0ff1ce-onedrive-attachment-download-aligzmojy.now.sh Open in urlscan Pro
34.65.228.161  Malicious Activity! Public Scan

Submitted URL: https://723mu.app.link/YneTTDCVi6
Effective URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Submission: On May 13 via manual from US

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 34.65.228.161, located in United States and belongs to GOOGLE, US. The main domain is 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 5th 2020. Valid for: 3 months.
This is the only time 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:201... 16509 (AMAZON-02)
1 34.65.228.161 15169 (GOOGLE)
14 2a02:4780:dea... 204915 (AWEX)
15 2
Domain Requested by
14 falsifiable-person.000webhostapp.com 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
1 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
1 723mu.app.link 1 redirects
15 3

This site contains no links.

Subject Issuer Validity Valid
*.now.sh
Let's Encrypt Authority X3
2020-04-05 -
2020-07-04
3 months crt.sh
*.000webhostapp.com
RapidSSL RSA CA 2018
2019-06-11 -
2021-07-10
2 years crt.sh

This page contains 1 frames:

Primary Page: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Frame ID: 7075A0DC936C6C19F3A5185349DC2184
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://723mu.app.link/YneTTDCVi6 HTTP 307
    https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^now$/i

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

124 kB
Transfer

129 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://723mu.app.link/YneTTDCVi6 HTTP 307
    https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/
Redirect Chain
  • https://723mu.app.link/YneTTDCVi6
  • https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
11 KB
2 KB
Document
General
Full URL
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
now /
Resource Hash
41f4edeb8e00d84f6df38807c2b6636a63aef7d36ad3d1c41ca396ca1804465b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

:method
GET
:authority
0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
:scheme
https
:path
/?_branch_match_id=789092667444865814&utm_medium=marketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 13 May 2020 12:23:00 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
x-vercel-cache
MISS
x-now-cache
MISS
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index.html"
access-control-allow-origin
*
etag
W/"3bb5c42cf4959911b355a9a180733ba0875153a7"
age
0
x-now-trace
zrh1
server
now
x-vercel-id
zrh1::g5hnz-1589372579309-07a41d342ed4
x-now-id
zrh1::g5hnz-1589372579309-07a41d342ed4
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br

Redirect headers

Content-Length
0
Connection
keep-alive
Server
openresty/1.13.6.2
Date
Wed, 13 May 2020 12:22:59 GMT
X-Powered-By
Express
Set-Cookie
_s=2Z7xo2XYSox0NE8c8BlhO3zsMW6y%2Fn2LOLLLu9pBkgK2AmcIHq7tY45baoPkA2rq; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Thu, 13 May 2021 12:22:59 GMT
Last-Modified
Wed, 13 May 2020 12:22:59 GMT
Location
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
X-Cache
Miss from cloudfront
Via
1.1 63c9a084de27504ef34be3673921d01e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C2
X-Amz-Cf-Id
vVwo58RmYvoi7PUUPxigSZVUFENPjyKC3iZvzPL6I8IdVIdbTu6M4Q==
av011.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
5 KB
5 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av011.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
a609042b1ca43d30d0006c66a1417fea56b42766feeaeba8b20803a43e6dff09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:23 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
5170
x-xss-protection
1; mode=block
x-request-id
1566cfc35185c605ed33478abaff4f47
bt01.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
491 B
702 B
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/bt01.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
bc1a464cf269178d8c6e77030104427d6a443e56551a248e1ba2dd99e46c4967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:27 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
491
x-xss-protection
1; mode=block
x-request-id
e36bb89fd2e19c23284550ef7b3416ad
av021.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
2 KB
2 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av021.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
24a8a365301768ddcf849160e1342d63b1feae4d5dacb1cb3d608c8cb6fa5994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:23 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
1919
x-xss-protection
1; mode=block
x-request-id
fccf008cb68930992533b0864c382da4
av022.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
3 KB
4 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av022.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
590f45556412336488ff1db500b4e34104f30e7161e494992e4d0493a3d06dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:24 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
3450
x-xss-protection
1; mode=block
x-request-id
dccf66c4d6ec467b6f083a257e66f5e6
bt02.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
1 KB
1 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/bt02.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
0ca9497a9e2c19628ef30c1405a682b5eefab5a38821d35c563642e1e79a62a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:27 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
1066
x-xss-protection
1; mode=block
x-request-id
c59fa137ec07da8da5f8b74a9cf4ffa0
av031.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
7 KB
7 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av031.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
137aa9734d8c02300502944ed1376d395a9f4ba97676e701ed32d07dbbf28be6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:25 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
7197
x-xss-protection
1; mode=block
x-request-id
8cfcc82f09fddf3e862b26f7ea2ba8cf
bt03.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
1 KB
1 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/bt03.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
9c93e8dbbb882fd57e533f32709d0a28f94e3c7cce2fcaf1729ddc97e61979c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:28 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
1143
x-xss-protection
1; mode=block
x-request-id
07348da79476b807be29eb80f04156ed
av041.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
1 KB
2 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av041.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
b66a50616923e92b5b89fa4f2ca2f9a0281f5a27845885cf21dd397a0c1abb07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:25 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
1518
x-xss-protection
1; mode=block
x-request-id
baebe4b6167b126bd855d592cce98b02
bt04.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
1 KB
2 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/bt04.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
bfc52d51178c1fb22377b03c09c8479d611e2afecbeb5d5a34988bbbbb60d08c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:28 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
1382
x-xss-protection
1; mode=block
x-request-id
862a0fc082262fcfb0b5f274cbcb0659
av051.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
2 KB
3 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av051.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
a15b29fe61cdf379483582fe360b12868747042fa87bb40b0e9af42ccfd548ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:26 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
2474
x-xss-protection
1; mode=block
x-request-id
098edd842471545f0ef4722a4ac03d09
bt05.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
923 B
1 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/bt05.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
6bdd77a0448306ef0f6aea95131560c6fc2c81aaa25158bf975c91906616a237
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:29 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
923
x-xss-protection
1; mode=block
x-request-id
a55708876ef57f8b7c7c69dbbecbf89a
av061.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
4 KB
4 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/av061.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
3fe2e6bec88c9dfda8a8a396ef687309fb6663b5da176f5dce730e44763e298b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:26 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
4113
x-xss-protection
1; mode=block
x-request-id
3d5d65b55f15e6776a2e679325bd8336
bt06.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
491 B
702 B
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/bt06.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
bc1a464cf269178d8c6e77030104427d6a443e56551a248e1ba2dd99e46c4967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:29 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
491
x-xss-protection
1; mode=block
x-request-id
6dfc6186f459ffc0a153af0c0a7d03e6
001.png
falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/
88 KB
88 KB
Image
General
Full URL
https://falsifiable-person.000webhostapp.com/vc/wk/wk/home/img/001.png
Requested by
Host: 0ff1ce-onedrive-attachment-download-aligzmojy.now.sh
URL: https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:9f0f::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
f4b76a0986dba96e8ca33869dfa3e5c0351140191c52a49ffc8104970978351c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ff1ce-onedrive-attachment-download-aligzmojy.now.sh/?_branch_match_id=789092667444865814&utm_medium=marketing
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 May 2020 05:22:22 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
89660
x-xss-protection
1; mode=block
x-request-id
c1766cfc489988519a4b2a526c9ea465

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload