www.emails-verification.com Open in urlscan Pro
2001:8d8:100f:f000::200 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.emails-verification.com/
Effective URL:
https://www.emails-verification.com/
Submission: On July 23 via manual (July 23rd 2024, 9:55:11 am UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2001:8d8:100f:f000::200, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.emails-verification.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on July 22nd 2024. Valid for: a year.

This is the only time www.emails-verification.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2	2001:8d8:100f... 2001:8d8:100f:f000::200	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
5	2a02:26f0:480... 2a02:26f0:480:aae::1477	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2620:1ec:29:1... 2620:1ec:29:1::42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	203.161.61.122 203.161.61.122	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700:20:... 2606:4700:20::ac43:453b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:8af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	7

2 2001:8d8:100f:f000::200 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.emails-verification.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:aae::1477 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

store.storeimages.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:29:1::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

acctcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.161.61.122 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: mail.vrfez.com

www.nicepng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:453b (United States)

ASN13335 (CLOUDFLARENET, US)

usb.mk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:8af (United States)

ASN13335 (CLOUDFLARENET, US)

1000logos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	msauth.net acctcdn.msauth.net — Cisco Umbrella Rank: 6878	118 KB
5	cdn-apple.com store.storeimages.cdn-apple.com — Cisco Umbrella Rank: 36214	65 KB
2	emails-verification.com www.emails-verification.com	26 KB
1	1000logos.net 1000logos.net — Cisco Umbrella Rank: 155595	55 KB
1	usb.mk usb.mk	43 KB
1	nicepng.com www.nicepng.com — Cisco Umbrella Rank: 292059	19 KB
0	apple.com Failed www.apple.com Failed
17	7

	Domain	Requested by
6	acctcdn.msauth.net	www.emails-verification.com
5	store.storeimages.cdn-apple.com	www.emails-verification.com
2	www.emails-verification.com
1	1000logos.net	www.emails-verification.com
1	usb.mk	www.emails-verification.com
1	www.nicepng.com	www.emails-verification.com
0	www.apple.com Failed	www.emails-verification.com
17	7

This site contains links to these domains. Also see Links.

Domain
account.live.com

Subject Issuer	Validity	Valid
*.emails-verification.com Encryption Everywhere DV TLS CA - G2	`2024-07-22` - `2025-07-21`	a year	crt.sh
store.storeimages.cdn-apple.com Apple Public Server RSA CA 11 - G1	`2024-04-21` - `2024-10-18`	6 months	crt.sh
identitycdn.msauth.net Microsoft Azure RSA TLS Issuing CA 03	`2024-06-07` - `2025-06-02`	a year	crt.sh
nicepng.com R11	`2024-06-21` - `2024-09-19`	3 months	crt.sh
usb.mk WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
1000logos.net Cloudflare Inc ECC CA-3	`2023-09-19` - `2024-09-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.emails-verification.com/
Frame ID: B01920881D0BDFB99F57C02248186D8E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.emails-verification.com/ HTTP 307
https://www.emails-verification.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

83 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

325 kB
Transfer

910 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://account.live.com/ResetPassword.aspx?wreply=https://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d12%26ct%3d1464555863%26rver%3d6.4.6456.0%26wp%3dMBI_SSL_SHARED%26wreply%3dhttps:%252F%252Fmail.live.com%252Fm%252F%26lc%3d2057%26id%3d64855%26pcexp%3dfalse%26snsc%3d1%26bk%3d1464555865&id=64855&uiflavor=webmobile&uaid=87adf30a966d49ef86c091f5f2ce0622&mkt=EN-GB&lc=2057&bk=1464555865

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.emails-verification.com/ HTTP 307
https://www.emails-verification.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.emails-verification.com/
Redirect Chain

http://www.emails-verification.com/
https://www.emails-verification.com/

85 KB
25 KB

366ms
93ms

Document
text/html

2001:8d8:100f:f000::200
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 11d2e0a4b55972b3939b29b8569f4bb1918e0feeaf0a2a35991ed1fdc7e0b7f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 23 Jul 2024 09:55:04 GMT
etag: W/"152cb-61d8399d7098a"
last-modified: Thu, 18 Jul 2024 11:08:39 GMT
server: Apache

