enterprise-security.us-southeast-1.linodeobjects.com
Open in
urlscan Pro
2600:3c02::f03c:92ff:fe32:7a8a
Malicious Activity!
Public Scan
Effective URL: https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2F...
Submission: On October 31 via api from US — Scanned from US
Summary
TLS certificate: Issued by R11 on September 19th 2024. Valid for: 3 months.
This is the only time enterprise-security.us-southeast-1.linodeobjects.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OneDrive (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2600:3c02::f0... 2600:3c02::f03c:92ff:fe32:7a8a | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
4 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:20:... 2606:4700:20::681a:82c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:81e::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 151.101.193.229 151.101.193.229 | 54113 (FASTLY) (FASTLY) | |
3 | 142.250.65.227 142.250.65.227 | 15169 (GOOGLE) (GOOGLE) | |
17 | 8 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
enterprise-security.us-southeast-1.linodeobjects.com |
ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311 |
305 KB |
3 |
gstatic.com
fonts.gstatic.com |
54 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
6 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
2 KB |
2 |
linodeobjects.com
enterprise-security.us-southeast-1.linodeobjects.com |
1 KB |
1 |
ipapi.co
ipapi.co — Cisco Umbrella Rank: 16407 |
1 KB |
17 | 6 |
Domain | Requested by | |
---|---|---|
7 | cdn.jsdelivr.net |
enterprise-security.us-southeast-1.linodeobjects.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdnjs.cloudflare.com |
cdn.jsdelivr.net
|
2 | fonts.googleapis.com |
cdn.jsdelivr.net
|
2 | enterprise-security.us-southeast-1.linodeobjects.com |
cdn.jsdelivr.net
|
1 | ipapi.co |
cdn.jsdelivr.net
|
17 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
us-southeast-1.linodeobjects.com R11 |
2024-09-19 - 2024-12-18 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-07-30 - 2025-08-31 |
a year | crt.sh |
ipapi.co WE1 |
2024-09-02 - 2024-12-01 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
cdnjs.cloudflare.com WE1 |
2024-09-28 - 2024-12-27 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D
Frame ID: 78CB0C8F747BB07E0E08B9BBE9CD6E01
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Microsoft OneDrivePage URL History Show full URLs
- https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a... Page URL
- https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44... Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a637ff0d2m2wuug9e=U2FsdGVkX1%2BQuHWsjwSW4l6kpPPcHsJnZe3P%2BUCnmONWzH0HasmTJtUQqXMfs1nEojl0u2dbP5AZSeG%2BW3zxhu1R4IAX%2Bhb%2Bn3oJ%2BNs9adE0tL2Ok25Kwz6SvWlx4noE2G7l7h2X2377xBQ%2BbA%2Fh0AEGCXP5j4ch7JvHk5yYdzwvXTubXM2OqkOI2v75XdoXHyKF9QkfyEyMKIE4TA Page URL
- https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html
enterprise-security.us-southeast-1.linodeobjects.com/ |
362 B 697 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
447436dd-ec93-4348-96a7-8d2b6be772c9.js
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
1 MB 212 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipapi.co/json/ |
776 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
23 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
37 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
685 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html
enterprise-security.us-southeast-1.linodeobjects.com/ |
362 B 697 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa37e6e4fd65b2e85394.ico
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
3 KB 3 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
447436dd-ec93-4348-96a7-8d2b6be772c9.js
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
1 MB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
23 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
37 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
685 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
847fc5ec58b3a0af255c.svg
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
07308ee98aa47f067087.jpg
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa37e6e4fd65b2e85394.ico
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
3 KB 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
59947dbf5efae9de77d2.png
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OneDrive (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| a0_0x50ba function| a0_0x1f1b0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
enterprise-security.us-southeast-1.linodeobjects.com
fonts.googleapis.com
fonts.gstatic.com
ipapi.co
142.250.65.227
151.101.193.229
2600:3c02::f03c:92ff:fe32:7a8a
2606:4700:20::681a:82c
2606:4700::6811:190e
2607:f8b0:4006:81e::200a
2a04:4e42:400::485
18135829acd90e2bf629bc154a811de8f0f9ae25bca1d0555150562d2677c6fe
1dd6b37f3b96f71636d71fcb933493ba7f46a973a2a3f0cebf0cadf14ad855ca
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3f9f57bcdbc4feb60c430438d55352adf8442e77624a2754dd084204adf5418e
42e7fa075a3c7f7d20b5828b55fa1ac66b6dab81ae77852dbf7220c70d56b9fe
5fe991e3985f36c957bc2a0b9a212052210b988b5536059e5fe8544a5104eb19
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
93cacbb2f74c55645024c9823873891b4633146a9f6f61c8be080d72924fd0b8
9ac552c9c42db29135a722f8e7c2d897257115f50432180518b3b63ccf2e6078
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ae9cc64390a76c779bd0da29fcff4dd063438985d6f9c331c3b984534dd5e6cf
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de35e1476372d3afbc25fc0ac689d7933145099fbd36d63cf049fa6de4814808