development.editwordappcom.cactusopsdev.com Open in urlscan Pro
13.32.99.71 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://development.editwordappcom.cactusopsdev.com/
Submission Tags: phishingrod
Submission: On September 15 via api (September 15th 2023, 8:15:26 pm UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 13.32.99.71, located in United States and belongs to AMAZON-02, US. The main domain is development.editwordappcom.cactusopsdev.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 15th 2023. Valid for: a year.

This is the only time development.editwordappcom.cactusopsdev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	13.32.99.71 13.32.99.71	16509 (AMAZON-02) (AMAZON-02)
2	2.20.215.12 2.20.215.12	16625 (AKAMAI-AS) (AKAMAI-AS)
10	3

7 13.32.99.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-71.fra60.r.cloudfront.net

development.editwordappcom.cactusopsdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.215.12 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-215-12.deploy.static.akamaitechnologies.com

appsforoffice.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cactusopsdev.com development.editwordappcom.cactusopsdev.com	364 KB
2	microsoft.com appsforoffice.microsoft.com — Cisco Umbrella Rank: 1513	54 KB
0	oaspapps.com Failed telemetryservice.firstpartyapps.oaspapps.com Failed
10	3

	Domain	Requested by
7	development.editwordappcom.cactusopsdev.com	development.editwordappcom.cactusopsdev.com
2	appsforoffice.microsoft.com	development.editwordappcom.cactusopsdev.com appsforoffice.microsoft.com
0	telemetryservice.firstpartyapps.oaspapps.com Failed	appsforoffice.microsoft.com
10	3

This site contains no links.

Subject Issuer	Validity	Valid
development.editwordappcom.cactusopsdev.com Amazon RSA 2048 M01	`2023-09-15` - `2024-10-13`	a year	crt.sh
appsforoffice.microsoft.com Microsoft Azure TLS Issuing CA 01	`2023-01-04` - `2023-12-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://development.editwordappcom.cactusopsdev.com/
Frame ID: A5AF812F44D2816B326449EA05D4D2AD
Requests: 9 HTTP requests in this frame

Frame: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html
Frame ID: FEAD920FA7CE75DEBD2A4430FFEDF99A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EditAsist

