urlscan.io logo urlscan.io
SecurityTrails logo

ds-overseas.com Open in urlscan Pro
162.210.98.9  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=...
Submission: On June 09 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 162.210.98.9, located in Pompano Beach, United States and belongs to STEADFAST - Steadfast, US. The main domain is ds-overseas.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 29th 2018. Valid for: 3 months.
This is the only time ds-overseas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
5 162.210.98.9 32748 (STEADFAST)
1 87.248.118.22 10310 (YAHOO-1)
4 216.58.207.67 15169 (GOOGLE)
1 42.200.210.96 4760 (HKTIMS-AP...)
1 123.58.177.104 45062 (NETEASE-A...)
1 104.19.199.151 13335 (CLOUDFLAR...)
4 216.58.207.74 15169 (GOOGLE)
18 8
5    162.210.98.9 (Pompano Beach, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: servinetangola.net
ds-overseas.com
1    87.248.118.22 (United Kingdom)

ASN10310 (YAHOO-1 - Yahoo!, US)
PTR: e1.ycpi.vip.deb.yahoo.com
mail.yahoo.com
4    216.58.207.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f3.1e100.net
ssl.gstatic.com
www.gstatic.com
1    42.200.210.96 (Central District, Hong Kong)

ASN4760 (HKTIMS-AP PCCW Limited, HK)
PTR: 42-200-210-96.static.imsbiz.com
mxmail.optimumelectronics.com
1    123.58.177.104 (Hangzhou, China)

ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN)
PTR: m104-177.yeah.net
mail.yeah.net
1    104.19.199.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
4    216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net
translate.googleapis.com
Domain Requested by
5 ds-overseas.com ds-overseas.com
4 translate.googleapis.com ds-overseas.com
translate.googleapis.com
3 www.gstatic.com ds-overseas.com
1 ajax.cloudflare.com ds-overseas.com
1 mail.yeah.net ds-overseas.com
1 mxmail.optimumelectronics.com ds-overseas.com
1 ssl.gstatic.com ds-overseas.com
1 mail.yahoo.com ds-overseas.com
0 a.gfx.ms Failed ds-overseas.com
18 9

This site contains links to these domains. Also see Links.

Domain
translate.google.com
Subject Issuer Validity Valid
ds-overseas.com
cPanel, Inc. Certification Authority		 2018-03-29 -
2018-06-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Frame ID: 6BFFB9012E3A718857EF7829D344EBE7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^CloudFlare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

18
Requests

28 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

249 kB
Transfer

418 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://mail.yahoo.com/favicon.ico HTTP 307
  • https://mail.yahoo.com/favicon.ico

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ii.php
ds-overseas.com/admin/New/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.210.98.9 Pompano Beach, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
servinetangola.net
Software
Apache / PHP/5.6.36
Resource Hash
bffa867ae618f84f1e2fe5fd37ad77141dace73cd04120bb84d5d7bd0cf87048

Request headers

Host
ds-overseas.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6BFFB9012E3A718857EF7829D344EBE7

Response headers

Date
Sat, 09 Jun 2018 01:53:40 GMT
Server
Apache
X-Powered-By
PHP/5.6.36
Content-Length
4236
Keep-Alive
timeout=5, max=150
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.css
ds-overseas.com/admin/New/files/ 		127 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ds-overseas.com/admin/New/files/bootstrap.css
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.210.98.9 Pompano Beach, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
servinetangola.net
Software
Apache /
Resource Hash
be54569ad29e803e8c1a22574e149778dde6194648dc210bcede46bd7a48733f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ds-overseas.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Jun 2018 01:53:40 GMT
Last-Modified
Sun, 30 Mar 2014 10:28:30 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=149
Content-Length
130182
navbar.css
ds-overseas.com/admin/New/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ds-overseas.com/admin/New/navbar.css
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.210.98.9 Pompano Beach, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
servinetangola.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ds-overseas.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Jun 2018 01:53:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=150
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
signin.css
ds-overseas.com/admin/New/files/ 		830 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ds-overseas.com/admin/New/files/signin.css
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.210.98.9 Pompano Beach, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
servinetangola.net
Software
Apache /
Resource Hash
9dcebc73c2ec39725812dbfef59e8d281c01d156b2a68aa20c68f0648eb49692

