parsec-280413.uc.r.appspot.com	office365-parsec-280413.uc.r.appspot.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://office365-parsec-280413.uc.r.appspot.com/
Frame ID: 8ADF42C2B7DAE2EB70C76A64AD153013
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google App Engine (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Google Frontend/i

Page Statistics

9
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

466 kB
Transfer

709 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response office365-parsec-280413.uc.r.appspot.com/	3 KB 2 KB	203ms 154ms	Document text/html	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `12ffeca3cf0b1850e44af6a9f45a1b03d57b85270e9f9e6f8edafd3c8474d26f` Request headers Host office365-parsec-280413.uc.r.appspot.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Expires Sun, 05 Jul 2020 03:14:00 GMT Cache-Control public, max-age=600 ETag "2Me4ug" X-Cloud-Trace-Context 0a9a692d1ea83eb7642a0cfb34cefe7c;o=1 Content-Type text/html Content-Encoding gzip Transfer-Encoding chunked Server Google Frontend
GET H/1.1	200 OK	render.css office365-parsec-280413.uc.r.appspot.com/css/	235 KB 42 KB	180ms 179ms	Stylesheet text/css	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://office365-parsec-280413.uc.r.appspot.com/css/render.css Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `6c52e71a5c3609c82f9a1f9302351e7dcfb37810570c0395ba649cfd06f0b350` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Content-Encoding gzip Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type text/css X-Cloud-Trace-Context 7abdf3c88586e3aab32c5b2758a66a62;o=1 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:00 GMT
GET H/1.1	200 OK	ging.jpg office365-parsec-280413.uc.r.appspot.com/img/	14 KB 15 KB	161ms 154ms	Image image/jpeg	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://office365-parsec-280413.uc.r.appspot.com/img/ging.jpg Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `f9d72cd248c21ae926f396fa5e666aa01355f15a356f4ac8aa7f0c38a93d0c20` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type image/jpeg X-Cloud-Trace-Context 7abdf3c88586e3aab32c5b2758a66a62;o=1 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:00 GMT
GET H/1.1	200 OK	drama.jpg office365-parsec-280413.uc.r.appspot.com/img/	15 KB 15 KB	164ms 158ms	Image image/jpeg	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://office365-parsec-280413.uc.r.appspot.com/img/drama.jpg Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `d6d094ac1b37248aa5e508fd296d1980c8ed37b980da3b523132c1b470f129f3` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type image/jpeg X-Cloud-Trace-Context 878d57683191708b6046476b2f997e19 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:00 GMT
GET H/1.1	200 OK	dbrok.jpg office365-parsec-280413.uc.r.appspot.com/img/	18 KB 18 KB	187ms 182ms	Image image/jpeg	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://office365-parsec-280413.uc.r.appspot.com/img/dbrok.jpg Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `44f9aae3d8daf011ab4c7552945e6b2ca058ff468e3513210c92d793b515b7d9` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type image/jpeg X-Cloud-Trace-Context a3038b66e8734ced2cecbdc8df1f4773;o=1 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:00 GMT
GET H/1.1	200 OK	angle.jpg office365-parsec-280413.uc.r.appspot.com/img/	14 KB 14 KB	183ms 177ms	Image image/jpeg	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://office365-parsec-280413.uc.r.appspot.com/img/angle.jpg Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `9d53dd4935e62afd80b117b1317501e27917b8483fbcab4b19f6ad4e06cdca31` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type image/jpeg X-Cloud-Trace-Context f1f45216e0d59259c88cc54a2a5eaf03 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:00 GMT
GET H/1.1	200 OK	hna.js Show response office365-parsec-280413.uc.r.appspot.com/	86 KB 35 KB	163ms 157ms	Script application/javascript	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://office365-parsec-280413.uc.r.appspot.com/hna.js Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:00 GMT Content-Encoding gzip Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type application/javascript X-Cloud-Trace-Context 86cd23dbaed632aefe6aa1cab50df2be Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:00 GMT
GET H/1.1	200 OK	honest.jpg office365-parsec-280413.uc.r.appspot.com/img/	277 KB 277 KB	168ms 167ms	Image image/jpeg	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://office365-parsec-280413.uc.r.appspot.com/img/honest.jpg Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:01 GMT Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type image/jpeg X-Cloud-Trace-Context a3038b66e8734ced2cecbdc8df1f4773;o=1 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:01 GMT
GET H/1.1	200 OK	humn.png office365-parsec-280413.uc.r.appspot.com/img/	47 KB 47 KB	184ms 183ms	Image image/png	2a00:1450:4001:809::2014 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://office365-parsec-280413.uc.r.appspot.com/img/humn.png Requested by Host: office365-parsec-280413.uc.r.appspot.com URL: http://office365-parsec-280413.uc.r.appspot.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:809::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `23bf5f1f64a76706c1324f161865d0c6d4b74f3a67dea4e2497b4a03a74c0d2c` Request headers Referer http://office365-parsec-280413.uc.r.appspot.com/css/render.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 05 Jul 2020 03:04:01 GMT Server Google Frontend ETag "2Me4ug" Transfer-Encoding chunked Content-Type image/png X-Cloud-Trace-Context 9f2ab6579d6c6e827d4edc3db2122f25;o=1 Cache-Control public, max-age=600 Expires Sun, 05 Jul 2020 03:14:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| empty

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: http://office365-parsec-280413.uc.r.appspot.com/hna.js(Line 2) Message: jQuery.Deferred exception: Cannot read property '1' of null TypeError: Cannot read property '1' of null at Function.$.urlParam (http://office365-parsec-280413.uc.r.appspot.com/:103:137) at HTMLDocument.<anonymous> (http://office365-parsec-280413.uc.r.appspot.com/:103:217) at e (http://office365-parsec-280413.uc.r.appspot.com/hna.js:2:29453) at t (http://office365-parsec-280413.uc.r.appspot.com/hna.js:2:29755) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

office365-parsec-280413.uc.r.appspot.com
2a00:1450:4001:809::2014
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12ffeca3cf0b1850e44af6a9f45a1b03d57b85270e9f9e6f8edafd3c8474d26f
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
23bf5f1f64a76706c1324f161865d0c6d4b74f3a67dea4e2497b4a03a74c0d2c
44f9aae3d8daf011ab4c7552945e6b2ca058ff468e3513210c92d793b515b7d9
6c52e71a5c3609c82f9a1f9302351e7dcfb37810570c0395ba649cfd06f0b350
9d53dd4935e62afd80b117b1317501e27917b8483fbcab4b19f6ad4e06cdca31
d6d094ac1b37248aa5e508fd296d1980c8ed37b980da3b523132c1b470f129f3
f9d72cd248c21ae926f396fa5e666aa01355f15a356f4ac8aa7f0c38a93d0c20

office365-parsec-280413.uc.r.appspot.com Open in urlscan Pro 2a00:1450:4001:809::2014 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

466 kBTransfer

709 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

office365-parsec-280413.uc.r.appspot.com Open in urlscan Pro
2a00:1450:4001:809::2014 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

466 kB
Transfer

709 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!