woodridgelane.ml Open in urlscan Pro
2606:4700:30::681b:b28b  Malicious Activity! Public Scan

Submitted URL: http://x.co/6ng3U
Effective URL: https://woodridgelane.ml/dox/nanoth/office2018/
Submission: On February 14 via manual from US

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 17 HTTP transactions. The main IP is 2606:4700:30::681b:b28b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is woodridgelane.ml.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 13th 2019. Valid for: a year.
This is the only time woodridgelane.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 2 45.40.140.1 26496 (AS-26496-...)
1 6 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::621 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 31.132.36.139 49004 (SQUAREFLOW)
2 107.22.215.20 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 9
Domain Requested by
7 woodridgelane.ml 2 redirects woodridgelane.ml
unpkg.com
2 fonts.gstatic.com woodridgelane.ml
cdnjs.cloudflare.com
2 api.ipify.org curli.org
woodridgelane.ml
2 cdnjs.cloudflare.com woodridgelane.ml
2 unpkg.com 1 redirects woodridgelane.ml
2 cdn.jsdelivr.net woodridgelane.ml
2 x.co 2 redirects
1 fonts.googleapis.com woodridgelane.ml
1 curli.org woodridgelane.ml
1 cdn.polyfill.io woodridgelane.ml
17 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-02-13 -
2020-02-13
a year crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-10-27 -
2019-05-05
6 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2018-10-21 -
2019-04-27
6 months crt.sh
ssl714328.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-10-23 -
2019-05-01
6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-09-22 -
2019-03-31
6 months crt.sh
curli.org
Let's Encrypt Authority X3
2019-01-03 -
2019-04-03
3 months crt.sh
*.ipify.org
COMODO RSA Domain Validation Secure Server CA
2018-01-24 -
2021-01-23
3 years crt.sh
*.googleapis.com
Google Internet Authority G3
2019-01-29 -
2019-04-23
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-01-23 -
2019-04-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://woodridgelane.ml/dox/nanoth/office2018/
Frame ID: 05054DA4046189F0FE76311D58E3A2A6
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://x.co/6ng3U HTTP 301
    https://x.co/6ng3U HTTP 302
    https://woodridgelane.ml/dox/nanoth/office2018 HTTP 301
    http://woodridgelane.ml/dox/nanoth/office2018/ HTTP 301
    https://woodridgelane.ml/dox/nanoth/office2018/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /(?:<link[^>]+semantic(?:\.css|\.min\.css)">)/i

Overall confidence: 100%
Detected patterns
  • env /^Vue$/i

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

17
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

10
Subdomains

9
IPs

4
Countries

1254 kB
Transfer

4200 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://x.co/6ng3U HTTP 301
    https://x.co/6ng3U HTTP 302
    https://woodridgelane.ml/dox/nanoth/office2018 HTTP 301
    http://woodridgelane.ml/dox/nanoth/office2018/ HTTP 301
    https://woodridgelane.ml/dox/nanoth/office2018/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/@babel/standalone/babel.min.js HTTP 302
  • https://unpkg.com/@babel/standalone@7.3.2/babel.min.js

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
woodridgelane.ml/dox/nanoth/office2018/
Redirect Chain
  • http://x.co/6ng3U
  • https://x.co/6ng3U
  • https://woodridgelane.ml/dox/nanoth/office2018
  • http://woodridgelane.ml/dox/nanoth/office2018/
  • https://woodridgelane.ml/dox/nanoth/office2018/
3 KB
1 KB
Document
General
Full URL
https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b28b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0deb00bcedbc8c80e8f1ec2126e557698a03fc4d432778cb3fd3218ccfd345f

Request headers

:method
GET
:authority
woodridgelane.ml
:scheme
https
:path
/dox/nanoth/office2018/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
__cfduid=d20a2f31fae49f89c1ad124b221c2b95a1550168499
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 14 Feb 2019 18:21:39 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
x-robots-tag
"none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4a918e429e1e96a0-FRA
content-encoding
br

