nnarquitectura.mx
Open in
urlscan Pro
143.95.235.37
Malicious Activity!
Public Scan
Effective URL: https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/0b15i3xp5gsrbazu3dewbeaa.php?app-token=6ig%...
Submission: On May 25 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 3rd 2020. Valid for: a year.
This is the only time nnarquitectura.mx was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 143.95.235.37 143.95.235.37 | 62729 (ASMALLORA...) (ASMALLORANGE1) | |
13 | 1 |
ASN62729 (ASMALLORANGE1, US)
PTR: ip-143-95-235-37.iplocal
nnarquitectura.mx |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
nnarquitectura.mx
1 redirects
nnarquitectura.mx |
797 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
14 | nnarquitectura.mx |
1 redirects
nnarquitectura.mx
|
13 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
signup.live.com |
account.live.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nnarquitectura.mx Sectigo RSA Domain Validation Secure Server CA |
2020-11-03 - 2021-11-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/0b15i3xp5gsrbazu3dewbeaa.php?app-token=6ig%20j9d8af73hbc24%20e05184%20bmSBPD5CaG%2031kY%20TuArgf6FEaL7%20N%20o%20gwJp9%20SX2wZKMIHO57846536381
Frame ID: 8E77AFCE57AC178A523544180DD27A4E
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://nnarquitectura.mx/UNLIMITED/
HTTP 302
https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/?reff=NWU1NzEyZDA5MGFiO... Page URL
- https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/0b15i3xp5gsrbazu3dewbea... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: get a new one
Search URL Search Domain Scan URL
Title: Create one!
Search URL Search Domain Scan URL
Title: Forgot my password
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nnarquitectura.mx/UNLIMITED/
HTTP 302
https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/?reff=NWU1NzEyZDA5MGFiODA4YTNjODFjNjQ5OGJkMDg2Y2U= Page URL
- https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/0b15i3xp5gsrbazu3dewbeaa.php?app-token=6ig%20j9d8af73hbc24%20e05184%20bmSBPD5CaG%2031kY%20TuArgf6FEaL7%20N%20o%20gwJp9%20SX2wZKMIHO57846536381 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://nnarquitectura.mx/UNLIMITED/ HTTP 302
- https://nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/?reff=NWU1NzEyZDA5MGFiODA4YTNjODFjNjQ5OGJkMDg2Y2U=
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/ Redirect Chain
|
177 B 525 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
0b15i3xp5gsrbazu3dewbeaa.php
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.css
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/css/ |
76 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/css/ |
2 KB 527 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.svg
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/img/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_left.svg
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/img/ |
513 B 733 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.0.min.js
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/js/ |
86 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.jpg
nnarquitectura.mx/UNLIMITED/cmd-login=68db6b963702a368c839f9c95c05b69c/assets/img/ |
277 KB 277 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SegoeUISemiBold.woff
nnarquitectura.mx/UNLIMITED/fonts/SegoeUI/SegoeUISemiBold/ |
189 KB 189 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SegoeUIRegular.woff
nnarquitectura.mx/UNLIMITED/fonts/SegoeUI/SegoeUIRegular/ |
275 KB 275 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nnarquitectura.mx/ | Name: PHPSESSID Value: v1i1fuh3bfn1aar4i26l748lt5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nnarquitectura.mx
143.95.235.37
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
74c1e3d733f79e80d97b5e6e818d2a4c028f685938166bea2fcca64cb87ee859
81f548b9b41ce978b48c43dded9e925c2fd8aad703b5b3b6fd1d127f44876999
a6bd510fcb0a3e7e274824c8272223a2d9d664ce6634559f18200f9fc0bb4371
b6314fc7b20450f44387bb6d6bd66b94e82b794ed16c41378f2a0dcb5400ebf5
c1a8a311550328e980fae13debdfadf5e4e3ac9d4843f21eaae02452ace54621
ca237ccd4bfd5cbc632986f1cb82fb4e73717d8b82b003553ee97045af9a1cfa
f1b5ccd9e804dd7d91f5443bfa76cfe71ce082009ebee0d6a759641170ed9261