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ds-overseas.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Jun 2018 01:53:40 GMT
Last-Modified
Tue, 25 Mar 2014 22:46:24 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
830
element.js
ds-overseas.com/admin/New/files/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds-overseas.com/admin/New/files/element.js?cb=googleTranslateElementInit
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.210.98.9 Pompano Beach, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
servinetangola.net
Software
Apache /
Resource Hash
26cc7eaf4fbf8bcd6eb99a36db09ce948e22e14e18a92423ef5d9065f81f808b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ds-overseas.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Jun 2018 01:53:40 GMT
Last-Modified
Sat, 07 Sep 2013 17:18:08 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
1472
favicon.ico
mail.yahoo.com/
Redirect Chain
  • http://mail.yahoo.com/favicon.ico
  • https://mail.yahoo.com/favicon.ico
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.yahoo.com/favicon.ico
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
SPDY
Server
87.248.118.22 , United Kingdom, ASN10310 (YAHOO-1 - Yahoo!, US),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
74368197cb53191e522e3a73aab974d53eae8e38da694a1ed2cfa06f39176e58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 08 Jun 2018 22:56:27 GMT
via
HTTP/1.1 web13.use26.mobstor.bf1.yahoo.com UserFiberFramework/1.0, HTTP/1.1 prod-proxy59.mobstor.bf1.yahoo.com Undertow, http/1.1 e7.ycpi.deb.yahoo.com (ApacheTrafficServer [cRs f ])
x-ysws-request-id
76bd7950-a073-4ccd-978b-74c18198b663
age
10634
status
200
content-length
5430
last-modified
Fri, 08 Jun 2018 22:00:03 GMT
server
ATS
etag
"YM:1:447151a5-6322-490c-b893-c06457c5aeac00056e2885a1f3f5"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-ysws-visited-replicas
gops.use26.mobstor.vip.bf1.yahoo.com
cache-control
public
x-ysws-storage-provider
MOBSTOR
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges
bytes
content-type
image/x-icon
expires
Sat, 09 Jun 2018 23:00:01 GMT

