664320.selcdn.ru
Open in
urlscan Pro
92.53.68.205
Malicious Activity!
Public Scan
Submitted URL: https://protect-us.mimecast.com/s/oxA9CgJPkJH5M2YRf2zQzC?domain=u25311642.ct.sendgrid.net
Effective URL: https://664320.selcdn.ru/outlookservermanager/mail.htm?aHR0cHMlM0ElMkYlMkY2NTIzMDYuc2VsY2RuLnJ1JTJGb3V0bG9vb29vb2slMkZyZW...
Submission: On February 01 via manual from IN — Scanned from US
Effective URL: https://664320.selcdn.ru/outlookservermanager/mail.htm?aHR0cHMlM0ElMkYlMkY2NTIzMDYuc2VsY2RuLnJ1JTJGb3V0bG9vb29vb2slMkZyZW...
Submission: On February 01 via manual from IN — Scanned from US
Summary
This website contacted 3 IPs
in 2 countries
across 6 domains to perform 7 HTTP transactions.
The main IP is 92.53.68.205, located in
Russian Federation and
belongs to SELECTEL, RU.
The main domain is 664320.selcdn.ru.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 13th 2021. Valid for: a year.
This is the only time 664320.selcdn.ru was scanned on urlscan.io!
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 13th 2021. Valid for: a year.
This is the only time 664320.selcdn.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 205.139.111.117 205.139.111.117 | 30031 (MIMECAST-) (MIMECAST-) | |
| 1 1 | 167.89.118.28 167.89.118.28 | 11377 (SENDGRID) (SENDGRID) | |
| 2 | 92.53.68.205 92.53.68.205 | 49505 (SELECTEL) (SELECTEL) | |
| 4 8 | 162.125.4.15 162.125.4.15 | 19679 (DROPBOX) (DROPBOX) | |
| 1 | 69.16.175.10 69.16.175.10 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
| 7 | 3 |
2
205.139.111.117
(United States)
ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
| protect-us.mimecast.com |
1
167.89.118.28
(Las Vegas, United States)
ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
| u25311642.ct.sendgrid.net |
8
162.125.4.15
(New York, United States)
ASN19679 (DROPBOX, US)
ASN19679 (DROPBOX, US)
| dl.dropbox.com | |
| dl.dropboxusercontent.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
dropboxusercontent.com
dl.dropboxusercontent.com — Cisco Umbrella Rank: 13783 |
51 KB |
| 4 |
dropbox.com
4 redirects
dl.dropbox.com — Cisco Umbrella Rank: 31866 |
641 B |
| 2 |