Redirect headers

Date
Thu, 14 Feb 2019 18:21:39 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 14 Feb 2019 19:21:39 GMT
Location
https://woodridgelane.ml/dox/nanoth/office2018/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4a918e4280562756-FRA
runtime.js
cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/
21 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/babel-regenerator-runtime@6.5.0/runtime.js
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
4a918e4579ebbf0c-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21022-AMS, cache-fra19143-FRA
server
cloudflare
etag
W/"53cd-XOwSN/ws1IIGTvt4xVCWVg/9RBk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
polyfill.js
cdn.polyfill.io/v2/
6 KB
1 KB
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.js?features=default,es6,fetch,Promise
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4a785195e8e7247f30fe13d244cfc3783b4e0b5431b78dea3a41222830619108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
age
390165
normalized-user-agent
chrome/67.0.0
detected-user-agent
Chrome/67.0.3396
status
200
date
Thu, 14 Feb 2019 18:21:40 GMT
server-timing
HIT, fastly;desc="Edge time";dur=1
content-length
1378
referrer-policy
origin-when-cross-origin
etag
W/"562-SB3roxkX6udTPnC54PAfDxW3STc"
vary
User-Agent, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
babel.min.js
unpkg.com/@babel/standalone@7.3.2/
Redirect Chain
  • https://unpkg.com/@babel/standalone/babel.min.js
  • https://unpkg.com/@babel/standalone@7.3.2/babel.min.js
2 MB
373 KB
Script
General
Full URL
https://unpkg.com/@babel/standalone@7.3.2/babel.min.js
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
206205c76004b704905be15d9be0d9d7588d3ccf987e332691d5a9088f90fbc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"24ab51-c/2KghAuNEzZPZN4pF3oc2jqX7U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
dc97b52fc3f8f1236d750197124bd6b5
cache-control
public, max-age=31536000
cf-ray
4a918e456ca8c2f1-FRA

Redirect headers

date
Thu, 14 Feb 2019 18:21:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/@babel/standalone@7.3.2/babel.min.js
content-type
text/plain; charset=utf-8
status
302
x-cloud-trace-context
2048c311a0a8178dbe94425cb92307a3
cache-control
public, s-maxage=14400, max-age=3600
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
4a918e454c40c2f1-FRA
vary
Accept, Accept-Encoding
content-length
59
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/
265 KB
75 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-42587"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 04 Feb 2020 18:21:40 GMT
cache-control
public, max-age=30672000
cf-ray
4a918e452f71c2c9-FRA
served-in-seconds
0.004
vue
cdn.jsdelivr.net/npm/
91 KB
32 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/vue
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72494226e7726888203fd5505b37a4ad008ea6ef385f13e4f396427730943b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
4a918e4579eebf0c-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21046-AMS, cache-fra19144-FRA
server
cloudflare
etag
W/"16bb3-aR2lRC1CWRdbT87OO7SeiN2/xO4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
@curli
curli.org/lib/ie/
3 KB
1 KB
Script
General
Full URL
https://curli.org/lib/ie/@curli
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
31.132.36.139 -, , ASN49004 (SQUAREFLOW, GB),
Reverse DNS
139.36.132.31.squareflow.net
Software
nginx/1.10.3 / Express
Resource Hash
92aa439b3a256f82c2553b138db77ad8751c1d6c23eb4d981b48216e3cd09fd9

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 18:21:40 GMT
Content-Encoding
gzip
ETag
W/"a51-ZhPjkkf8WyJDqwj7knR34mJRL5g"
Server
nginx/1.10.3
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
semantic.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.3.3/
803 KB
108 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.3.3/semantic.css
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d71858f0080732e03899513693055a2d5a204599538f74b68ea491b0e614cf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Mon, 09 Jul 2018 00:30:47 GMT
server
cloudflare
etag
W/"5b42acb7-c8afc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 04 Feb 2020 18:21:40 GMT
cache-control
public, max-age=30672000
cf-ray
4a918e452f73c2c9-FRA
served-in-seconds
0.003
microsoft.css
woodridgelane.ml/dox/nanoth/office2018/pip/css/
1 KB
538 B
Stylesheet
General
Full URL
https://woodridgelane.ml/dox/nanoth/office2018/pip/css/microsoft.css
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b28b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f1c2e932aec2b06a9b4f575b17ef4a0e74de39b73e970b4ac655ba37dc6efb6

