svagodesign.com
Open in
urlscan Pro
2001:41d0:301:11::28
Malicious Activity!
Public Scan
Submission: On January 21 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on December 1st 2020. Valid for: 3 months.
This is the only time svagodesign.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 2001:41d0:301... 2001:41d0:301:11::28 | 16276 (OVH) (OVH) | |
2 | 51.255.117.202 51.255.117.202 | 16276 (OVH) (OVH) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
14 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
svagodesign.com
svagodesign.com www.svagodesign.com |
72 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
7 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
10 | svagodesign.com |
svagodesign.com
|
2 | www.svagodesign.com |
svagodesign.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
svagodesign.com
|
14 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.att.com |
about.att.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.svagodesign.com Let's Encrypt Authority X3 |
2020-12-01 - 2021-03-01 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://svagodesign.com/wp-includes/admin-sec/view/fyomh3ckk8vpy2ejgorufzcm.php
Frame ID: 8D12FB1E55B0BFFF012F9844482E6B74
Requests: 9 HTTP requests in this frame
Frame:
https://svagodesign.com/wp-includes/admin-sec/view/images/index_1.html
Frame ID: 1A80A11EA8517369E3516A14A2E780FD
Requests: 5 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Angular (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+ ng-version="([\d.]+)"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Forgot user ID?
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Create one now
Search URL Search Domain Scan URL
Title: Learn about ZenKey
Search URL Search Domain Scan URL
Title: Legal policy center
Search URL Search Domain Scan URL
Title: Privacy policy
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Do not sell my personal information
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
fyomh3ckk8vpy2ejgorufzcm.php
svagodesign.com/wp-includes/admin-sec/view/ |
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
svagodesign.com/wp-includes/admin-sec/view/images/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
svagodesign.com/wp-includes/admin-sec/view/images/ |
8 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_1.html
svagodesign.com/wp-includes/admin-sec/view/images/ Frame 1A80 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATTAleckSans_W_Rg.woff
svagodesign.com/wp-includes/admin-sec/view/images/ |
3 KB 1 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe783faa1fd7bf12aa38e3f57d0b900ac6f03ca7.svg
svagodesign.com/wp-includes/admin-sec/view/images/ |
343 B 526 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zenkey-icon.svg
svagodesign.com/wp-includes/admin-sec/view/images/ |
373 B 556 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATTAleckSans_W_Md.woff
svagodesign.com/wp-includes/admin-sec/view/images/ |
3 KB 1 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATTAleckSans_W_BdIt.woff
svagodesign.com/wp-includes/admin-sec/view/images/ |
3 KB 1 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATTAleckSans_W_It.woff
svagodesign.com/wp-includes/admin-sec/view/images/ |
3 KB 1 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public.css
www.svagodesign.com/wp-content/plugins/minimal-coming-soon-maintenance-mode/framework/public/css/ Frame 1A80 |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ Frame 1A80 |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
svago-logo-B_Tavola-disegno-1.png
www.svagodesign.com/wp-content/uploads/2020/07/ Frame 1A80 |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 1A80 |
716 B 450 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
svagodesign.com
www.svagodesign.com
2001:41d0:301:11::28
2a00:1450:4001:803::200a
2a00:1450:4001:815::200a
51.255.117.202
0cc7ef847440cdcb032d65d3150a4cfc910785f6b6d404136c5c37cfc0eb5c52
0e83d280e36ce078cd1d301e8a02367860d245e752f308eed1201c273fccf3e4
1fe024fdfa183d42b954aca0ae343ad5087bad252db1934223bd196172018cfd
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
acd890433b5914d68ef27dbf2e2205e9307106cbd103f20e764c4d4c68ee1440
bde0c02c23f58bacdd0622f928446c1512fdc85d9c141ceabffd36aee8aba60c
c4d904138b067b49b3de234d2cde780b5063cab3881fd682d9f645196f82a514
cd58b52f231cbb2869d2f0b71e2c26ddaf95504075377ce3679af0c9832c21e4
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d7dddb0c8f2a661f87fa46abaee5262dfc90cd1bd54d49f627fd9c980db1b107