selcdn.ru
664320.selcdn.ru |
5 KB |
| 2 |
mimecast.com
2 redirects
protect-us.mimecast.com — Cisco Umbrella Rank: 10078 |
4 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 584 |
78 KB |
| 1 |
sendgrid.net
1 redirects
u25311642.ct.sendgrid.net |
296 B |
| 7 | 6 |
| Domain | Requested by | |
|---|---|---|
| 4 | dl.dropboxusercontent.com |
664320.selcdn.ru
dl.dropboxusercontent.com |
| 4 | dl.dropbox.com | 4 redirects |
| 2 | 664320.selcdn.ru |
664320.selcdn.ru
|
| 2 | protect-us.mimecast.com | 2 redirects |
| 1 | code.jquery.com |
664320.selcdn.ru
|
| 1 | u25311642.ct.sendgrid.net | 1 redirects |
| 7 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.selcdn.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-13 - 2022-11-26 |
a year | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://664320.selcdn.ru/outlookservermanager/mail.htm?aHR0cHMlM0ElMkYlMkY2NTIzMDYuc2VsY2RuLnJ1JTJGb3V0bG9vb29vb2slMkZyZWFkYmFuNy5odG0=&sig=DyyprycqEcaHWtFyPNzekH888JTactyCGrR7J3cRA14h&iat=1641863222&a=%7C%7C477325787%7C%7C&account=borisc062728219%2Eactivehosted%2Ecom&email=tJffu5FNegji7c1XvVDoTHwFoqDlMHNmyq65fGLdufk%3D&s=ea1b905345d7f36a11781aea9294c278&i=1A3A1A7
Frame ID: 917E0FF22C45456FE9812F78A7978221
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://protect-us.mimecast.com/s/oxA9CgJPkJH5M2YRf2zQzC?domain=u25311642.ct.sendgrid.net
HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVtmSozgW_ZUMP5ezQBISVMxS3ne8r5MTGUISGLMmCLx01AfN83xC_9gIZ_VUZnZ... HTTP 307
https://u25311642.ct.sendgrid.net/ls/click?upn=G-2Bvo-2Bw7thwYwZziCT6RPNLY0tYaOamQbbRa0gtMjd-2B2r9MMCbbLN9gGa7... HTTP 302
https://664320.selcdn.ru/outlookservermanager/redbishop.htm Page URL
- https://664320.selcdn.ru/outlookservermanager/mail.htm?aHR0cHMlM0ElMkYlMkY2NTIzMDYuc2VsY2RuLnJ1JTJGb3... Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-us.mimecast.com/s/oxA9CgJPkJH5M2YRf2zQzC?domain=u25311642.ct.sendgrid.net
HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVtmSozgW_ZUMP5ezQBISVMxS3ne8r5MTGUISGLMmCLx01AfN83xC_9gIZ_VUZnZ3zDxU2CHQ3XR1rjhXv9Qylsral1oq4vj6GFxD8dXNaByEfixFlIZCJvEjS6Lap1qYsNoX_VMtE0z4qZR-JNQcI4iJhS1D0zSlU7HApxqVkrKjH7uJCv3L0_d5JGKZP9W-_ENJXD8UNo2Emj7VpFoxj_w899ViIgqfap-eavmR6netIABTpiGdMUSIaxiuEMh1KLMcoVPDolhoSBDnNy9g4LsfgQIJBAzumpCaUNMMakCVrcaFJgyLIAgcrPxNZFkcGQKaLjSYBYAyoxyJe7yIG_dgGmaOwBZxLZNyyLHggmIMTWHqCLjEvBtnSSKXPzsBBfPqmr4CFYk8p554-py5zASgnsvCcQR_3bl_q4wME5Bvnz4i7CT8-niU0XtkuWa5zKJAKIgBJQYhjkWIBiHQdAMbmkMJJLqDPiLrWBwDRC3lYegMA-wiBizhaA7AusMIVrthzLF0qlHOATYBcplLXOoQCh3O3yEruI4I5zrnLkUqrlZFVPDqKqwLHfZHyP6cBN4iK8VFPn1WCIVvwQQmNrU_QVMqh3doMh0QjJBLoKb2Y7mOOqImZi67r6trGjNcSDH9iCaCkCJAqTpV3EUAAsItiygAoOsgRxAdQQp1F3NMEIc65eq0OwZSFXMZB-57NJGGCTccIFQVEbMsZhgmNzXEiGOarob-CM2fk8Dv0UxD6sdv4YRIQ9_--U1xCfcVi1S8M4jVLPV57QsyFX84uQJdM5SIKrKptdbLhmE2dIsoK3p3aB0FC9aL8atAEYaSNRhT0zyi-VHNFD9YXH1AlAj10zFVJKFp1BQagyZwdV0dK6YTs3KJeaY8TkfP5Ud5lcjAxDQtgqsnNpAaX9_ViN7J3jy-ioj64XeSzAvnVGUU_fqvzGf0YfLrv0s_fFDKiktF_pDTUDwk7sMqo8xNYvEgk4eNyPxbEj_8HyQsIzlJiljhVStyKbLIqlWosd-hVfH6DwJWaPup_4Z_49_O8kit9ulhVq18L9V9M3fN_8rmbs6T6F5kZf8nRq8FF3lVY8MAJsRYI-AV-x8J_jefVnf68AG9D3n9rGp9zP-9wk_vQh2TR9N6tMAjsO7yY5LLu-Yis3PGAv6YFNKpSlK_--ci5l7m88dYKLtvryWzE656ZU3TsJr7qXp9G1fJotyr8Kn9RWs1jW24ui1G9dEOzv2Nd86M-VdPJGnC634eyZTXUR3-rXJ67QZSfTM1oAHFnFAHQDUcqJMqaJGFSnOUMs2_PH1--lxUGtWwwSOT7_P8HOZPn1nos-DvRRr_tVcHzTJRw5nI43l_Ptz81govZvZ4r8k9ndJo7jgLqnlycuLKDGTWZNJynLFteT1KJobdmhT6aD0MTu1i7o-6qzro5pGZQj1thrAPi0Yl4bd-3p9GeU_LD40yCJTI67Vut3Mv7bh9nsxbh_VyIA942jnsFuv-ZuE2z96gN3TmddhW_wyV6-c4aG5UDmhVjlSAoZXd9mxxc_31LjojFi5z_dyZJKdkNFZWdjws5HW3VZaxb6RlY192NliyzY7gtVVMoLdex6a_G7bJ0e5Ve1OdKTydDw54eQmHqMPt0jukc5Zel52WMZIbfWHQi0Ab-wiKqBxYLg-TaieDeZqI1DIbxzxuZAIG1ZpRWw1HcO6qwPujJgrUmK295nbm6JNNs2HRojn3IxwPeTdYDtuwVOZhsDs2HL5Pktmg7ImZvTpAIQ3ZpPvjmOnd9nAzmK-Dwa01UVF7p7Sq23RProkIb-qduqvpujfakOHQO2p6MXWbdjJpL2O7I6v4ha0GLXuBRdA9LsL-qdzfSs_HztHEqDjvQb5lxc5_afB50PB6obLeI30zEIG9MoWwZuOpfQvnmQzwct9cDS7NIMAdw-peZevWuIVJlE-7nLWE1ghGJRssWusdm8xas2urvDoXb3W4kF56dvJLgtoN_-JWOa-lOX0h6m2wGuXwEmArXrHDeBqXJE2Re9rq8tYVJ77gdFNsbfc8uvjdhTwYyelSgbvYzfrZzdP3jvo80PYiWfcaMcK1BI_tJZrqF5U3HZyv5ZZdW23LMLoMeUG73WAHJPcDTe3S9YquM6P5MrE71o7BeHbqrwByomIdR9bESxetjWlUJ3umVuwvWlubLZL9TDQSoxylzb41vt4yui3zcefsWOFyU8Hd2B_Utet2OfkliU9oOmtjHlXH4XDRTT3XW-Oryt1p9HjL8of-rEcnw57U28v