Request headers

:path
/dox/nanoth/office2018/pip/css/microsoft.css
pragma
no-cache
cookie
__cfduid=d20a2f31fae49f89c1ad124b221c2b95a1550168499
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
woodridgelane.ml
referer
https://woodridgelane.ml/dox/nanoth/office2018/
:scheme
https
:method
GET
Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 03 Oct 2018 04:12:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4a918e452ac796a0-FRA
expires
Thu, 14 Feb 2019 22:21:40 GMT
microsoft_logo.svg
woodridgelane.ml/dox/nanoth/office2018/pip/img/
4 KB
1 KB
Image
General
Full URL
https://woodridgelane.ml/dox/nanoth/office2018/pip/img/microsoft_logo.svg
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b28b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

:path
/dox/nanoth/office2018/pip/img/microsoft_logo.svg
pragma
no-cache
cookie
__cfduid=d20a2f31fae49f89c1ad124b221c2b95a1550168499
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
woodridgelane.ml
referer
https://woodridgelane.ml/dox/nanoth/office2018/
:scheme
https
:method
GET
Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Oct 2018 15:01:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
4a918e452ac896a0-FRA
expires
Thu, 14 Feb 2019 22:21:40 GMT
/
api.ipify.org/
23 B
256 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: curli.org
URL: https://curli.org/lib/ie/@curli
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.215.20 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-22-215-20.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
16a93af1775e73fe37b346533adc187e25cfedec1d9e6d17373740c2d09cfecf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://woodridgelane.ml/dox/nanoth/office2018/
Origin
https://woodridgelane.ml

Response headers

Date
Thu, 14 Feb 2019 18:21:40 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://woodridgelane.ml
Connection
keep-alive
Content-Length
23
css
fonts.googleapis.com/
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
9e01cd9d5c99f2550fff5002f1b7fcc1402aa88b84f471214b032a7cde0f42b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 14 Feb 2019 18:21:40 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 14 Feb 2019 18:21:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 14 Feb 2019 18:21:40 GMT
microsoft.js
woodridgelane.ml/dox/nanoth/office2018/pip/js/configs/
3 KB
932 B
XHR
General
Full URL
https://woodridgelane.ml/dox/nanoth/office2018/pip/js/configs/microsoft.js
Requested by
Host: unpkg.com
URL: https://unpkg.com/@babel/standalone@7.3.2/babel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b28b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9831525c090d4e788f68657882658f1fcd0120885d2bcbb198d12d438b2ccf6

Request headers

:path
/dox/nanoth/office2018/pip/js/configs/microsoft.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
woodridgelane.ml
referer
https://woodridgelane.ml/dox/nanoth/office2018/
:scheme
https
:method
GET
Referer
https://woodridgelane.ml/dox/nanoth/office2018/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Oct 2018 01:51:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=de0333309f255083f9cfda374b5957bff1550168500; expires=Fri, 14-Feb-20 18:21:40 GMT; path=/; domain=.woodridgelane.ml; HttpOnly; Secure
cf-ray
4a918e470e4696a0-FRA
expires
Thu, 14 Feb 2019 22:21:40 GMT
font.jpg
woodridgelane.ml/dox/nanoth/office2018/pip/img/
623 KB
624 KB
Image
General
Full URL
https://woodridgelane.ml/dox/nanoth/office2018/pip/img/font.jpg
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b28b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
644c9ec95d3a020ba6f07f6282615ec3338b8dc4405b2ed1f01018404076dd65

Request headers

:path
/dox/nanoth/office2018/pip/img/font.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
woodridgelane.ml
referer
https://woodridgelane.ml/dox/nanoth/office2018/pip/css/microsoft.css
:scheme
https
:method
GET
Referer
https://woodridgelane.ml/dox/nanoth/office2018/pip/css/microsoft.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 18:21:41 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Oct 2018 17:33:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=d72d1abbe726b9b3fa46df42f8c541cf21550168500; expires=Fri, 14-Feb-20 18:21:40 GMT; path=/; domain=.woodridgelane.ml; HttpOnly; Secure
accept-ranges
bytes
cf-ray
4a918e471e5c96a0-FRA
content-length
638456
expires
Thu, 14 Feb 2019 22:21:40 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Origin
https://woodridgelane.ml

Response headers

date
Tue, 29 Jan 2019 08:45:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
1416999
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13944
x-xss-protection
1; mode=block
expires
Wed, 29 Jan 2020 08:45:01 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Origin
https://woodridgelane.ml

Response headers

date
Tue, 12 Feb 2019 11:41:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
196795
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14076
x-xss-protection
1; mode=block
expires
Wed, 12 Feb 2020 11:41:45 GMT
/
api.ipify.org/
23 B
256 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: woodridgelane.ml
URL: https://woodridgelane.ml/dox/nanoth/office2018/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.215.20 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-22-215-20.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
16a93af1775e73fe37b346533adc187e25cfedec1d9e6d17373740c2d09cfecf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://woodridgelane.ml/dox/nanoth/office2018/
Origin
https://woodridgelane.ml

Response headers

Date
Thu, 14 Feb 2019 18:21:40 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://woodridgelane.ml
Connection
keep-alive
Content-Length
23

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| regeneratorRuntime object| Babel function| $ function| jQuery function| Vue function| curli function| _asyncToGenerator object| pip function| isEmail string| ipClient

1 Cookies

Domain/Path Name / Value
.woodridgelane.ml/ Name: __cfduid
Value: d72d1abbe726b9b3fa46df42f8c541cf21550168500

2 Console Messages

Source Level URL
Text
console-api warning URL: https://unpkg.com/@babel/standalone@7.3.2/babel.min.js(Line 1)
Message:
You are using the in-browser Babel transformer. Be sure to precompile your scripts for production - https://babeljs.io/docs/setup/
console-api log URL: https://curli.org/lib/ie/@curli(Line 97)
Message:
Curli notify running from 185.220.70.202

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.jsdelivr.net
cdn.polyfill.io
cdnjs.cloudflare.com
curli.org
fonts.googleapis.com
fonts.gstatic.com
unpkg.com
woodridgelane.ml
x.co
107.22.215.20
2606:4700:30::681b:b28b
2606:4700:30::681b:b38b
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6813:c497
2a00:1450:4001:81c::2003
2a00:1450:4001:81e::200a
2a04:4e42::621
31.132.36.139
45.40.140.1
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
16a93af1775e73fe37b346533adc187e25cfedec1d9e6d17373740c2d09cfecf
1f1c2e932aec2b06a9b4f575b17ef4a0e74de39b73e970b4ac655ba37dc6efb6
206205c76004b704905be15d9be0d9d7588d3ccf987e332691d5a9088f90fbc2
4a785195e8e7247f30fe13d244cfc3783b4e0b5431b78dea3a41222830619108
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
644c9ec95d3a020ba6f07f6282615ec3338b8dc4405b2ed1f01018404076dd65
72494226e7726888203fd5505b37a4ad008ea6ef385f13e4f396427730943b02
92aa439b3a256f82c2553b138db77ad8751c1d6c23eb4d981b48216e3cd09fd9
9e01cd9d5c99f2550fff5002f1b7fcc1402aa88b84f471214b032a7cde0f42b2
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
b9258540f48bff83be38e2952dfa01f6bb5c6ccbc13baccf3e26995299f59d07
d5d71858f0080732e03899513693055a2d5a204599538f74b68ea491b0e614cf
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e0deb00bcedbc8c80e8f1ec2126e557698a03fc4d432778cb3fd3218ccfd345f
e9831525c090d4e788f68657882658f1fcd0120885d2bcbb198d12d438b2ccf6