bluecometseafoods.ca
Open in
urlscan Pro
192.185.109.119
Malicious Activity!
Public Scan
Submission: On September 15 via manual from US
Summary
This is the only time bluecometseafoods.ca was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 192.185.109.119 192.185.109.119 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
3 | 2a02:26f0:10c... 2a02:26f0:10c:383::35c1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
9 | 2a02:26f0:10c... 2a02:26f0:10c:387::753 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
31 | 4 |
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-109-119.unifiedlayer.com
bluecometseafoods.ca |
ASN20940 (AKAMAI-ASN1, US)
secure.aadcdn.microsoftonline-p.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
bluecometseafoods.ca
bluecometseafoods.ca |
905 KB |
9 |
office365.com
outlook.office365.com Failed r1.res.office365.com |
744 KB |
3 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com |
203 KB |
31 | 3 |
Domain | Requested by | |
---|---|---|
18 | bluecometseafoods.ca |
bluecometseafoods.ca
|
9 | r1.res.office365.com |
bluecometseafoods.ca
|
3 | secure.aadcdn.microsoftonline-p.com |
bluecometseafoods.ca
|
0 | outlook.office365.com Failed |
bluecometseafoods.ca
|
31 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
signup.live.com |
login.microsoftonline.com |
passwordreset.microsoftonline.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.aadcdn.microsoftonline-p.com Microsoft IT TLS CA 1 |
2017-08-15 - 2019-08-15 |
2 years | crt.sh |
*.res.outlook.com Microsoft IT SSL SHA2 |
2016-12-19 - 2018-04-19 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://bluecometseafoods.ca/edu/msoffice/
Frame ID: 26493.1
Requests: 11 HTTP requests in this frame
Frame:
http://bluecometseafoods.ca/edu/msoffice/index_files/prefetch.html
Frame ID: 26493.2
Requests: 19 HTTP requests in this frame
Frame:
https://outlook.office365.com/owa/prefetch.aspx
Frame ID: 26493.3
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: get a new Microsoft account
Search URL Search Domain Scan URL
Title: Sign out
Search URL Search Domain Scan URL
Title: Can’t access your account?
Search URL Search Domain Scan URL
Title: Sign in with a Microsoft account
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
bluecometseafoods.ca/edu/msoffice/ |
33 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.min.css
bluecometseafoods.ca/edu/msoffice/index_files/ |
21 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hover.min.css
bluecometseafoods.ca/edu/msoffice/index_files/ |
89 B 106 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.1.11.min.js
bluecometseafoods.ca/edu/msoffice/index_files/ |
107 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aad.login.min.js
bluecometseafoods.ca/edu/msoffice/index_files/ |
158 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
heroillustration
bluecometseafoods.ca/edu/msoffice/index_files/ |
29 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bannerlogo
bluecometseafoods.ca/edu/msoffice/index_files/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.png
bluecometseafoods.ca/edu/msoffice/index_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.4478.3/content/cdnbundles/ |
89 B 82 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.html
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
heroillustration
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-uymyxxfhpwrbckvwvlxle8radh6vkzaj7cwkqpqixg/appbranding/npdp3ivuhlrwvd1ynsq0x-mjc7zhvnj0i7k676ppafa/0/ |
199 KB 199 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.0.mouse.js
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
604 KB 198 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.1.mouse.js
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
603 KB 178 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.2.mouse.js
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
603 KB 188 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.3.mouse.js
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
604 KB 161 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.png
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
17 KB 17 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.css
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.mouse.css
bluecometseafoods.ca/edu/msoffice/index_files/ Frame 2649 |
157 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
prefetch.aspx
outlook.office365.com/owa/ Frame 2649 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.0.mouse.js
r1.res.office365.com/owa/prem/16.1340.13.2059829/scripts/ Frame 2649 |
604 KB 164 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office365icons.woff
bluecometseafoods.ca/edu/msoffice/fonts/ Frame 2649 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.1.mouse.js
r1.res.office365.com/owa/prem/16.1340.13.2059829/scripts/ Frame 2649 |
603 KB 149 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.2.mouse.js
r1.res.office365.com/owa/prem/16.1340.13.2059829/scripts/ Frame 2649 |
603 KB 154 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.3.mouse.js
r1.res.office365.com/owa/prem/16.1340.13.2059829/scripts/ Frame 2649 |
604 KB 129 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.png
r1.res.office365.com/owa/prem/16.1340.13.2059829/resources/images/0/ Frame 2649 |
17 KB 17 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.css
r1.res.office365.com/owa/prem/16.1340.13.2059829/resources/images/0/ Frame 2649 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.mouse.css
r1.res.office365.com/owa/prem/16.1340.13.2059829/resources/styles/0/ Frame 2649 |
157 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office365icons.woff
r1.res.office365.com/owa/prem/16.1340.13.2059829/resources/styles/fonts/ Frame 2649 |
53 KB 53 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office365icons.ttf
bluecometseafoods.ca/edu/msoffice/fonts/ Frame 2649 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office365icons.woff
r1.res.office365.com/owa/prem/16.1340.13.2059829/resources/styles/fonts/ Frame 2649 |
53 KB 53 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- outlook.office365.com
- URL
- https://outlook.office365.com/owa/prefetch.aspx
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
outlook.office365.com/ | Name: OIDC Value: 1 |
|
outlook.office365.com/ | Name: ClientId Value: A11BE37E2AF34B81BA13CF339FC2E320 |
|
bluecometseafoods.ca/edu/msoffice | Name: testcookie Value: testcookie |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bluecometseafoods.ca
outlook.office365.com
r1.res.office365.com
secure.aadcdn.microsoftonline-p.com
outlook.office365.com
192.185.109.119
2a02:26f0:10c:383::35c1
2a02:26f0:10c:387::753
01dde06706b3dc7b020de6c09319fbafdc63e4a014e762231b6722c728ad29c8
0c04b857857f77414ef0dd3ec715e3292324565809722e9a68bf9efd18b50102
0def6ef54feda5e9d5abcf661e4ddf6c36b2501074fbe2a557ab643dc355ebac
14d4e89d55b1f962a895050b05a52c71c399a59764bbf5649ec09a72cd64fdbe
18bba9ffd8b0d112a846a1ff683d6368709f70ae26722b081cac7329dd9953a7
3f445fb00ecbb95217cd2d707377ae9c126577eaf045d5ee21af52a6cb6c5078
5be875c14f47e9b14e7dbdb612aa09c98a59eb669d27a8eadd50e5826d887fe8
7bed7d7ef6d5fe30a99e1d4e97d0c565797a296b3bbee72c9627c9a9b24fe2b7
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
988e349f2bf4e87154738c7b2c1fa86618713a8cfa0cef60a046f5add89bd9de
99e912270cbd8d3b7080c4105c9fd7612d94c8d4fd0abe6fcde60643997499f9
9fdb62c92091b48f08570b19077d643a182799347c2bcdf77ca610bddad3cbe6
c46bae763628e53a820b4f0188456b6d68905df32cd1fc0b0d33c64ed56ad314
d2a2a552e045c09fca23d019b2e04a414e815ddb705de9be724df451741f1c15
d6224e502b151bd2e3c8c4b0d565ad0a4b0b932eccd8ea5ff86f7c92c858632d
ebb563003efe3a6624981e8766228e4f2b621b639bb0154ba25e76ce735e7008
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603