0uh9qXabuwnGvbB3OPZsWaCtDHoXjotsPVl34sjbsc1NOQ7jqD7vU81tH2PRLM-hLvWMnzL6GxLiMuvqpCQM_vq7z69Tbd7X1HDjhVAwtrDU7dtgsg5a9U0ctm8G27oBRFGfxbTRdLpIJiC7j2PLWDZf3Zo1Fu7S7L6Ldx71TvAyLXkeqD7u5va67jW3YnabRWk0zOljARATFzurTogAnp2oIVTP3nlldPBe5pj_rwHguuRrrOnz-0cmeX4lNGUDt-XvHqyserWNdQ0pnkIpSveLOngcw9TAZTWcvWx4bvg_r9LadKz1TnkkkMvbKw-8bpfBebxFplkh1KakX-WN1mWE0l_em--0_Go0XEw HTTP 307
https://u25311642.ct.sendgrid.net/ls/click?upn=G-2Bvo-2Bw7thwYwZziCT6RPNLY0tYaOamQbbRa0gtMjd-2B2r9MMCbbLN9gGa7M5NCMu1KUJkjDuQiKFT-2Fsm8p31pBl3H3uAT-2FdzHsHOmsG0sZAvkk-2FgGCzzwGpEfHdoQCZUSItZ6OEZXRUHVRfBwgIGJbQ-3D-3Dr4vU_nkBV-2B4TvK-2FJ9rzYcRzfiUXmw4clSs1wEMojoKL-2BNnJutyXW-2Fni5pvAYvEV6tcVX76U9uM3gUUn8iXJD7hNGd-2Bdd1ljwZb2qqlJ4EdNvgZpQcpySEC5KtV1R5axe4VNh2umvI9fdlok-2FIQpoep98AhsnAre3kW-2FmD-2Fh2wF-2BYh0eu4APUgBWPb1MVBA9auBQim6nJdFkSJD3v-2FlkXhAbdYooPIvGePNTZ3et5tBaYhLc1FDJVIQUkIzCM-2BGjp-2BwOY7yoelz-2BafTOUGKV7JJgh01uOfBNoMDSnNEtv-2FuN-2F0rq3ukFhRlHjvYzvgi6bh864uwY2sWcuXiqAdQkAgGl-2FY41VIekNT8ee9PLONzlQrtk6SYBTIxBkk6E59FytCzAzlomsOFdcCe0AkKvcIRCUXcMPCPyCvybxgTZx7Gpwbsxo4DAixf-2BaUt8Oq7-2BITKs3xk69nTcZLOnv7pp4fjW1tzFejdRdaVuWNfwKxiFRtZ5ojxF-2BRXPHrzg1Ybets4WxtcFymc7d0o6LNS4O1x9PLaIwyvWcyCD955Fc4gkDDAcZ4tYI0-2FfguFbPasSoNE9Xc3nPjHT24bmuUnm9MgpRCV85-2FsP-2BHRCWNcRoYPeAo5vKpBH9LyzraWvsLEwb9lSVv-2FAYZd09zxjiv7nj4OPD6dm-2BYZx181s1CLyXPHbAGdC9iJiPGaMJGt1DSpyYJ0Fc26anGvCZwGNau4WtldmlLuFHkTF3qU5NwBtOl3THJFagiCh3Biv8kHt1ENocNyl75xKF1jB3kinyUsyOgYF0UQ2blOeJ960BENlBvkCNXGePrP3D1b2KmnrnzKOSRoM2mxLn9gUAfdGPARDvNFqeDH6GjnSluGEtT-2BWyUFAWlFOpmU-2BraIR3oekuX9Hauu2jb HTTP 302
https://664320.selcdn.ru/outlookservermanager/redbishop.htm Page URL
- https://664320.selcdn.ru/outlookservermanager/mail.htm?aHR0cHMlM0ElMkYlMkY2NTIzMDYuc2VsY2RuLnJ1JTJGb3V0bG9vb29vb2slMkZyZWFkYmFuNy5odG0=&sig=DyyprycqEcaHWtFyPNzekH888JTactyCGrR7J3cRA14h&iat=1641863222&a=%7C%7C477325787%7C%7C&account=borisc062728219%2Eactivehosted%2Ecom&email=tJffu5FNegji7c1XvVDoTHwFoqDlMHNmyq65fGLdufk%3D&s=ea1b905345d7f36a11781aea9294c278&i=1A3A1A7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://protect-us.mimecast.com/s/oxA9CgJPkJH5M2YRf2zQzC?domain=u25311642.ct.sendgrid.net HTTP 307