Redirect headers

Location: https://www.emails-verification.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 common-handheld.css
store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/ 122 KB
23 KB 120ms
23ms Stylesheet
text/css 2a02:26f0:480:aae::1477
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/common-handheld.css

Requested by

Host: www.emails-verification.com
URL: https://www.emails-verification.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:aae::1477 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

2fc556a2bd01fd5c7899476cf53a9f9192f46e1c735f872dc6c2f2415c5f29b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
access-control-request-method: GET,HEAD,OPTIONS
x-content-type-options: nosniff
x-cdn: Akam
date: Tue, 23 Jul 2024 09:55:05 GMT
strict-transport-security: max-age=31536000
x-shred: 47352cd1ba90bda06001e60e65198b1b
content-length: 23407
x-xss-protection: 1; mode=block
last-modified: Thu, 07 May 2020 07:36:00 GMT
server: Apple
etag: "1e81c-5a509ee9b5800-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-nxid: 0cbd5fa8af735d0cb8db74f98acc45a6
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=374
accept-ranges: bytes
expires: Tue, 23 Jul 2024 10:01:19 GMT

GET
H2 200 signin-handheld.css
store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/ 28 KB
6 KB 126ms
29ms Stylesheet
text/css 2a02:26f0:480:aae::1477
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/signin-handheld.css

Requested by

Host: www.emails-verification.com
URL: https://www.emails-verification.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:aae::1477 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

43002300f3e2a364bfb482ce0bf86a7679c63af93f5c1b507e4892c7b03987c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
access-control-request-method: GET,HEAD,OPTIONS
x-content-type-options: nosniff
x-cdn: Akam
date: Tue, 23 Jul 2024 09:55:05 GMT
strict-transport-security: max-age=31536000
x-shred: 229d9d1bcafebde64cbb3475f7bfdede
content-length: 5332
x-xss-protection: 1; mode=block
last-modified: Thu, 07 May 2020 07:36:00 GMT
server: Apple
etag: "6e31-5a509ee9b5800-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-nxid: 06095d706d9b839fe56472406d8fa92c
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=356
accept-ranges: bytes
expires: Tue, 23 Jul 2024 10:01:01 GMT

GET
H2 200 external.css
store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs-external/rel/us/ 45 KB
6 KB 125ms
28ms Stylesheet
text/css 2a02:26f0:480:aae::1477
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs-external/rel/us/external.css

Requested by

Host: www.emails-verification.com
URL: https://www.emails-verification.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:aae::1477 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

bcaa8554884ea8a43d6dfe30dcb14f34772bf62d0766e94ac757588af8fb38df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
access-control-request-method: GET,HEAD,OPTIONS
x-content-type-options: nosniff
x-cdn: Akam
date: Tue, 23 Jul 2024 09:55:05 GMT
strict-transport-security: max-age=31536000
x-shred: 933af768faa9eea8facee4d52228cbc4
content-length: 5512
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jun 2024 06:41:26 GMT
server: Apple
etag: "b4f9-61b387cca1180-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-nxid: 260d0630b605653ac37cc8e8458ba47a
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=332
accept-ranges: bytes
expires: Tue, 23 Jul 2024 10:00:37 GMT

GET fonts
www.apple.com/wss/ 0
0

GET
H2 200 common-handheld@2x.css
store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/ 124 KB
24 KB 14ms
13ms Stylesheet
text/css 2a02:26f0:480:aae::1477
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/common-handheld@2x.css

Requested by

Host: www.emails-verification.com
URL: https://www.emails-verification.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:aae::1477 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

011dee4d85392803f3f7aed57fd01d19f2597db44ba74151da6ee1a750dd5312

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
access-control-request-method: GET,HEAD,OPTIONS
x-content-type-options: nosniff
x-cdn: Akam
date: Tue, 23 Jul 2024 09:55:05 GMT
strict-transport-security: max-age=31536000
x-shred: d94201b9f01da776705f7c48211518ca
content-length: 24259
x-xss-protection: 1; mode=block
last-modified: Thu, 07 May 2020 07:36:00 GMT
server: Apple
etag: "1ee80-5a509ee9b5800-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-nxid: fad65f6ba5bc5cfa1e74e7f3b77656d8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=367
accept-ranges: bytes
expires: Tue, 23 Jul 2024 10:01:12 GMT

