storage.googleapis.com Open in urlscan Pro
142.250.181.251  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

• http://185.34.52.250/??Z289MSZzMT0xOTM1MDI0JnMyPTE0Nzk0MTg0OCZzMz1QVA== HTTP 307
• https://185.34.52.250/??Z289MSZzMT0xOTM1MDI0JnMyPTE0Nzk0MTg0OCZzMz1QVA== HTTP 302
• http://185.34.52.250/public/?:nav=default::index&go=1&s1=1935024&s2=147941848 HTTP 307
• https://185.34.52.250/public/?:nav=default::index&go=1&s1=1935024&s2=147941848 HTTP 302
• http://185.34.52.250/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTkzNTAyNCZ1c2VyPWZzcGlub2xhODUlNDBnbWFpbC5jb20mZW1haWxfaWQ9MTQ3OTQxODQ4JnVybD1hSFIwY0hNNkx5OTVibWwwYVdGc2NHOXVkQzVqYjIwdk1DOHdMekF2WVRZeU5XRXhNRGRqTWpWbFlXRTFZVFEyWkdReVl6VmhaRGcyWkdZek5tVXZNVGt6TlRBeU5DMUJURXhmU0VGTlJVeENYMU5hWDBkTlFVbE1YMUJVTFRRMU5qQXhOeTh4TkRjNU5ERTRORGhmTkRVMk1ETTNYekk9 HTTP 307
• https://185.34.52.250/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTkzNTAyNCZ1c2VyPWZzcGlub2xhODUlNDBnbWFpbC5jb20mZW1haWxfaWQ9MTQ3OTQxODQ4JnVybD1hSFIwY0hNNkx5OTVibWwwYVdGc2NHOXVkQzVqYjIwdk1DOHdMekF2WVRZeU5XRXhNRGRqTWpWbFlXRTFZVFEyWkdReVl6VmhaRGcyWkdZek5tVXZNVGt6TlRBeU5DMUJURXhmU0VGTlJVeENYMU5hWDBkTlFVbE1YMUJVTFRRMU5qQXhOeTh4TkRjNU5ERTRORGhmTkRVMk1ETTNYekk9 HTTP 302
• https://185.34.52.250/public/?:nav=click::tracker&deploy=1935024&user=fspinola85%40gmail.com&email_id=147941848&url=aHR0cHM6Ly95bml0aWFscG9udC5jb20vMC8wLzAvYTYyNWExMDdjMjVlYWE1YTQ2ZGQyYzVhZDg2ZGYzNmUvMTkzNTAyNC1BTExfSEFNRUxCX1NaX0dNQUlMX1BULTQ1NjAxNy8xNDc5NDE4NDhfNDU2MDM3XzI= HTTP 302
• https://ynitialpont.com/0/0/0/a625a107c25eaa5a46dd2c5ad86df36e/1935024-ALL_HAMELB_SZ_GMAIL_PT-456017/147941848_456037_2 HTTP 307
• http://185.34.52.250/?var=Om5hdj1jbGljazo6dHJhY2tlciZkZXBsb3k9MTkzNTAyNCZ1c2VyPWZzcGlub2xhODUlNDBnbWFpbC5jb20mZW1haWxfaWQ9MTQ3OTQxODQ4JnVybD1hSFIwY0hNNkx5OTVibWwwYVdGc2NHOXVkQzVqYjIwdk1DOHdMekF2WVRZeU5XRXhNRGRqTWpWbFlXRTFZVFEyWkdReVl6VmhaRGcyWkdZek5tVXZNVGt6TlRBeU5DMUJURXhmU0VGTlJVeENYMU5hWDBkTlFVbE1YMUJVTFRRMU5qQXhOeTh4TkRjNU5ERTRORGhmTkRVMk1ETTNYekk9 HTTP 302
• http://185.34.52.250/public/?:nav=click::tracker&deploy=1935024&user=fspinola85%40gmail.com&email_id=147941848&url=aHR0cHM6Ly95bml0aWFscG9udC5jb20vMC8wLzAvYTYyNWExMDdjMjVlYWE1YTQ2ZGQyYzVhZDg2ZGYzNmUvMTkzNTAyNC1BTExfSEFNRUxCX1NaX0dNQUlMX1BULTQ1NjAxNy8xNDc5NDE4NDhfNDU2MDM3XzI= HTTP 302
• https://ynitialpont.com/0/0/0/a625a107c25eaa5a46dd2c5ad86df36e/1935024-ALL_HAMELB_SZ_GMAIL_PT-456017/147941848_456037_2

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ynitialpont.com

URL

https://ynitialpont.com/0/0/0/a625a107c25eaa5a46dd2c5ad86df36e/1935024-ALL_HAMELB_SZ_GMAIL_PT-456017/147941848_456037_2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

storage.googleapis.com
ynitialpont.com
ynitialpont.com
142.250.181.251
c4ae61bef77bcec2ab6dc88864e046b7b699f1a734fa946a2b0b40af0e6c8b8e