s3-api.us-geo.objectstorage.softlayer.net Open in urlscan Pro
67.228.254.193 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30
Effective URL:
https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html
Submission: On November 14 via manual (November 14th 2018, 11:57:52 pm UTC) from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 67.228.254.193, located in Dallas, United States and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is s3-api.us-geo.objectstorage.softlayer.net.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 17th 2018. Valid for: a year.

This is the only time s3-api.us-geo.objectstorage.softlayer.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Box.com (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::681b:85fb	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	67.228.254.193 67.228.254.193	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
14	2a00:1450:400... 2a00:1450:4001:81a::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
16	3

1 2606:4700:30::681b:85fb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

a.filesdoc.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.228.254.193 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: s3-api.us-geo.objectstorage.softlayer.net

s3-api.us-geo.objectstorage.softlayer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81a::2010 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googleapis.com storage.googleapis.com	547 KB
1	softlayer.net s3-api.us-geo.objectstorage.softlayer.net	9 KB
1	filesdoc.us a.filesdoc.us	1 KB
16	3

	Domain	Requested by
14	storage.googleapis.com	s3-api.us-geo.objectstorage.softlayer.net
1	s3-api.us-geo.objectstorage.softlayer.net	a.filesdoc.us
1	a.filesdoc.us
16	3

This site contains no links.

Subject Issuer	Validity	Valid
s3-api.us-geo.objectstorage.softlayer.net GeoTrust RSA CA 2018	`2018-04-17` - `2019-07-29`	a year	crt.sh
*.storage.googleapis.com Google Internet Authority G3	`2018-10-30` - `2019-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html
Frame ID: 0A1BFAAE946066618755B0E90C6B87FB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30 Page URL
https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

