incoming-fax.myportfolio.com
Open in
urlscan Pro
151.101.64.119
Malicious Activity!
Public Scan
Effective URL: https://incoming-fax.myportfolio.com/
Submission: On May 31 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 12th 2022. Valid for: a year.
This is the only time incoming-fax.myportfolio.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.121 167.89.115.121 | 11377 (SENDGRID) (SENDGRID) | |
1 | 23.23.138.147 23.23.138.147 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 151.101.64.119 151.101.64.119 | 54113 (FASTLY) (FASTLY) | |
2 | 151.101.194.133 151.101.194.133 | 54113 (FASTLY) (FASTLY) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 162.247.243.146 162.247.243.146 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 8 |
ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net
u8907542.ct.sendgrid.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-138-147.compute-1.amazonaws.com
magenta-impossible-lute.glitch.me |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
myportfolio.com
incoming-fax.myportfolio.com cdn.myportfolio.com — Cisco Umbrella Rank: 134338 |
942 KB |
4 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 483 p.typekit.net — Cisco Umbrella Rank: 613 |
42 KB |
1 |
nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 346 |
1 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 347 |
14 KB |
1 |
glitch.me
magenta-impossible-lute.glitch.me |
7 KB |
1 |
sendgrid.net
1 redirects
u8907542.ct.sendgrid.net |
254 B |
13 | 6 |
Domain | Requested by | |
---|---|---|
4 | incoming-fax.myportfolio.com |
magenta-impossible-lute.glitch.me
incoming-fax.myportfolio.com |
3 | use.typekit.net |
incoming-fax.myportfolio.com
|
2 | cdn.myportfolio.com |
incoming-fax.myportfolio.com
cdn.myportfolio.com |
1 | bam-cell.nr-data.net |
js-agent.newrelic.com
|
1 | p.typekit.net | |
1 | js-agent.newrelic.com |
incoming-fax.myportfolio.com
|
1 | magenta-impossible-lute.glitch.me | |
1 | u8907542.ct.sendgrid.net | 1 redirects |
13 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon |
2022-02-01 - 2023-03-02 |
a year | crt.sh |
*.myportfolio.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-12 - 2023-05-13 |
a year | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-10-06 - 2022-11-07 |
a year | crt.sh |
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-10 - 2023-02-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://incoming-fax.myportfolio.com/
Frame ID: 19795B4FEF9D4B51957263D7B90A937F
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
FAXPage URL History Show full URLs
-
https://u8907542.ct.sendgrid.net/ls/click?upn=3oX6I08Kb-2BXkZY5wiJMndKCa8kypyMImMKxvMqPIY8mpmiZlmaS0gvv0ESS8t...
HTTP 302
https://magenta-impossible-lute.glitch.me/1992.html Page URL
- https://incoming-fax.myportfolio.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u8907542.ct.sendgrid.net/ls/click?upn=3oX6I08Kb-2BXkZY5wiJMndKCa8kypyMImMKxvMqPIY8mpmiZlmaS0gvv0ESS8tG5ITEgFfFuPIhCKSR0NiGYJzA-3D-3D8Slu_oeEKVhJhjOhj4zuloiT3z9pwn10JgApxRdUSebSAMrZuwIac0fyafE1t-2Fn52zfb58ooPXQc3ZZv4D04yRbT4Idr8L8gt2QvrhqTTqZIBfZkR3SArISDYpdKOcLg3shMoGwXYwyomUWWTOzrSy1bw1JURLdzJ051W2NM2wFUAj0K3DDXdZsxaCP2s7ogfaYZedDuzKRZ6CzMGhGO7s5uR3E1OQp9Fr3WjQ812NE46bqU-3D
HTTP 302
https://magenta-impossible-lute.glitch.me/1992.html Page URL