- https://protect-us.mimecast.com/redirect/eNqtVtmSozgW_ZUMP5ezQBISVMxS3ne8r5MTGUISGLMmCLx01AfN83xC_9gIZ_VUZnZ3zDxU2CHQ3XR1rjhXv9Qylsral1oq4vj6GFxD8dXNaByEfixFlIZCJvEjS6Lap1qYsNoX_VMtE0z4qZR-JNQcI4iJhS1D0zSlU7HApxqVkrKjH7uJCv3L0_d5JGKZP9W-_ENJXD8UNo2Emj7VpFoxj_w899ViIgqfap-eavmR6netIABTpiGdMUSIaxiuEMh1KLMcoVPDolhoSBDnNy9g4LsfgQIJBAzumpCaUNMMakCVrcaFJgyLIAgcrPxNZFkcGQKaLjSYBYAyoxyJe7yIG_dgGmaOwBZxLZNyyLHggmIMTWHqCLjEvBtnSSKXPzsBBfPqmr4CFYk8p554-py5zASgnsvCcQR_3bl_q4wME5Bvnz4i7CT8-niU0XtkuWa5zKJAKIgBJQYhjkWIBiHQdAMbmkMJJLqDPiLrWBwDRC3lYegMA-wiBizhaA7AusMIVrthzLF0qlHOATYBcplLXOoQCh3O3yEruI4I5zrnLkUqrlZFVPDqKqwLHfZHyP6cBN4iK8VFPn1WCIVvwQQmNrU_QVMqh3doMh0QjJBLoKb2Y7mOOqImZi67r6trGjNcSDH9iCaCkCJAqTpV3EUAAsItiygAoOsgRxAdQQp1F3NMEIc65eq0OwZSFXMZB-57NJGGCTccIFQVEbMsZhgmNzXEiGOarob-CM2fk8Dv0UxD6sdv4YRIQ9_--U1xCfcVi1S8M4jVLPV57QsyFX84uQJdM5SIKrKptdbLhmE2dIsoK3p3aB0FC9aL8atAEYaSNRhT0zyi-VHNFD9YXH1AlAj10zFVJKFp1BQagyZwdV0dK6YTs3KJeaY8TkfP5Ud5lcjAxDQtgqsnNpAaX9_ViN7J3jy-ioj64XeSzAvnVGUU_fqvzGf0YfLrv0s_fFDKiktF_pDTUDwk7sMqo8xNYvEgk4eNyPxbEj_8HyQsIzlJiljhVStyKbLIqlWosd-hVfH6DwJWaPup_4Z_49_O8kit9ulhVq18L9V9M3fN_8rmbs6T6F5kZf8nRq8FF3lVY8MAJsRYI-AV-x8J_jefVnf68AG9D3n9rGp9zP-9wk_vQh2TR9N6tMAjsO7yY5LLu-Yis3PGAv6YFNKpSlK_--ci5l7m88dYKLtvryWzE656ZU3TsJr7qXp9G1fJotyr8Kn9RWs1jW24ui1G9dEOzv2Nd86M-VdPJGnC634eyZTXUR3-rXJ67QZSfTM1oAHFnFAHQDUcqJMqaJGFSnOUMs2_PH1--lxUGtWwwSOT7_P8HOZPn1nos-DvRRr_tVcHzTJRw5nI43l_Ptz81govZvZ4r8k9ndJo7jgLqnlycuLKDGTWZNJynLFteT1KJobdmhT6aD0MTu1i7o-6qzro5pGZQj1thrAPi0Yl4bd-3p9GeU_LD40yCJTI67Vut3Mv7bh9nsxbh_VyIA942jnsFuv-ZuE2z96gN3TmddhW_wyV6-c4aG5UDmhVjlSAoZXd9mxxc_31LjojFi5z_dyZJKdkNFZWdjws5HW3VZaxb6RlY192NliyzY7gtVVMoLdex6a_G7bJ0e5Ve1OdKTydDw54eQmHqMPt0jukc5Zel52WMZIbfWHQi0Ab-wiKqBxYLg-TaieDeZqI1DIbxzxuZAIG1ZpRWw1HcO6qwPujJgrUmK295nbm6JNNs2HRojn3IxwPeTdYDtuwVOZhsDs2HL5Pktmg7ImZvTpAIQ3ZpPvjmOnd9nAzmK-Dwa01UVF7p7Sq23RProkIb-qduqvpujfakOHQO2p6MXWbdjJpL2O7I6v4ha0GLXuBRdA9LsL-qdzfSs_HztHEqDjvQb5lxc5_afB50PB6obLeI30zEIG9MoWwZuOpfQvnmQzwct9cDS7NIMAdw-peZevWuIVJlE-7nLWE1ghGJRssWusdm8xas2urvDoXb3W4kF56dvJLgtoN_-JWOa-lOX0h6m2wGuXwEmArXrHDeBqXJE2Re9rq8tYVJ77gdFNsbfc8uvjdhTwYyelSgbvYzfrZzdP3jvo80PYiWfcaMcK1BI_tJZrqF5U3HZyv5ZZdW23LMLoMeUG73WAHJPcDTe3S9YquM6P5MrE71o7BeHbqrwByomIdR9bESxetjWlUJ3umVuwvWlubLZL9TDQSoxylzb41vt4yui3zcefsWOFyU8Hd2B_Utet2OfkliU9oOmtjHlXH4XDRTT3XW-Oryt1p9HjL8of-rEcnw57U28v0uh9qXabuwnGvbB3OPZsWaCtDHoXjotsPVl34sjbsc1NOQ7jqD7vU81tH2PRLM-hLvWMnzL6GxLiMuvqpCQM_vq7z69Tbd7X1HDjhVAwtrDU7dtgsg5a9U0ctm8G27oBRFGfxbTRdLpIJiC7j2PLWDZf3Zo1Fu7S7L6Ldx71TvAyLXkeqD7u5va67jW3YnabRWk0zOljARATFzurTogAnp2oIVTP3nlldPBe5pj_rwHguuRrrOnz-0cmeX4lNGUDt-XvHqyserWNdQ0pnkIpSveLOngcw9TAZTWcvWx4bvg_r9LadKz1TnkkkMvbKw-8bpfBebxFplkh1KakX-WN1mWE0l_em--0_Go0XEw HTTP 307
- https://u25311642.ct.sendgrid.net/ls/click?upn=G-2Bvo-2Bw7thwYwZziCT6RPNLY0tYaOamQbbRa0gtMjd-2B2r9MMCbbLN9gGa7M5NCMu1KUJkjDuQiKFT-2Fsm8p31pBl3H3uAT-2FdzHsHOmsG0sZAvkk-2FgGCzzwGpEfHdoQCZUSItZ6OEZXRUHVRfBwgIGJbQ-3D-3Dr4vU_nkBV-2B4TvK-2FJ9rzYcRzfiUXmw4clSs1wEMojoKL-2BNnJutyXW-2Fni5pvAYvEV6tcVX76U9uM3gUUn8iXJD7hNGd-2Bdd1ljwZb2qqlJ4EdNvgZpQcpySEC5KtV1R5axe4VNh2umvI9fdlok-2FIQpoep98AhsnAre3kW-2FmD-2Fh2wF-2BYh0eu4APUgBWPb1MVBA9auBQim6nJdFkSJD3v-2FlkXhAbdYooPIvGePNTZ3et5tBaYhLc1FDJVIQUkIzCM-2BGjp-2BwOY7yoelz-2BafTOUGKV7JJgh01uOfBNoMDSnNEtv-2FuN-2F0rq3ukFhRlHjvYzvgi6bh864uwY2sWcuXiqAdQkAgGl-2FY41VIekNT8ee9PLONzlQrtk6SYBTIxBkk6E59FytCzAzlomsOFdcCe0AkKvcIRCUXcMPCPyCvybxgTZx7Gpwbsxo4DAixf-2BaUt8Oq7-2BITKs3xk69nTcZLOnv7pp4fjW1tzFejdRdaVuWNfwKxiFRtZ5ojxF-2BRXPHrzg1Ybets4WxtcFymc7d0o6LNS4O1x9PLaIwyvWcyCD955Fc4gkDDAcZ4tYI0-2FfguFbPasSoNE9Xc3nPjHT24bmuUnm9MgpRCV85-2FsP-2BHRCWNcRoYPeAo5vKpBH9LyzraWvsLEwb9lSVv-2FAYZd09zxjiv7nj4OPD6dm-2BYZx181s1CLyXPHbAGdC9iJiPGaMJGt1DSpyYJ0Fc26anGvCZwGNau4WtldmlLuFHkTF3qU5NwBtOl3THJFagiCh3Biv8kHt1ENocNyl75xKF1jB3kinyUsyOgYF0UQ2blOeJ960BENlBvkCNXGePrP3D1b2KmnrnzKOSRoM2mxLn9gUAfdGPARDvNFqeDH6GjnSluGEtT-2BWyUFAWlFOpmU-2BraIR3oekuX9Hauu2jb HTTP 302
- https://664320.selcdn.ru/outlookservermanager/redbishop.htm
- https://dl.dropbox.com/s/ul130pc7ogaain7/style.css?dl=0 HTTP 302
- https://dl.dropboxusercontent.com/s/ul130pc7ogaain7/style.css?dl=0
- https://dl.dropbox.com/s/qjpq5tigs0niekw/microsoft_logo.png?dl=0 HTTP 302
- https://dl.dropboxusercontent.com/s/qjpq5tigs0niekw/microsoft_logo.png?dl=0
- https://dl.dropbox.com/s/5own3543rbdlh4e/arrow_left.svg?dl=0 HTTP 302
- https://dl.dropboxusercontent.com/s/5own3543rbdlh4e/arrow_left.svg?dl=0
- https://dl.dropbox.com/s/dvpb0de2lrx83z4/pool.PNG?dl=0 HTTP 302
- https://dl.dropboxusercontent.com/s/dvpb0de2lrx83z4/pool.PNG?dl=0
7 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
redbishop.htm
664320.selcdn.ru/outlookservermanager/ Redirect Chain
|
759 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
mail.htm
664320.selcdn.ru/outlookservermanager/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
dl.dropboxusercontent.com/s/ul130pc7ogaain7/ Redirect Chain
|
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
microsoft_logo.png
dl.dropboxusercontent.com/s/qjpq5tigs0niekw/ Redirect Chain
|
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
arrow_left.svg
dl.dropboxusercontent.com/s/5own3543rbdlh4e/ Redirect Chain
|
513 B 817 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.9.1.js
code.jquery.com/ |
262 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pool.PNG
dl.dropboxusercontent.com/s/dvpb0de2lrx83z4/ Redirect Chain
|
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| feedUpdateResponse object| feedUpdateSplit number| x string| che function| $ function| jQuery number| count1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .dropboxusercontent.com/ | Name: uc_session Value: 5Ke1beOCCJoYkQTm4ENcrYj10XIPf0OCuzKvwcHR3evFgNFjpoASmm6AgMCxUa2p |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
664320.selcdn.ru
code.jquery.com
dl.dropbox.com
dl.dropboxusercontent.com
protect-us.mimecast.com
u25311642.ct.sendgrid.net
162.125.4.15
167.89.118.28
205.139.111.117
69.16.175.10
92.53.68.205
29680587532b1672993ed88d866663827e570bc1e8ee22830507c9e61534cc5e
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
74a1c3fde328c3ab13a7053c250470ea34a00cd5ae6fe30dc0d8a4cc64479565
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
9ad5de4d4f58a6ded48ca76851d8beaf0cf66a7c2e17106877489b4951a28276
c2978076ef9a030266a1f26f94d7d07eae85f0f2458652ec7e7f25afe230f354
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c