urlscan.io logo urlscan.io
SecurityTrails logo

storage.googleapis.com Open in urlscan Pro
2a00:1450:4001:825::2010  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notification.amerifleet.com/ls/click?upn=4bwP6NwZz34OuBPuU1PUJUHlhC9EBeyiHIhyg5dVrZQZRbjt4k-2F9CuHLatgh-2Fir2815NJDQQ8bbLRdp...
Effective URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Submission: On September 16 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a00:1450:4001:825::2010, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is storage.googleapis.com.
TLS certificate: Issued by GTS CA 1O1 on August 26th 2020. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Excel / PDF download (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.54 11377 (SENDGRID)
1 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 152.199.19.160 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 5
1    167.89.123.54 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
notification.amerifleet.com
1    2a00:1450:4001:825::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
9    2606:4700:3034::681b:892d (United States)

ASN13335 (CLOUDFLARENET, US)
bomohsmtp.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 bomohsmtp.com storage.googleapis.com
bomohsmtp.com
3 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bomohsmtp.com
1 ajax.aspnetcdn.com storage.googleapis.com
1 storage.googleapis.com
1 notification.amerifleet.com 1 redirects
15 6

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-01 -
2021-08-01		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Frame ID: A285349165228999D35786382A3D4C58
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://notification.amerifleet.com/ls/click?upn=4bwP6NwZz34OuBPuU1PUJUHlhC9EBeyiHIhyg5dVrZQZRbjt4k-2F9CuHLatgh-... HTTP 302
    https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com Page URL

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

355 kB
Transfer

422 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notification.amerifleet.com/ls/click?upn=4bwP6NwZz34OuBPuU1PUJUHlhC9EBeyiHIhyg5dVrZQZRbjt4k-2F9CuHLatgh-2Fir2815NJDQQ8bbLRdpWjmorCmXOYycPLVqi7aW1pnEHj6MYWKFK7spugf01nVI7CHKlV-2BoGZ3zs3jHMm6imK2cW3Q-3D-3DSyPM_KJWchh6tSWNG3m-2BmAR4Pm4gjz5tWnpgjaP99QvKbfssnQU-2Fjv-2FOkkhANDSZBRq3-2BIB64GYmZhIdiFPP1fyuvjQPNFL7jll6EYbtV05o9aT-2FHhJkjVepXFzEviu-2BSQjPabtm3P-2B4VBjHbdY0-2FMiuCAB1iZKGmH-2FDPzIkv1s3NkAaiFYsFqY8MEkMVSwlv7Rj6TRe2ralx55JJ1c6mNclA1cGQBF8n80t7NsHuzA4Yeoa2-2FgMKguf0oIUoTEp-2BG-2F5u HTTP 302
    https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
storage.googleapis.com/aagrypnotic-93411334/
Redirect Chain
  • http://notification.amerifleet.com/ls/click?upn=4bwP6NwZz34OuBPuU1PUJUHlhC9EBeyiHIhyg5dVrZQZRbjt4k-2F9CuHLatgh-2Fir2815NJDQQ8bbLRdpWjmorCmXOYycPLVqi7aW1pnEHj6MYWKFK7spugf01nVI7CHKlV-2BoGZ3zs3jHMm6i...
  • https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
78 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
93fe5cd9b84470d81f1566f177eb4042fd2dd81ee3e06299cea0fbdb56651d36

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-guploader-uploadid
ABg5-Uxas7UZNSI8Rkldk2snOrM0YQJfNQKW0b9lKZstUJZ0y7nNqARaZX88BQPenLuKUCCbZTBY2Dz_Nx4NsFJnFAsmdj8pdA
expires
Wed, 16 Sep 2020 14:41:36 GMT
date
Wed, 16 Sep 2020 13:41:36 GMT
cache-control
public, max-age=3600
last-modified
Tue, 15 Sep 2020 12:55:20 GMT
etag
"eae7ef6165c0a29e9da25e5ca42e984e"
x-goog-generation
1600174520590531
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
79844
content-type
text/html
x-goog-hash
crc32c=3EfrNA== md5=6ufvYWXAop6dol5cpC6YTg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
79844
server
UploadServer
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Server
nginx
Date
Wed, 16 Sep 2020 13:41:35 GMT
Content-Type
text/html; charset=utf-8
Content-Length
127
Connection
keep-alive
Location
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
X-Robots-Tag
noindex, nofollow
style.css
bomohsmtp.com/email-list/excel5/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bomohsmtp.com/email-list/excel5/css/style.css
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e6645ebb24d54ab56ad09afc621f2a72aa6263451d45ab47b75708965eefd3