GET
H2 200 signin-handheld@2x.css
store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/ 28 KB
6 KB 15ms
15ms Stylesheet
text/css 2a02:26f0:480:aae::1477
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.storeimages.cdn-apple.com/4973/store.apple.com/shop/rs/rel/signin-handheld@2x.css

Requested by

Host: www.emails-verification.com
URL: https://www.emails-verification.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:aae::1477 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

1fa92ab83c2bd7f112d5a8d633662507a4dae1e9b3181abab070551e2f79766e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
access-control-request-method: GET,HEAD,OPTIONS
x-content-type-options: nosniff
x-cdn: Akam
date: Tue, 23 Jul 2024 09:55:05 GMT
strict-transport-security: max-age=31536000
x-shred: 49b93d879afa337bcb29e3fb842ee4c4
content-length: 5333
x-xss-protection: 1; mode=block
last-modified: Thu, 07 May 2020 07:36:00 GMT
server: Apple
etag: "6e43-5a509ee9b5800-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-nxid: 92c9cd0629193b522c11d08e5215416a
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=366
accept-ranges: bytes
expires: Tue, 23 Jul 2024 10:01:11 GMT

GET
H2 200 converged_ux_v2_z97rWL6MibhVCUeivX27gg2.css
acctcdn.msauth.net/ 93 KB
23 KB 291ms
20ms Stylesheet
text/css 2620:1ec:29:1::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://acctcdn.msauth.net/converged_ux_v2_z97rWL6MibhVCUeivX27gg2.css?v=1
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fd5f1fb891fd0a43966a44faa10eea78b0441cb84f355734f2a586a280cff8e1

Request headers

Referer: https://www.emails-verification.com/
Origin: https://www.emails-verification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jul 2024 09:55:05 GMT
content-encoding: br
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
x-ms-lease-status: unlocked
last-modified: Mon, 11 Nov 2019 21:48:23 GMT
vary: Accept-Encoding
x-azure-ref: 20240723T095505Z-r1c5885d44fh7jt2921p35myx000000006ug000000001n7t
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2feab040-b01e-004e-1ba6-db6d04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000, public
x-ms-version: 2009-09-19

GET
H2 200 jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js Show response
acctcdn.msauth.net/ 94 KB
34 KB 282ms
11ms Script
application/javascript 2620:1ec:29:1::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://acctcdn.msauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c

Request headers

Referer: https://www.emails-verification.com/
Origin: https://www.emails-verification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jul 2024 09:55:05 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 67912908
content-length: 33918
x-ms-lease-status: unlocked
last-modified: Thu, 18 Jul 2024 04:56:30 GMT
etag: 0x8DCA6E5FCE61FEE
x-azure-ref: 20240723T095505Z-r1c5885d44fh7jt2921p35myx000000006ug000000001n7v
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 611c143a-301e-010c-305d-d9dd7e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2.js Show response
acctcdn.msauth.net/ 37 KB
10 KB 280ms
9ms Script
application/javascript 2620:1ec:29:1::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://acctcdn.msauth.net/bootstrap_3.3.0_B68S-_daR6nLiLVZsh4XiA2.js?v=1
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2d37191a3ff388d282c09350ecf39a3eb9e6da48296b9ea35beccbff92d1725b

Request headers

Referer: https://www.emails-verification.com/
Origin: https://www.emails-verification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jul 2024 09:55:05 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 0
content-length: 10149
x-ms-lease-status: unlocked
last-modified: Thu, 18 Jul 2024 04:56:03 GMT
etag: 0x8DCA6E5ED0CAE00
x-azure-ref: 20240723T095505Z-r1c5885d44fh7jt2921p35myx000000006ug000000001n7u
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1106204d-601e-0062-5580-d981ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 wlivepackagefull_cHeSkPsNhc9yilRlgEedHg2.js Show response
acctcdn.msauth.net/ 57 KB
20 KB 292ms
21ms Script
application/javascript 2620:1ec:29:1::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://acctcdn.msauth.net/wlivepackagefull_cHeSkPsNhc9yilRlgEedHg2.js?v=1
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f335cee868a97809bd5569fca9e72095ed9a92b7dcc4fdcd278b406bec3ba1d5