- https://incoming-fax.myportfolio.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://u8907542.ct.sendgrid.net/ls/click?upn=3oX6I08Kb-2BXkZY5wiJMndKCa8kypyMImMKxvMqPIY8mpmiZlmaS0gvv0ESS8tG5ITEgFfFuPIhCKSR0NiGYJzA-3D-3D8Slu_oeEKVhJhjOhj4zuloiT3z9pwn10JgApxRdUSebSAMrZuwIac0fyafE1t-2Fn52zfb58ooPXQc3ZZv4D04yRbT4Idr8L8gt2QvrhqTTqZIBfZkR3SArISDYpdKOcLg3shMoGwXYwyomUWWTOzrSy1bw1JURLdzJ051W2NM2wFUAj0K3DDXdZsxaCP2s7ogfaYZedDuzKRZ6CzMGhGO7s5uR3E1OQp9Fr3WjQ812NE46bqU-3D HTTP 302
- https://magenta-impossible-lute.glitch.me/1992.html
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
1992.html
magenta-impossible-lute.glitch.me/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
incoming-fax.myportfolio.com/ |
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
incoming-fax.myportfolio.com/dist/css/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
77ab20b1a594dae11484d9fbbcf392bf1653692118.css
cdn.myportfolio.com/c4eff628-7766-450d-b037-bd0f466386c1/ |
78 KB 78 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
B9mSgM2bUlJHekf6iRjH4H4lW4bTtUvKAHzhP1Xzou9fenwgfHYEBsJzwD9oFDIDWhjoFDiy5Q4qweFRwRwojDMuFRJhwQscwhs8wQMowRZyZcjuFhbkwhI-mkG0dW83da4XZcNC-Av0jhNlOfG0SY4zwKuh-AmaOcuoSeNkieZzde8zOcFzdPUlpWgzS1scdhUTd...
use.typekit.net/ik/ |
16 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translations
incoming-fax.myportfolio.com/site/ |
179 B 292 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
incoming-fax.myportfolio.com/dist/js/ |
347 KB 347 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
84c2467e-7e89-426e-8b64-9ce7817c60fa_rwc_0x0x2769x1424x4096.png
cdn.myportfolio.com/c4eff628-7766-450d-b037-bd0f466386c1/ |
490 KB 490 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/54d47a/000000000000000000017750/27/ |
17 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/3e2979/00000000000000007735a6b9/30/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1216.min.js
js-agent.newrelic.com/ |
38 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e7fb1b89a0
bam-cell.nr-data.net/1/ |
49 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| NREUM object| newrelic function| __nr_require object| __config__ object| __languages__ object| regeneratorRuntime object| core object| __core-js_shared__ object| Typekit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nr-data.net/ | Name: JSESSIONID Value: 9f9019d1a2179e3b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam-cell.nr-data.net
cdn.myportfolio.com
incoming-fax.myportfolio.com
js-agent.newrelic.com
magenta-impossible-lute.glitch.me
p.typekit.net
u8907542.ct.sendgrid.net
use.typekit.net
151.101.194.133
151.101.194.137
151.101.64.119
162.247.243.146
167.89.115.121
23.23.138.147
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
009a029a1fbe7ec1821f8884761847d0c4857770dc9aefe51c13ff36c9ac6fd2
4a30778c6846d2ddfc7bda043c30d7ada2f0d92a829c18d6330c1657de8df13a
4c7fb148dd3fbb2dd3693817feaa71b30fcf07abae676c7d9ac4973744c4c7de
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
88d1e469c9cc4a9758c36a09df0d6dea8ec1a20ac9ba451d05179e42b8da4390
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9f096217c974a5bb9cc2d1e705cd59de004eaf3efca52a9e0d5aed77aedecc1c
cfb365099ae602f8e7994580e16d7cdc2349275b0b7e70fd283bf21905813b00
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
eb8a8febab4ba720d8daa4ec344bae0bc08462f2733d7ce143d71dedf20fe756
f51a210c1fbca6d1992bcc97300273c0c4537a0b90958ccecf199ecbb2be24dc
f6291a72c6da9374f0992f97d9ce114b10429adc01c26a3252e4e30140c28554
f8ec3e3c726c8dc35393ddee3706e80882a002ba03b6482ce4f37acb1b156f6d
fe1693f5d38234eb3f45442bb27f6b73c9227158ad18d4161b70583bca1b3d73