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Aug 2020 20:37:21 GMT
server
cloudflare
age
13760
etag
W/"5f399901-ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
5d3b0184ce6ad6e1-FRA
cf-request-id
0538bf46f80000d6e1f09de200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (waw/051F) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6195851
x-cache
HIT
status
200
content-length
30394
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 19:27:49 GMT
server
ECAcc (waw/051F)
etag
"80288516b793d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
logo.png
bomohsmtp.com/email-list/excel5/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/logo.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d301bbb4e8ced380c1975a2ca3890c0cc06a3c1c78ad6b36d45e652e7a0542d

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
6474
cf-request-id
0538bf46f80000d6e1f09e1200000001
last-modified
Sun, 16 Aug 2020 20:37:24 GMT
server
cloudflare
etag
"5f399904-194a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce74d6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gmail.png
bomohsmtp.com/email-list/excel5/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/gmail.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90b5fa6d77d3b2afe97c72215abfebe27170f1b4307c71bb83c819fc0a27b6f

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
5272
cf-request-id
0538bf46f80000d6e1f09e5200000001
last-modified
Sun, 16 Aug 2020 20:37:26 GMT
server
cloudflare
etag
"5f399906-1498"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce7bd6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
outlook.png
bomohsmtp.com/email-list/excel5/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/outlook.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8739393ae7d356ee4f7e03814cdf2cef90f2f04e7cd4a68aedb67d8f53a0ba5d

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
5608
cf-request-id
0538bf46f80000d6e1f09e2200000001
last-modified
Sun, 16 Aug 2020 20:37:24 GMT
server
cloudflare
etag
"5f399904-15e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce76d6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
aol-el.png
bomohsmtp.com/email-list/excel5/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/aol-el.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1389ce073991b5dd4f76a7922d577a0f01526402481dfd48a863245bca92904c

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
5400
cf-request-id
0538bf46f80000d6e1f09e3200000001
last-modified
Sun, 16 Aug 2020 20:37:23 GMT
server
cloudflare
etag
"5f399903-1518"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce77d6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
office.png
bomohsmtp.com/email-list/excel5/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/office.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ed507810757b0fa96725b5ede8b0e72be4cbcfee70ca664924552b41de114d

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
4511
cf-request-id
0538bf46f80000d6e1f09e4200000001
last-modified
Sun, 16 Aug 2020 20:37:26 GMT
server
cloudflare
etag
"5f399906-119f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce78d6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
yahoo.png
bomohsmtp.com/email-list/excel5/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/yahoo.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c84c6a01e844c1a29e0a3ee63d5eb5f13fae24c6c9f3455e944394406d247b9

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
4441
cf-request-id
0538bf46f80000d6e1f09e0200000001
last-modified
Sun, 16 Aug 2020 20:37:22 GMT
server
cloudflare
etag
"5f399902-1159"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce70d6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mail.png
bomohsmtp.com/email-list/excel5/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/mail.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd3e60902a4cc0387a40638316545102c2a12ef4fa0cb8105415ba47150c61b

Request headers

Referer
https://storage.googleapis.com/aagrypnotic-93411334/index.html?email=emese.weissenbacher@mann-hummel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13760
status
200
content-length
5166
cf-request-id
0538bf46f80000d6e1f09df200000001
last-modified
Sun, 16 Aug 2020 20:37:21 GMT
server
cloudflare
etag
"5f399901-142e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b0184ce6cd6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		13 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Requested by
Host: bomohsmtp.com
URL: https://bomohsmtp.com/email-list/excel5/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e91871372fcdd2a591971fe2ed042d4d4f59eee7fcc48fd4fe4b49ca54d7a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bomohsmtp.com/email-list/excel5/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 13:03:15 GMT
server
ESF
date
Wed, 16 Sep 2020 13:41:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 13:41:36 GMT
bg.jpg
bomohsmtp.com/email-list/excel5/images/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bomohsmtp.com/email-list/excel5/images/bg.jpg
Requested by
Host: bomohsmtp.com
URL: https://bomohsmtp.com/email-list/excel5/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:892d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d98e41fc1f3f2227739b3cc59a3623a1f46790d1f9187335bfa658b15a0dd7c

Request headers

Referer
https://bomohsmtp.com/email-list/excel5/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 13:41:36 GMT
cf-cache-status
HIT
age
13759
status
200
content-length
183739
cf-request-id
0538bf47260000d6e1f09eb200000001
last-modified
Sun, 16 Aug 2020 20:37:22 GMT
server
cloudflare
etag
"5f399902-2cdbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d3b01850f10d6e1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://storage.googleapis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
69660
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:20:36 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://storage.googleapis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:22:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
69525
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:22:51 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://storage.googleapis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
69660
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:20:36 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Excel / PDF download (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _0x553d function| _0x5478 object| Zlib function| $ function| jQuery function| validateEmail function| window_opener_xc function| get_extra_data function| GetURLParameter function| templatePage

0 Cookies