Redirect headers

Location
https://mail.yahoo.com/favicon.ico
Non-Authoritative-Reason
HSTS
OLFav.ico
a.gfx.ms/ 		0
0
logo_strip_2x.png
ssl.gstatic.com/accounts/ui/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/logo_strip_2x.png
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
b2d3305551055e5d28aea38f218ee6ff6006afb8c80cc4f206a206bcb758df7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 10 Apr 2018 00:27:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
5189181
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
10297
x-xss-protection
1; mode=block
expires
Wed, 10 Apr 2019 00:27:19 GMT
favicon.ico
mxmail.optimumelectronics.com/mail/skins/default/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mxmail.optimumelectronics.com/mail/skins/default/images/favicon.ico
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Server
42.200.210.96 Central District, Hong Kong, ASN4760 (HKTIMS-AP PCCW Limited, HK),
Reverse DNS
42-200-210-96.static.imsbiz.com
Software
Apache/2.2.3 (CentOS) /
Resource Hash
8436b8d56ce0596f7df21bb46cac82344d082d6a1f481bd9ad3e08fe7834bf25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Jun 2018 01:53:41 GMT
Last-Modified
Fri, 14 Mar 2014 02:58:19 GMT
Server
Apache/2.2.3 (CentOS)
ETag
"d8082df-47e-4f4883df468c0"
Content-Type
text/plain; charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
1150
favicon.ico
mail.yeah.net/ 		318 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail.yeah.net/favicon.ico
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
HTTP/1.1
Server
123.58.177.104 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN),
Reverse DNS
m104-177.yeah.net
Software
nginx /
Resource Hash
43c6594eb74940c6e0fb38d55c634425860093660f4eb0cb89334608dd9947eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 09 Jun 2018 01:53:42 GMT
Last-Modified
Wed, 15 Jan 2014 09:08:09 GMT
Server
nginx
X-Cache
from gzip113-85.yeah.net
Content-Type
image/x-icon
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
318
Expires
Tue, 06 Jun 2028 01:53:42 GMT
cloudflare.min.js
ajax.cloudflare.com/cdn-cgi/nexp/dok8v=b064e16429/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/nexp/dok8v=b064e16429/cloudflare.min.js
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
SPDY
Server
104.19.199.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
79d1744b3148a4b7265a9d2006eb1f6b72fda68490c398e380cb0692aeb8c5e5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sat, 09 Jun 2018 01:53:40 GMT
content-encoding
gzip
last-modified
Thu, 07 Jun 2018 15:18:30 GMT
server
cloudflare-nginx
x-frame-options
SAMEORIGIN
etag
W/"5b194cc6-c37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
427ff745db71650b-FRA
expires
Mon, 11 Jun 2018 01:53:40 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/files/element.js?cb=googleTranslateElementInit
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
sffe /
Resource Hash
3cd4d66eacb85df0c8ac8a7223eb03f6ca859fd593dbb57a48bf15f74f5265e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sat, 09 Jun 2018 01:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jan 2017 23:15:00 GMT
server
sffe
age
3167
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
3619
x-xss-protection
1; mode=block
expires
Sat, 09 Jun 2018 02:00:53 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/files/element.js?cb=googleTranslateElementInit
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
sffe /
Resource Hash
ea4eba32bd65196888d1cd68bbe7a9c321e0c3428a6b76b978492536f236075d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sat, 09 Jun 2018 01:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2017 18:15:00 GMT
server
sffe
age
3155
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
1512
x-xss-protection
1; mode=block
expires
Sat, 09 Jun 2018 02:01:05 GMT
element_main.js
translate.googleapis.com/element/TE_20170911_00/e/js/element/ 		236 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20170911_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
sffe /
Resource Hash
868d66b32db9fc82da7450049cbba423d08934f4e36e72f07dd5c39c7693f307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 09 May 2018 10:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2647565
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
87012
x-xss-protection
1; mode=block
last-modified
Mon, 11 Sep 2017 09:50:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 May 2019 10:27:35 GMT
l
translate.googleapis.com/translate_a/ 		3 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=_callbacks____0ji6qxb04
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20170911_00/e/js/element/element_main.js
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
HTTP server (unknown) /
Resource Hash
4f5d32f84879fd1b0d606572877e4751749a16f82803b68fcd05e74b1a0fdb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sat, 09 Jun 2018 01:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
status
200
cache-control
private, max-age=86400
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
922
x-xss-protection
1; mode=block
expires
Sat, 09 Jun 2018 01:53:40 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 07 Jun 2018 08:55:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
147482
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
825
x-xss-protection
1; mode=block
expires
Fri, 07 Jun 2019 08:55:38 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 09 May 2018 03:57:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Jan 2017 15:45:00 GMT
server
sffe
age
2670979
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
910
x-xss-protection
1; mode=block
expires
Thu, 09 May 2019 03:57:21 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: ds-overseas.com
URL: https://ds-overseas.com/admin/New/ii.php?email=abuse@glume.com&amp;.rand=13vqcr8bp0gud&amp;lc=1033&amp;id=64855&amp;mkt=en-us&amp;cbcxt=mai&amp;snsc=1
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 09 May 2018 04:13:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2670029
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
1847
x-xss-protection
1; mode=block
expires
Thu, 09 May 2019 04:13:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.gfx.ms
URL
https://a.gfx.ms/OLFav.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CloudFlare object| a object| b function| googleTranslateElementInit object| google object| closure_lm_995671

0 Cookies