hermitageoilsitaly.com
Open in
urlscan Pro
2606:4700:30::6812:34a0
Malicious Activity!
Public Scan
Effective URL: https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/login.html?cmd=login_submit&id=f5c618efb0e2ba0e24cdf81ca4677...
Submission: On September 04 via manual from GB
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 16th 2019. Valid for: 6 months.
This is the only time hermitageoilsitaly.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OneDrive (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 91.220.42.235 91.220.42.235 | 42427 (MIMECAST-UK) (MIMECAST-UK) | |
2 30 | 2606:4700:30:... 2606:4700:30::6812:34a0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
32 | 3 |
ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
protect-eu.mimecast.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hermitageoilsitaly.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
hermitageoilsitaly.com
2 redirects
hermitageoilsitaly.com |
909 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
2 |
mimecast.com
2 redirects
protect-eu.mimecast.com |
1 KB |
1 |
googleapis.com
fonts.googleapis.com |
661 B |
32 | 4 |
Domain | Requested by | |
---|---|---|
30 | hermitageoilsitaly.com |
2 redirects
hermitageoilsitaly.com
|
3 | fonts.gstatic.com |
hermitageoilsitaly.com
|
2 | protect-eu.mimecast.com | 2 redirects |
1 | fonts.googleapis.com |
hermitageoilsitaly.com
|
32 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni65926.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-08-16 - 2020-02-22 |
6 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-08-13 - 2019-11-11 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-08-13 - 2019-11-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/login.html?cmd=login_submit&id=f5c618efb0e2ba0e24cdf81ca467753cf5c618efb0e2ba0e24cdf81ca467753c&session=f5c618efb0e2ba0e24cdf81ca467753cf5c618efb0e2ba0e24cdf81ca467753c
Frame ID: B83ECF32A57768B46C72FD0D6066E6FA
Requests: 32 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://protect-eu.mimecast.com/s/WA4iCAMO8f99L8oUGJvxf?domain=hermitageoilsitaly.com
HTTP 307
https://protect-eu.mimecast.com/redirect/eNpdkctOwzAQRX-l8joPO01rklVRu6SAWrGLFLnONDVJbMuPIoT4dyZQCcRuNPfOeM7... HTTP 307
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive HTTP 301
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/ HTTP 302
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/login.html?cmd=login_submit&id=f5c618efb... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-eu.mimecast.com/s/WA4iCAMO8f99L8oUGJvxf?domain=hermitageoilsitaly.com
HTTP 307
https://protect-eu.mimecast.com/redirect/eNpdkctOwzAQRX-l8joPO01rklVRu6SAWrGLFLnONDVJbMuPIoT4dyZQCcRuNPfOeM71B3HSBlKTszJaZFJM4IzeOJ9KM1mjQQefYUkSMhpJapYQh_YiIeBVR-qy4JQtS84TEqbwaDrAXZRy9CuLZUkzRnnGWMbX2LPzzGpJExLdiPIlBOvrJm_yC7hJBdGDUaPHYnyfn21yYa0zV-hO0SsN3jf5XklnvDmH7EnDzqkr4GKYGfpWptDGgbJ2zdtrt-Ypb7er1T2reFtQVtEKpSU6Ar5WpXhnWvKqKu54NV988gjEkM0KRCW3SRSEnNdvLyCHl8MDNmT0wWBU8gf41-l157AxCAd68_92JMrigC4HPcaNPtQDyJBCzCY1gRQ-3NL28fSKhucRhIfFzsh4VL2uFwe4KnhbHIMIMOHvkO_g9yZqTJbcyL5Z5F-Gzy8Lvpk6 HTTP 307
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive HTTP 301
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/ HTTP 302
https://hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/login.html?cmd=login_submit&id=f5c618efb0e2ba0e24cdf81ca467753cf5c618efb0e2ba0e24cdf81ca467753c&session=f5c618efb0e2ba0e24cdf81ca467753cf5c618efb0e2ba0e24cdf81ca467753c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/ Redirect Chain
|
15 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/plugins/bootstrap/css/ |
147 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/css/ |
116 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/css/colors/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo.png
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
word-icon.png
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/images/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft-ad.gif
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/images/users/ |
603 KB 604 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/plugins/jquery/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tether.min.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/plugins/bootstrap/js/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/plugins/bootstrap/js/ |
46 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.slimscroll.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waves.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebarmenu.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/js/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sticky-kit.min.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/plugins/sticky-kit-master/dist/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.min.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/js/ |
1 KB 684 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jQuery.style.switcher.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/assets/plugins/styleswitcher/ |
1 KB 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grabUserInputforfg.js
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 661 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simple-line-icons.html
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/simple-line-icons/css/ |
380 B 437 B |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weather-icons.min.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/weather-icons/css/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linea.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/linea-icons/ |
48 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themify-icons.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/themify-icons/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag-icon.min.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/flag-icon-css/ |
12 KB 987 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons.min.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/material-design-iconic-font/css/ |
76 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinners.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/css/ |
55 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont3e6e.woff2
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themify.woff
hermitageoilsitaly.com/approvedbusiness/Microsoft.OneDrive/scss/icons/themify-icons/fonts/ |
55 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OneDrive (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| Tether object| Waves object| metisMenu function| get1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hermitageoilsitaly.com/ | Name: __cfduid Value: dfcb0aa62215908409ddcfa12b3158a631567604345 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
hermitageoilsitaly.com
protect-eu.mimecast.com
2606:4700:30::6812:34a0
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
91.220.42.235
0af6dfea3e720d3b210c5c4797ec650c9974941ab9844410cae95a9aebdf086e
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
15b53f975519be824a27e9779b76be4d83eab562f9a0f3ce4c279392311189e6
1fd4c882b277b1733f27be78e59f2318df771113cfc3981f4c4ad1b287238880
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
37e4a28e6ea8b8a842407d28969496ea01c2dfe9fee42f9c6f5bb1cb78737fcd
3c1b6d5523d57e649f2931e0f5ea8e7d4af98c3c855c84bd83ccdfb161c0fbe0
3e7694476cefec5d25e6e94636aa321c79e0f1a71d2fbe514849c6bbc23ba249
41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273
41c7cd2701dfb7eaaee4dcfe1e7847557a1e970b299f6a353828b0a0fb3a9bae
5fbc55c7aca8515003db933fbfc27147afea85b30c666bee69d1a535c6e5d7fe
69cb042471b01aaeb5fc48ff882b98a67d33086102f00110271f1c30ae710f0e
7144cec0cfe6c9956da6eb50678d60e859e9430afa827019cd49939ee72b1164
7a39f30800c1ef8779686fd48037bb5d95fc6471cefe29e60c61f00ae2a846db
7a94dcfcd1102a445603ef1af09d2677e0d2d8e964dedd88214c449c160416f2
817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3
95a3629c74d5f4c8c955d645cb9931f223af8cdf4cb849c043a0bc3a06f757c5
96d049753e00ae4a57a1960d8ec7423ddb29c7e974328ee6463e970f3f5b6f66
aa3b1d907297f7cf8c52d105a1e5a80bae4006ea326ef21ad67da2f3fa1f2ad1
ac5d479800ea29c23f1cc27c46102f373f865263f546da4a0ff3030e61f95a20
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af3b16ef6209e0357e9abbb8a89b03b1fa6dcdf10d7b83ce0bc08429aa66ca8b
b50d2f797b7b45bbece1fe61c4d457307b260b6eb4be8af32af58bc1be403009
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
d27fcdd0144172341d3a256289fcfbed7548969a182bb7dd032968eea5f6f56f
d7666e6da5b70dbef96f389245d558ad091f813984b7700c597012b17663f735
d7e4f3b2fa3852a673216f8d48d3ccc77aa4477aa5e1d0ab0cc3d675ae6daa3b
e8b9afb33b51b1a7661354f300f5d649b6f02b3d1c44f7f13725a1708e0b8b78
f23a9bfeea9231a7d7e1465b3aa184137bdf6f4a5eda34dd841463e86da5a164
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
ff9a470d98767efd5e6489b27e24e1b41e408382ea0e3ca2b6d4fb7cb8dd4fff