Request headers

Referer: https://www.emails-verification.com/
Origin: https://www.emails-verification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jul 2024 09:55:05 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 19541
x-ms-lease-status: unlocked
last-modified: Tue, 25 Aug 2020 20:21:11 GMT
etag: 0x8D84934688A2BBF
x-azure-ref: 20240723T095505Z-r1c5885d44fh7jt2921p35myx000000006ug000000001n7w
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: af243bb3-501e-00b6-10d9-dbfaf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 knockout_9HcnWxbPHdJ-ovZeA-tF1g2.js Show response
acctcdn.msauth.net/ 76 KB
28 KB 293ms
22ms Script
application/javascript 2620:1ec:29:1::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://acctcdn.msauth.net/knockout_9HcnWxbPHdJ-ovZeA-tF1g2.js?v=1
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e02b6002a64d71687ee26e9bf5228bf5e79a01980e92338371bc79f6a259cedd

Request headers

Referer: https://www.emails-verification.com/
Origin: https://www.emails-verification.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jul 2024 09:55:05 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 27828
x-ms-lease-status: unlocked
last-modified: Tue, 25 Aug 2020 20:21:06 GMT
etag: 0x8D8493465B3EB43
x-azure-ref: 20240723T095505Z-r1c5885d44fh7jt2921p35myx000000006ug000000001n7x
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9b5a365f-d01e-0005-77a7-db9157000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK 345-3457051_microsoft-outlook-microsoft-outlook-2013-logo.png
www.nicepng.com/png/full/ 22 KB
19 KB 850ms
529ms Image
image/png 203.161.61.122
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nicepng.com/png/full/345-3457051_microsoft-outlook-microsoft-outlook-2013-logo.png
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.161.61.122 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: mail.vrfez.com
Software: nginx/1.14.0 /
Resource Hash: 7c5b985686edd2fbb3f8c3f4f531dc64e5ef62fd0b5a31f91a1517aaffb4562a

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:55:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Nov 2018 18:03:02 GMT
Server: nginx/1.14.0
ETag: W/"5c0029d6-5899"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H2 200 newgmaillogo.0.jpg
usb.mk/wp-content/uploads/2020/10/ 42 KB
43 KB 77ms
21ms Image
image/jpeg 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usb.mk/wp-content/uploads/2020/10/newgmaillogo.0.jpg

Requested by

Host: www.emails-verification.com
URL: https://www.emails-verification.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

427eb53aa44883b58b6bcd4910d1fce92856cdcbdade2db1954c6a2ac32e4ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:55:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194814
content-length: 42925
cf-bgj: h2pri
last-modified: Tue, 06 Oct 2020 14:08:43 GMT
server: cloudflare
etag: "5f7c7a6b-a7ad"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMwMP3QaxC1jdJ2oZNZSVQXYvqn%2FLiJzZaeC5Wp8R3o4F25AHPbBKqy0g9Ij2ExgIRyF3faVEx4lxUHvzLeV8sD99RvWts5tgWVKmUe437pOJ8QEGFtqZTJBMNhdLqUYsYFi1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8a7acaf68a04927f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Yahoo-logo.jpg
1000logos.net/wp-content/uploads/2017/05/ 55 KB
55 KB 62ms
26ms Image
image/jpeg 2606:4700:20::681a:8af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1000logos.net/wp-content/uploads/2017/05/Yahoo-logo.jpg
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e4c38e72261b9c1ff134f0b10767d87f5a8339a7cfbae03667e9c53a8cdf2b

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:55:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37814
content-length: 56036
cf-bgj: h2pri
last-modified: Sat, 10 Oct 2020 19:23:43 GMT
server: cloudflare
etag: "5f820a3f-dae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeOFY6IjsEdDg4DYunVqo2dP4qZ%2B9B1ty%2F5fPA990NqD9Q%2FfjrgJFPHd6WNkA8TlQEt6e56IbdhgngSh%2FxwwhxVXCmanqGkdJ2akQ4t54t6JkUQHRdOSYcHACq0gQ04Iy3xk189bFVl3%2Bio%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 8a7acaf66db718e3-FRA
expires: Wed, 24 Jul 2024 23:24:51 GMT