16
Requests

94 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

556 kB
Transfer

552 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30 Page URL
https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set yvjdlv.html Show response a.filesdoc.us/	1 KB 1 KB	190ms 184ms	Document text/html	2606:4700:30::681b:85fb Cloudflare
General Check archive.org Show headers Download Go to Full URL http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30 Protocol HTTP/1.1 Server 2606:4700:30::681b:85fb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ea76ba933c6ad5a19fda67745a05b80948a739329528cf97bd407b8dfb1f61a2` Request headers Host a.filesdoc.us Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 14 Nov 2018 23:57:41 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d5b3f2107982e84c8297c7eb5f09ff77d1542239861; expires=Thu, 14-Nov-19 23:57:41 GMT; path=/; domain=.filesdoc.us; HttpOnly Last-Modified Fri, 09 Nov 2018 22:25:16 GMT Vary Accept-Encoding Server cloudflare CF-RAY 479d6bff40e49726-FRA Content-Encoding gzip
GET H/1.1	200 OK	Primary Request index-home.html Show response s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/	8 KB 9 KB	513ms 201ms	Document text/html	67.228.254.193 SoftLayer Technol...
General Check archive.org Show headers Download Go to Full URL https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Requested by Host: a.filesdoc.us URL: http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 67.228.254.193 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US), Reverse DNS s3-api.us-geo.objectstorage.softlayer.net Software 3.14.1.32 / Resource Hash `a1da35d55eeef596eb8cfb5eae897f76d72f4de34f39e609fd344a9b92b0c950` Request headers Host s3-api.us-geo.objectstorage.softlayer.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://a.filesdoc.us/yvjdlv.html?a=3c3ad4cc-247a-46c4-b28e-57c6bb787e30 Response headers Date Wed, 14 Nov 2018 23:57:43 GMT X-Clv-Request-Id fd798978-1721-4631-9ed0-221843729b4e Server 3.14.1.32 X-Clv-S3-Version 2.5 Accept-Ranges bytes x-amz-request-id fd798978-1721-4631-9ed0-221843729b4e ETag "e197b502c31d0c6c055e86ceb234765f" Content-Type text/html Last-Modified Fri, 09 Nov 2018 22:25:15 GMT Content-Length 8494
GET S	200	css.css storage.googleapis.com/office-company-page/css/	202 KB 203 KB	450ms 428ms	Stylesheet text/css	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/office-company-page/css/css.css Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `ee30e10bb566e3ea31b546ed64c1f00fc2c0d86a7628da6f3b3be877ddbcdc50` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2Uobrd8aOJPsXEj1csQ982l7UdB_9Z_Qp2C3bJxcDD-YRLXtb0tB4DQexAQEVw0G0_Y5_-LWkXMyvmNGzE50JsrrCbUBWA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 207013 last-modified Wed, 19 Sep 2018 21:19:24 GMT server UploadServer etag "13cdf00062544f9ac35900229c4e2ef5" x-goog-hash crc32c=0AqyCA==, md5=E83wAGJUT5rDWQAinE4u9Q== x-goog-generation 1537391964243085 cache-control private, max-age=0 x-goog-stored-content-length 207013 accept-ranges bytes content-type text/css expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	apps.png storage.googleapis.com/office-company-page/images/	4 KB 5 KB	461ms 439ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/apps.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `a80f6e04a6c9f0bd6349e8ffe05eeacae606ec98ccbecfa70c6312b5fa96f836` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UoXghFJAgf9CFMIAzq59Z2JeWDwx8oXl0sBrq-J-biMi7WWaxXRFZOv_rbAFdeuA8L0kmWmf9eQTo7L2ZG07ork4h-FeA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 4423 last-modified Wed, 19 Sep 2018 21:19:04 GMT server UploadServer etag "8cd7fb32de1d33bf55571c3159264903" x-goog-hash crc32c=yAuRjA==, md5=jNf7Mt4dM79VVxwxWSZJAw== x-goog-generation 1537391944725411 cache-control private, max-age=0 x-goog-stored-content-length 4423 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	1000px-Google_G_Logo.png storage.googleapis.com/office-company-page/images/	37 KB 38 KB	486ms 464ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/1000px-Google_G_Logo.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `27c2c6dd5f53843351c42c8aa0725cf4ea72a2aeeebc90b8f03af9cf021e82cf` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UpndECte9ZlzIrfunH_7-uYawjlTBpzlrqFaIEuYtQrOZLQ2me7YAQvLdLqWznlx66yec2Vu_BQAoXet-jIcLQL_KRiZQ x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 38385 last-modified Wed, 19 Sep 2018 21:19:04 GMT server UploadServer etag "c8b8129127bada9fa699aeba388b3b2b" x-goog-hash crc32c=CHe4UQ==, md5=yLgSkSe62p+mma66OIs7Kw== x-goog-generation 1537391944924535 cache-control private, max-age=0 x-goog-stored-content-length 38385 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	2000px-Outlook.png storage.googleapis.com/office-company-page/images/	65 KB 66 KB	437ms 416ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/2000px-Outlook.