xqka7kcxs8q.envero-exoticwears.xyz
Open in
urlscan Pro
194.180.49.204
Public Scan
Submitted URL: http://shelbydairyfarms.com/
Effective URL: https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvv...
Submission: On September 26 via manual from IN — Scanned from AU
Effective URL: https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvv...
Submission: On September 26 via manual from IN — Scanned from AU
Summary
This website contacted 3 IPs
in 3 countries
across 4 domains to perform 9 HTTP transactions.
The main IP is 194.180.49.204, located in
Germany and
belongs to AS_DELIS, US.
The main domain is xqka7kcxs8q.envero-exoticwears.xyz.
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.
This is the only time xqka7kcxs8q.envero-exoticwears.xyz was scanned on urlscan.io!
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.
This is the only time xqka7kcxs8q.envero-exoticwears.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 44.230.85.241 44.230.85.241 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 9 | 194.180.49.204 194.180.49.204 | 211252 (AS_DELIS) (AS_DELIS) | |
| 1 | 20.190.142.165 20.190.142.165 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 9 | 3 |
1
44.230.85.241
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
| shelbydairyfarms.com |
9
194.180.49.204
(Germany)
ASN211252 (AS_DELIS, US)
ASN211252 (AS_DELIS, US)
| bulabu-management.xyz | |
| xqka7kcxs8q.envero-exoticwears.xyz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
envero-exoticwears.xyz
1 redirects
xqka7kcxs8q.envero-exoticwears.xyz |
848 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 62 |
|
| 1 |
bulabu-management.xyz
1 redirects
bulabu-management.xyz |
657 B |
| 1 |
shelbydairyfarms.com
1 redirects
shelbydairyfarms.com |
256 B |
| 9 | 4 |
| Domain | Requested by | |
|---|---|---|
| 8 | xqka7kcxs8q.envero-exoticwears.xyz |
1 redirects
xqka7kcxs8q.envero-exoticwears.xyz
|
| 1 | login.live.com |
xqka7kcxs8q.envero-exoticwears.xyz
|
| 1 | bulabu-management.xyz | 1 redirects |
| 1 | shelbydairyfarms.com | 1 redirects |
| 9 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| envero-exoticwears.xyz R3 |
2023-09-06 - 2023-12-05 |
3 months | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2023-07-03 - 2024-07-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true
Frame ID: FF02AF7A8A2B0B3268AF080CBB648ACF
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
-
http://shelbydairyfarms.com/
HTTP 307
https://bulabu-management.xyz/?zfppbwqn HTTP 302
https://xqka7kcxs8q.envero-exoticwears.xyz/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3hxa2E3a2N4c... HTTP 302
https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
- https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://shelbydairyfarms.com/
HTTP 307
https://bulabu-management.xyz/?zfppbwqn HTTP 302
https://xqka7kcxs8q.envero-exoticwears.xyz/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3hxa2E3a2N4czhxLmVudmVyby1leG90aWN3ZWFycy54eXoiLCJkb21haW4iOiJ4cWthN2tjeHM4cS5lbnZlcm8tZXhvdGljd2VhcnMueHl6Iiwia2V5IjoiWXp0dTM3ZlBwZURqIiwicXJjIjpudWxsLCJpYXQiOjE2OTU3NDA5NjksImV4cCI6MTY5NTc0MTA4OX0.tXSoFHlO2vOjUQMEj8lc-6DLaqx0u2ePSo9htaVZofE HTTP 302
https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0 Page URL
- https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://shelbydairyfarms.com/ HTTP 307
- https://bulabu-management.xyz/?zfppbwqn HTTP 302
- https://xqka7kcxs8q.envero-exoticwears.xyz/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL3hxa2E3a2N4czhxLmVudmVyby1leG90aWN3ZWFycy54eXoiLCJkb21haW4iOiJ4cWthN2tjeHM4cS5lbnZlcm8tZXhvdGljd2VhcnMueHl6Iiwia2V5IjoiWXp0dTM3ZlBwZURqIiwicXJjIjpudWxsLCJpYXQiOjE2OTU3NDA5NjksImV4cCI6MTY5NTc0MTA4OX0.tXSoFHlO2vOjUQMEj8lc-6DLaqx0u2ePSo9htaVZofE HTTP 302
- https://xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0
9 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
cwvjqtkbg
xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/ Redirect Chain
|
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BssoInterrupt_Core_pOO34JFwD1EVcxt413xLZg2.js
xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msftauth.net/~/shared/1.0/content/js/ |
136 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
cwvjqtkbg
xqka7kcxs8q.envero-exoticwears.xyz/__//eqooqp/qcwvj2/x2.0/ |
44 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
converged.v2.login.min_prc91eyu9sqvbxj8tusclg2.css
xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ConvergedLogin_PCore_QAimTdR41Aag8ws1422NKw2.js
xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msauth.net/~/shared/1.0/content/js/ |
673 KB 673 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ux.converged.login.strings-en.min_fbib_szf4_oqxoqnq0mnnw2.js
xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msauth.net/~/ests/2.1/content/cdnbundles/ |
50 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oneDs_641b1cf809bdc17b42ab.js
xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msauth.net/~/shared/1.0/content/js/ |
186 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- xqka7kcxs8q.envero-exoticwears.xyz
- URL
- https://xqka7kcxs8q.envero-exoticwears.xyz/aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| bulabu-management.xyz/ | Name: qPdM Value: Yztu37fPpeDj |
|
| bulabu-management.xyz/ | Name: qPdM.sig Value: CTcf6Hi6QE6Uif-4Ljf4BvQf-yc |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: qPdM Value: Yztu37fPpeDj |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: qPdM.sig Value: CTcf6Hi6QE6Uif-4Ljf4BvQf-yc |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: x-ms-gateway-slice Value: estsfd |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: stsservicecookie Value: estsfd |
|
| .xqka7kcxs8q.envero-exoticwears.xyz/ | Name: AADSSO Value: NA|NoExtension |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: buid Value: 0.ASEAMe_N-B6jSkuT5F9XHpElWltEZUfGMrBJg-Ydk3ZSdsoBAAA.AQABAAEAAAAtyolDObpQQ5VtlI4uGjEPyXHROAk466G0DsRQSsaMuEkz7vJM2dSOqyY2Gmx83IIh-v71DlK8xicHuB8QCZ8rmRK64cG-w0wr24DSF9Gt7ZNKFKMXbz0SAazZtt2MfJYgAA |
|
| .xqka7kcxs8q.envero-exoticwears.xyz/ | Name: esctx Value: PAQABAAEAAAAtyolDObpQQ5VtlI4uGjEPAks8jxf1rq-yl_qORrVhEWt1RxH8hkpBXY3Gq9kBjqk_vizYNULGEEqYfV-ebnV-t60HLXnl9D0zwPZtu4FB27aVg64VnVdcE_IM-rJhzoIM2dhQcBKa-PtRwq0Th9NDvpTK3pYWBzfX9X0Pq2DrcIoIqk4BwVdrTf5x3UH70H6Mv90ZP7B4fiEC9jj0LwJ_U8qkd0fzAR8QFBjU3gFhRFPx4ihjIYJD6ogCLXckiwQgAA |
|
| xqka7kcxs8q.envero-exoticwears.xyz/ | Name: fpc Value: AoxjIsewU35NuzVV-tDpD7u8Ae7AAQAAACzrpNwOAAAA |
|
| .login.live.com/ | Name: uaid Value: bc63ead8c50a4432ba50b4be4c4219a3 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1695740974&co=1 |
|
| .xqka7kcxs8q.envero-exoticwears.xyz/ | Name: brcap Value: 0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bulabu-management.xyz
login.live.com
shelbydairyfarms.com
xqka7kcxs8q.envero-exoticwears.xyz
xqka7kcxs8q.envero-exoticwears.xyz
194.180.49.204
20.190.142.165
44.230.85.241
0308da96f6d144163ff9b3ab050042183bf4a4b12329197c83fa59b7c65a1903
5d0c6df51bc78bc1d564b8678d8cb78bf89db26dff88db04e22fa8de74239f6a
6665ca6a09f770c6679556eb86cf4234c8bdb0271049620e03199b34b4a16099
71530199c97a7aa3c72b852bf36c293f7beaf86814d331482717276fce1b3bb3
78e2f3dc7090ed2c0315dc7c2a03c02e4f312bd2f2be7cce2fb8820cc7600ff0
afc0898b6e7779ecd64b6a5a5b2626284d3e0316ad79cc45662c6d0158f4b2a1
d4ea1a07b23257f411af4f8c20aa528d23c4dadbd4c81d5db454f5d82351adc4