GET
H2 200 convergedbg_small_v2_Z9GCPpM7FVE8hxRSZUez6g2.jpg
acctcdn.msauth.net/images/ 3 KB
3 KB 35ms
10ms Image
image/jpeg 2620:1ec:29:1::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acctcdn.msauth.net/images/convergedbg_small_v2_Z9GCPpM7FVE8hxRSZUez6g2.jpg
Requested by: Host: www.emails-verification.com
URL: https://www.emails-verification.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d36e606f9e0b062fe0afc928875c99b8c5a931e9b29be7ec19159d6dbadf8f5b

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Jul 2024 09:55:05 GMT
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 0
content-length: 2903
x-ms-lease-status: unlocked
last-modified: Mon, 27 Apr 2020 20:36:47 GMT
etag: 0x8D7EAEAB4F69555
x-azure-ref: 20240723T095505Z-17d8f75f7d7gfctp3msg5n1g1000000006zg000000002h6h
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 9ad331d2-701e-0064-07d8-dc9891000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 404 favicon.ico
www.emails-verification.com/ 626 B
479 B 60ms
60ms Other
text/html 2001:8d8:100f:f000::200
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emails-verification.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::200 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 74ac52d11c9bb070670a89aa26554c6cb8ad9bf69376b970b119471459d9ceaf

Request headers

Referer: https://www.emails-verification.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:55:06 GMT
content-encoding: gzip
server: Apache
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.apple.com
URL: https://www.apple.com/wss/fonts?family=Myriad+Set+Pro&weights=200,300,400,500,600,700&v=2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.emails-verification.com/ Message: Blocked setting the `as_sfa=Mnx1c3x1c3x8ZW5fVVN8Y29uc3VtZXJ8aW50ZXJuZXR8MHwwfDE=; path=/; domain=.apple.com; expires=Sun, 24-May-2026 18:17:48 GMT;` cookie from a `<meta>` tag.
network	error	URL: https://www.emails-verification.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1000logos.net
acctcdn.msauth.net
store.storeimages.cdn-apple.com
usb.mk
www.apple.com
www.emails-verification.com
www.nicepng.com
www.apple.com
2001:8d8:100f:f000::200
203.161.61.122
2606:4700:20::681a:8af
2606:4700:20::ac43:453b
2620:1ec:29:1::42
2a02:26f0:480:aae::1477
011dee4d85392803f3f7aed57fd01d19f2597db44ba74151da6ee1a750dd5312
11d2e0a4b55972b3939b29b8569f4bb1918e0feeaf0a2a35991ed1fdc7e0b7f0
1fa92ab83c2bd7f112d5a8d633662507a4dae1e9b3181abab070551e2f79766e
2d37191a3ff388d282c09350ecf39a3eb9e6da48296b9ea35beccbff92d1725b
2fc556a2bd01fd5c7899476cf53a9f9192f46e1c735f872dc6c2f2415c5f29b1
427eb53aa44883b58b6bcd4910d1fce92856cdcbdade2db1954c6a2ac32e4ad4
43002300f3e2a364bfb482ce0bf86a7679c63af93f5c1b507e4892c7b03987c2
44e4c38e72261b9c1ff134f0b10767d87f5a8339a7cfbae03667e9c53a8cdf2b
5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c
74ac52d11c9bb070670a89aa26554c6cb8ad9bf69376b970b119471459d9ceaf
7c5b985686edd2fbb3f8c3f4f531dc64e5ef62fd0b5a31f91a1517aaffb4562a
bcaa8554884ea8a43d6dfe30dcb14f34772bf62d0766e94ac757588af8fb38df
d36e606f9e0b062fe0afc928875c99b8c5a931e9b29be7ec19159d6dbadf8f5b
e02b6002a64d71687ee26e9bf5228bf5e79a01980e92338371bc79f6a259cedd
f335cee868a97809bd5569fca9e72095ed9a92b7dcc4fdcd278b406bec3ba1d5
fd5f1fb891fd0a43966a44faa10eea78b0441cb84f355734f2a586a280cff8e1

www.emails-verification.com Open in urlscan Pro 2001:8d8:100f:f000::200 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

83 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

325 kBTransfer

910 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

www.emails-verification.com Open in urlscan Pro
2001:8d8:100f:f000::200 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

83 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

325 kB
Transfer

910 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!