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `37ac5510e9ee88f6cc41948675cd68d6d773bfe58c6a4c064f7b5e37002c9919` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UqNLKa_qkJunY3IH3KLPzdM0iiGTaKUcdpNtwyId8b4phG5LJpZJpPj4pveea8xwY4dMHyFv6Wcm_lLON0jHdZYDzBuWg x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 66733 last-modified Wed, 19 Sep 2018 21:19:05 GMT server UploadServer etag "f39ba4f4c59622ab49f50fc610734c11" x-goog-hash crc32c=FT0BUg==, md5=85uk9MWWIqtJ9Q/GEHNMEQ== x-goog-generation 1537391945324554 cache-control private, max-age=0 x-goog-stored-content-length 66733 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	yahoo-social-media-logo-38959f083e2e7452-512x512.png storage.googleapis.com/office-company-page/images/	23 KB 23 KB	459ms 438ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/yahoo-social-media-logo-38959f083e2e7452-512x512.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `0f02fe13bdcd4c108ee064feeec84b358219ba380d4cf3cac2f7d279511a8caf` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2Uo7xXrs5pE6bR7Ddj8QSKhWu2WvZOxAefytjCsCEJjqZY79ohFWdHczD2IE7H2-QhyApZZ_MjKo8roWKHB38bfPpXj5kA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 23384 last-modified Wed, 19 Sep 2018 21:19:12 GMT server UploadServer etag "a72e576f1734d8b565c86f15ac2a6820" x-goog-hash crc32c=e3rrNA==, md5=py5Xbxc02LVlyG8VrCpoIA== x-goog-generation 1537391952833357 cache-control private, max-age=0 x-goog-stored-content-length 23384 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	latest.png storage.googleapis.com/office-company-page/images/	38 KB 38 KB	478ms 457ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/latest.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `055f5bb06369181b392f18d59b1580ef839b56ec1bbebc96b223fab3f0fe2573` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UrQKa5A8e3yYYTldvk4PnmaN2Y8B3CqDIlFrT-iV7OcZlTE846D_xIDIOm63zxR4TIp25-mQg7SiaoCiPRv1CzMGwJy2g x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 38668 last-modified Wed, 19 Sep 2018 21:19:09 GMT server UploadServer etag "1e643202aabdecbe15ab0d87e40885d0" x-goog-hash crc32c=TSvhKw==, md5=HmQyAqq97L4Vqw2H5AiF0A== x-goog-generation 1537391949924331 cache-control private, max-age=0 x-goog-stored-content-length 38668 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	email_PNG20.png storage.googleapis.com/office-company-page/images/	36 KB 36 KB	1035ms 1034ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/email_PNG20.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `56523a4e6fc8ee9f14f446454ddc34c476e2fe5d576059548d3de174d5f6d362` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UraLjZEFwm9amL3rISG5nhISfxBkbGlsFpIgBO-Ih-X0DnDLyf3izb7ePxikGuzBqq26OZWAb2Ty2EUKKSIIWsD3IXzrA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 36429 last-modified Wed, 19 Sep 2018 21:19:07 GMT server UploadServer etag "493a4362f91c065809f2cb0a4a22d125" x-goog-hash crc32c=X0aXUQ==, md5=STpDYvkcBlgJ8ssKSiLRJQ== x-goog-generation 1537391947827464 cache-control private, max-age=0 x-goog-stored-content-length 36429 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	AstraZeneca_0.png storage.googleapis.com/office-company-page/images/	10 KB 10 KB	1034ms 1033ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/AstraZeneca_0.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `944961358121e68879546ff9defcc0db811870eebbc2e2a3fee5b42628bd80ed` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UpHAIO5P4JuL6VeloO7FKKJ6E5_CPBZUoDK2swD5xOYKyCxws9BprjQRCQU5nkAzdkdxDaQbjXrllKrqgPboWXKsbUyIQ x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 10320 last-modified Wed, 19 Sep 2018 21:29:01 GMT server UploadServer etag "0bff5e736f50c528565e9989972d30fe" x-goog-hash crc32c=Ky5MCw==, md5=C/9ec29QxShWXpmJly0w/g== x-goog-generation 1537392541596210 cache-control private, max-age=0 x-goog-stored-content-length 10320 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	PG_433x90.png storage.googleapis.com/office-company-page/images/	5 KB 5 KB	1034ms 1033ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/PG_433x90.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `2693186aa9644890b9d6858c4b784ccde2de3d26207b7703201efcc714e913f9` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UrijPNRpu7sQXROhso6SLY1Zc9nLhzzOPett3km9D4g_R33Z6nLkaQQF9hGdjKiBlVLfjgNhW4ZJJuqDWlhOWSX0oKvtQ x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 4928 last-modified Wed, 19 Sep 2018 21:29:04 GMT server UploadServer etag "d4b378ca1b7eeccfc4255da9e4d5b003" x-goog-hash crc32c=lj3lCg==, md5=1LN4yht+7M/EJV2p5NWwAw== x-goog-generation 1537392544921041 cache-control private, max-age=0 x-goog-stored-content-length 4928 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	GE.png storage.googleapis.com/office-company-page/images/	5 KB 5 KB	1034ms 1034ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/GE.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `86a57a85f31ac7ee763d7f61891d5717db271799927d28481ded6a660ca4b4e6` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UpmOfZ4O3dXXOUs8AZFFeCg2gG7_EHsZPhmyvbuZxM0-FDgLJA-1GYKdnndSubQFpqjPAVV0wZK9S0C8Q0DbdkIER4vaA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 5138 last-modified Wed, 19 Sep 2018 21:29:02 GMT server UploadServer etag "afa443500d8a9f44ec22319e7a097e03" x-goog-hash crc32c=LZrewQ==, md5=r6RDUA2Kn0TsIjGeegl+Aw== x-goog-generation 1537392542991028 cache-control private, max-age=0 x-goog-stored-content-length 5138 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	Nationwide.png storage.googleapis.com/office-company-page/images/	9 KB 10 KB	1034ms 1034ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/Nationwide.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `818ba83870603d9695a9494b7215068689b7fe9153b8d57e9274fc46e72f975a` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UrGFySBYmG7YlJXLtGFKP4xskkRPKpYb6hrbMJCMOy6OYc7NdTxRpYcmzH1WHgwr8uuzBkAWOmft5IsxRpt5df-eMK2cQ x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 9712 last-modified Wed, 19 Sep 2018 21:29:03 GMT server UploadServer etag "4fba93a6eff584210739855385d94a90" x-goog-hash crc32c=myU+MQ==, md5=T7qTpu/1hCEHOYVThdlKkA== x-goog-generation 1537392543332764 cache-control private, max-age=0 x-goog-stored-content-length 9712 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	Boston.png storage.googleapis.com/office-company-page/images/	8 KB 8 KB	409ms 409ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/Boston.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `988e7ea05e4b996a604b5055500051b9021d763be5aea15ac1146d83469896d4` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2Uo4gIb3pDSBTi-VUA6rr1O2bIvleyI1JZB9a6zUX3a8le81s7ZjrXs8Ia1IlGEWz58B75I01CNPmq9cL2UeVgmCytlCyQ x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 7717 last-modified Wed, 19 Sep 2018 21:29:01 GMT server UploadServer etag "393db31839092e2cc1716521bde52a5d" x-goog-hash crc32c=9InMrg==, md5=OT2zGDkJLizBcWUhveUqXQ== x-goog-generation 1537392541889432 cache-control private, max-age=0 x-goog-stored-content-length 7717 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	Pandora.png storage.googleapis.com/office-company-page/images/	17 KB 17 KB	424ms 424ms	Image image/png	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/Pandora.png Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `748195ac015cee91667a22f2e14e6f5b80985245f88c69f870cc757b517cfa21` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UqjGFt2eDr8nLNlzICy5AHWwPGN5i6JzZ4kIzZaPb0mQvxiBunol3jP1DKGHqSFL5T9_v-hPBN4wqLulKHaQM1Ff7_LFA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 16921 last-modified Wed, 19 Sep 2018 21:29:03 GMT server UploadServer etag "91d4a7693fec4f2a4d121ff926f5b0cd" x-goog-hash crc32c=GaVklA==, md5=kdSnaT/sTypNEh/5JvWwzQ== x-goog-generation 1537392543426731 cache-control private, max-age=0 x-goog-stored-content-length 16921 accept-ranges bytes content-type image/png expires Wed, 14 Nov 2018 23:57:43 GMT
GET S	200	home_masthead_ipadonly.jpg storage.googleapis.com/office-company-page/images/	84 KB 84 KB	431ms 430ms	Image image/jpeg	2a00:1450:4001:81a::2010 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/office-company-page/images/home_masthead_ipadonly.jpg Requested by Host: s3-api.us-geo.objectstorage.softlayer.net URL: https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81a::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software UploadServer / Resource Hash `3470e4402c0cbe8c6eecae0dbb06a28fab1e4ec7958fb9ed311e230bc1ade564` Request headers Referer https://s3-api.us-geo.objectstorage.softlayer.net/aoffice365-oouassa-557733120/aoffice365-oouassa-557733120/index-home.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 14 Nov 2018 23:57:43 GMT x-guploader-uploadid AEnB2UqCqtv8ooqweCpbW3BjDDkPBAE5TltZkUGmaRubJSmLmgdN0iR1OyEjYMhIVofIVY5RDuQYtC9MlIbkVHfiQa55E3X_6Q x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 85628 last-modified Wed, 19 Sep 2018 21:28:52 GMT server UploadServer etag "29a752cb07bbf514e4463974fcf11bb9" x-goog-hash crc32c=6iLv7w==, md5=KadSywe79RTkRjl0/PEbuQ== x-goog-generation 1537392532953320 cache-control private, max-age=0 x-goog-stored-content-length 85628 accept-ranges bytes content-type image/jpeg expires Wed, 14 Nov 2018 23:57:43 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Box.com (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.filesdoc.us
s3-api.us-geo.objectstorage.softlayer.net
storage.googleapis.com
2606:4700:30::681b:85fb
2a00:1450:4001:81a::2010
67.228.254.193
055f5bb06369181b392f18d59b1580ef839b56ec1bbebc96b223fab3f0fe2573
0f02fe13bdcd4c108ee064feeec84b358219ba380d4cf3cac2f7d279511a8caf
2693186aa9644890b9d6858c4b784ccde2de3d26207b7703201efcc714e913f9
27c2c6dd5f53843351c42c8aa0725cf4ea72a2aeeebc90b8f03af9cf021e82cf
3470e4402c0cbe8c6eecae0dbb06a28fab1e4ec7958fb9ed311e230bc1ade564
37ac5510e9ee88f6cc41948675cd68d6d773bfe58c6a4c064f7b5e37002c9919
56523a4e6fc8ee9f14f446454ddc34c476e2fe5d576059548d3de174d5f6d362
748195ac015cee91667a22f2e14e6f5b80985245f88c69f870cc757b517cfa21
818ba83870603d9695a9494b7215068689b7fe9153b8d57e9274fc46e72f975a
86a57a85f31ac7ee763d7f61891d5717db271799927d28481ded6a660ca4b4e6
944961358121e68879546ff9defcc0db811870eebbc2e2a3fee5b42628bd80ed
988e7ea05e4b996a604b5055500051b9021d763be5aea15ac1146d83469896d4
a1da35d55eeef596eb8cfb5eae897f76d72f4de34f39e609fd344a9b92b0c950
a80f6e04a6c9f0bd6349e8ffe05eeacae606ec98ccbecfa70c6312b5fa96f836
ea76ba933c6ad5a19fda67745a05b80948a739329528cf97bd407b8dfb1f61a2
ee30e10bb566e3ea31b546ed64c1f00fc2c0d86a7628da6f3b3be877ddbcdc50

s3-api.us-geo.objectstorage.softlayer.net Open in urlscan Pro 67.228.254.193 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

556 kBTransfer

552 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

s3-api.us-geo.objectstorage.softlayer.net Open in urlscan Pro
67.228.254.193 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

556 kB
Transfer

552 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!