Detected technologies

Element UI (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

418 kB
Transfer

1676 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response development.editwordappcom.cactusopsdev.com/	748 B 1 KB	133ms 27ms	Document text/html	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `68bf49e2220b86d70159df20e79a51a487ef68535b79e2d22b39f7c2868950c9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 2 content-length 748 content-type text/html date Fri, 15 Sep 2023 20:15:20 GMT etag "f6a4765664e3a7145781332d0015c80a" last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) x-amz-cf-id SCP1gYpvNwFFUYGDTW4ZDhqMjrHlv6KaZFTez7Df5lalz9sqoVbmWA== x-amz-cf-pop FRA60-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H/1.1	200 OK	office.js Show response appsforoffice.microsoft.com/lib/1/hosted/	59 KB 17 KB	167ms 37ms	Script application/javascript	2.20.215.12 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1/hosted/office.js Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.20.215.12 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-20-215-12.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `90fceeaf5ab7a60211305fe3095835bbf99ea7f17e0dff271ae0ee5aa12cde70` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers Date Fri, 15 Sep 2023 20:15:21 GMT Content-Encoding gzip Last-Modified Sat, 26 Aug 2023 14:31:32 GMT Server Microsoft-IIS/10.0 ETag "0ba1f22ad8d91:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 17118
GET H2	200	chunk-vendors.915ebd40.js Show response development.editwordappcom.cactusopsdev.com/js/	1011 KB 278 KB	506ms 505ms	Script text/javascript	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/js/chunk-vendors.915ebd40.js Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `cf52d1144884bfe72cc547241bea1cb2711d19cf5888f3b8ca9ea95b162d85f0` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 20:15:22 GMT content-encoding br via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag W/"c15301f50e7ffe35b16876064729fbda" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id GTxTVKQU5jOzcx8jRwJFvRgEoUxLUDDvNQ72icXAfLTqtBuOkUx9qw==
GET H2	200	app.69bafec5.js Show response development.editwordappcom.cactusopsdev.com/js/	8 KB 4 KB	434ms 434ms	Script text/javascript	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/js/app.69bafec5.js Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `8868ec69b4351baf7e588d4f6fbea0a828c68a8c2a01f3484bedc325ead7a062` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 20:15:22 GMT content-encoding br via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag W/"d74ed95c1515848880ab520b48625a76" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id qVIMmg5grR76PBUVg4CjcnjvfckQYdg67dm6SHx4U6L3081Mvcv5CA==
GET H2	200	chunk-vendors.c9ae3747.css development.editwordappcom.cactusopsdev.com/css/	306 KB 39 KB	519ms 519ms	Stylesheet text/css	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/css/chunk-vendors.c9ae3747.css Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `45fc97cd6c7daacfade98481280d50f4c52f977d5add00097a14d8795511dd4c` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 20:15:22 GMT content-encoding br via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag W/"898d5f58024b8bcb1e184104508bfb9c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-cf-id 876dWSu8pfsQtPzqgXvAXxkbzCBtAMl3_Qg8Ac6v2GVN4kjOYc55dQ==
GET H2	200	app.f38a9e8d.css development.editwordappcom.cactusopsdev.com/css/	152 B 496 B	424ms 424ms	Stylesheet text/css	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/css/app.f38a9e8d.css Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `a26832bbf17f8919b0ecab5d0024cd73ee9cb21f22f1a190911678a7363edf2d` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 20:15:22 GMT via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag "149f36018149fcbe537f02cafdc6f047" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 152 x-amz-cf-id DXtmjFI9d9vyL4LoGf4sBLnwiEOZdtB7yaXHSCp0MCh-UxUrlM79iA==
GET H/1.1	200 OK	o15apptofilemappingtable.js Show response appsforoffice.microsoft.com/lib/1/hosted/	167 KB 37 KB	123ms 34ms	Script application/javascript	2.20.215.12 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/lib/1/hosted/o15apptofilemappingtable.js Requested by Host: appsforoffice.microsoft.com URL: https://appsforoffice.microsoft.com/lib/1/hosted/office.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.20.215.12 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-20-215-12.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522` Request headers Referer https://development.editwordappcom.cactusopsdev.com/ Origin https://development.editwordappcom.cactusopsdev.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers Date Fri, 15 Sep 2023 20:15:21 GMT Content-Encoding gzip Last-Modified Sat, 26 Aug 2023 14:31:32 GMT Server Microsoft-IIS/10.0 ETag "0ba1f22ad8d91:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=4509 Connection keep-alive Accept-Ranges bytes Content-Length 37609
GET H2	200	home.cfe6f0dc.css development.editwordappcom.cactusopsdev.com/css/	286 B 630 B	493ms 493ms	Stylesheet text/css	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/css/home.cfe6f0dc.css Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/js/app.69bafec5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `31262e6de53a35ccb9678557673d3d2645e1cfa88d50d1e5d50e3ddc4c4e6a4f` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 20:15:23 GMT via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag "2cb0c17c8e86a287809d9b0ebf887627" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 286 x-amz-cf-id btFOtvGTtvWVo91quLVVIaIyn8z277Eew2wURBFszJ4njKqGtSX5zA==
GET H2	200	home.b4bd5a27.js Show response development.editwordappcom.cactusopsdev.com/js/	124 KB 41 KB	488ms 488ms	Script text/javascript	13.32.99.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://development.editwordappcom.cactusopsdev.com/js/home.b4bd5a27.js Requested by Host: development.editwordappcom.cactusopsdev.com URL: https://development.editwordappcom.cactusopsdev.com/js/app.69bafec5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `c9c530ca0a285ae8c2ba846945f2f4bdac1cdd9d1105caa71da37ac64a1a47a2` Request headers accept-language de-DE,de;q=0.9 Referer https://development.editwordappcom.cactusopsdev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Fri, 15 Sep 2023 20:15:23 GMT content-encoding br via 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront) last-modified Fri, 15 Sep 2023 10:10:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 etag W/"c75be90bff8350523d316cfdb8253a54" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id 5yur9ZS8I0VDPbS_KcyKDBKOFV-5mXYMOVSZE6nfyf_AD9JSOfVdqg==
GET		telemetryproxy.html telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/ Frame FEAD	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telemetryservice.firstpartyapps.oaspapps.com
URL: https://telemetryservice.firstpartyapps.oaspapps.com/telemetryservice/telemetryproxy.html

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appsforoffice.microsoft.com
development.editwordappcom.cactusopsdev.com
telemetryservice.firstpartyapps.oaspapps.com
telemetryservice.firstpartyapps.oaspapps.com
13.32.99.71
2.20.215.12
2cf6e909da5391f513f14379c3ba86fe888f083d9f8205bcc7bd91cde3d9b522
31262e6de53a35ccb9678557673d3d2645e1cfa88d50d1e5d50e3ddc4c4e6a4f
45fc97cd6c7daacfade98481280d50f4c52f977d5add00097a14d8795511dd4c
68bf49e2220b86d70159df20e79a51a487ef68535b79e2d22b39f7c2868950c9
8868ec69b4351baf7e588d4f6fbea0a828c68a8c2a01f3484bedc325ead7a062
90fceeaf5ab7a60211305fe3095835bbf99ea7f17e0dff271ae0ee5aa12cde70
a26832bbf17f8919b0ecab5d0024cd73ee9cb21f22f1a190911678a7363edf2d
c9c530ca0a285ae8c2ba846945f2f4bdac1cdd9d1105caa71da37ac64a1a47a2
cf52d1144884bfe72cc547241bea1cb2711d19cf5888f3b8ca9ea95b162d85f0

development.editwordappcom.cactusopsdev.com Open in urlscan Pro 13.32.99.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

418 kBTransfer

1676 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

0 Cookies

Indicators

development.editwordappcom.cactusopsdev.com Open in urlscan Pro
13.32.99.71 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

418 kB
Transfer

1676 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions