cerrogrande.oxidocs.com
Open in
urlscan Pro
186.64.122.171
Malicious Activity!
Public Scan
Effective URL: https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/?Key=35802826719&rand=13InboxLig...
Submission: On June 07 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 18th 2018. Valid for: 3 months.
This is the only time cerrogrande.oxidocs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 210.210.130.244 210.210.130.244 | 4787 (ASN-CBN P...) (ASN-CBN PT Cyberindo Aditama) | |
2 28 | 186.64.122.171 186.64.122.171 | 52368 (ZAM LTDA.) (ZAM LTDA.) | |
2 | 104.109.72.197 104.109.72.197 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 216.58.214.74 216.58.214.74 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
29 | 3 |
ASN4787 (ASN-CBN PT Cyberindo Aditama, ID)
PTR: static-210-130-244.cbn.net.id
alumni.uigm.ac.id |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-72-197.deploy.static.akamaitechnologies.com
secure.aadcdn.microsoftonline-p.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s10-in-f74.1e100.net
fonts.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
oxidocs.com
2 redirects
cerrogrande.oxidocs.com |
958 KB |
2 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com |
293 KB |
1 |
googleapis.com
fonts.googleapis.com |
339 B |
1 |
uigm.ac.id
1 redirects
alumni.uigm.ac.id |
307 B |
29 | 4 |
Domain | Requested by | |
---|---|---|
28 | cerrogrande.oxidocs.com |
2 redirects
cerrogrande.oxidocs.com
|
2 | secure.aadcdn.microsoftonline-p.com |
cerrogrande.oxidocs.com
|
1 | fonts.googleapis.com |
cerrogrande.oxidocs.com
|
1 | alumni.uigm.ac.id | 1 redirects |
29 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cerrogrande.oxidocs.com cPanel, Inc. Certification Authority |
2018-04-18 - 2018-07-17 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/?Key=35802826719&rand=13InboxLightaspxn.358028267191774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn..1774256418&fid.1252899642&fid.1&fav.1&login=cmVkYWN0ZWRfZW1haWw=&.rand=13InboxLight.aspx?n=358028267191774256418&fid=4
Frame ID: 933C5D98039F4D17113D29717582F463
Requests: 6 HTTP requests in this frame
Frame:
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/data_files/Prefetch.html
Frame ID: 16F3111A93CDA2989DAC70C3706F39BA
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://alumni.uigm.ac.id/?en=redacted_email
HTTP 302
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/?loge=redacted_email HTTP 302
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df?Key=35802826... HTTP 301
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/?Key=3580282... Page URL
Detected technologies
UNIX (Operating Systems) ExpandDetected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_ssl (Web Server Extensions) Expand
Detected patterns
- headers server /mod_ssl(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
- headers server /mod_ssl(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & Cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://alumni.uigm.ac.id/?en=redacted_email
HTTP 302
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/?loge=redacted_email HTTP 302
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df?Key=35802826719&rand=13InboxLightaspxn.358028267191774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn..1774256418&fid.1252899642&fid.1&fav.1&login=cmVkYWN0ZWRfZW1haWw=&.rand=13InboxLight.aspx?n=358028267191774256418&fid=4 HTTP 301
https://cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/?Key=35802826719&rand=13InboxLightaspxn.358028267191774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn..1774256418&fid.1252899642&fid.1&fav.1&login=cmVkYWN0ZWRfZW1haWw=&.rand=13InboxLight.aspx?n=358028267191774256418&fid=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/ Redirect Chain
|
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
converged.login.min.css
cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/data_files/ |
84 KB 85 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.svg
cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/data_files/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picker_account_msa.svg
cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/Sign%20in%20to%20your%20Microsoft%20account_files/ |
379 B 726 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Prefetch.html
cerrogrande.oxidocs.com/wp-includes/certificates/h3/A4/c7e01ba300d7a27abcc474b8493283df/data_files/ Frame 16F3 |
65 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.jpg
secure.aadcdn.microsoftonline-p.com/ests/2.1.6387.8/content/images/backgrounds/ |
291 KB 291 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0-small.jpg
secure.aadcdn.microsoftonline-p.com/ests/2.1.6387.8/content/images/backgrounds/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
cerrogrande.oxidocs.com/wp-includes/js/ Frame 16F3 |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
cerrogrande.oxidocs.com/wp-content/plugins/nelio-featured-posts/assets/ Frame 16F3 |
717 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
cerrogrande.oxidocs.com/wp-content/plugins/contact-form-7/includes/css/ Frame 16F3 |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dashicons.min.css
cerrogrande.oxidocs.com/wp-includes/css/ Frame 16F3 |
45 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/css/ Frame 16F3 |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twentyfifteen.css
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/styles/ Frame 16F3 |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
settings.css
cerrogrande.oxidocs.com/wp-content/plugins/revslider/public/assets/css/ Frame 16F3 |
39 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ Frame 16F3 |
482 B 339 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
cerrogrande.oxidocs.com/wp-content/themes/Zephyr/css/ Frame 16F3 |
234 KB 235 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.min.css
cerrogrande.oxidocs.com/wp-content/themes/Zephyr/css/ Frame 16F3 |
20 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Defaults.css
cerrogrande.oxidocs.com/wp-content/uploads/smile_fonts/Defaults/ Frame 16F3 |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
cerrogrande.oxidocs.com/wp-includes/js/jquery/ Frame 16F3 |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.themepunch.tools.min.js
cerrogrande.oxidocs.com/wp-content/plugins/revslider/public/assets/js/ Frame 16F3 |
108 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.themepunch.revolution.min.js
cerrogrande.oxidocs.com/wp-content/plugins/revslider/public/assets/js/ Frame 16F3 |
63 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
cerrogrande.oxidocs.com/wp-content/plugins/contact-form-7/includes/js/ Frame 16F3 |
14 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.core.min.js
cerrogrande.oxidocs.com/wp-content/themes/Zephyr/framework/js/ Frame 16F3 |
108 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
cerrogrande.oxidocs.com/wp-includes/js/ Frame 16F3 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mc-grid.js
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/js/ Frame 16F3 |
894 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mc-list.js
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/js/ Frame 16F3 |
823 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mc-mini.js
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/js/ Frame 16F3 |
713 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mc-ajax.js
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/js/ Frame 16F3 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mcjs.js
cerrogrande.oxidocs.com/wp-content/plugins/my-calendar/js/ Frame 16F3 |
99 B 453 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alumni.uigm.ac.id
cerrogrande.oxidocs.com
fonts.googleapis.com
secure.aadcdn.microsoftonline-p.com
104.109.72.197
186.64.122.171
210.210.130.244
216.58.214.74
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1156428ca1f8f11c3deb0d5d3ddeb94679cea4ab440a7990cc50bfd82194556c
13f6990c7c68b797db2c4f00f402e2e78858314e909c702b2ced5ff48510a9c3
14b636e164af93d410a674e6479e7fa7f4a55fd7d11b1c608005bff6d413d02c
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
2071db6a30efde8623e886162e692f14dc1c4212a20904fdaf7ae0f02c6bc498
22df5653f13474079794c82428795265d859f4adb136db84899cb30e97297abf
2872e3496f49f84decf84d8156025502c46cbbbc79e6b2d262d205b43aa46501
334349229c3564240dd0ed05e0c747db3d9e978b6cd447f19b6891b0d32a94cb
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
4f962ec8ae085492d496fcbbd74185ab1c8e377438dbcb5ec4f8517b7bd9293f
511f412b2cc9cf311012dd54222880ba6f047d12e651ae419ca201163b00e275
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214
64f0dee790158fce98a258d66ab36a09f3894c7de888707eee0031c17082571c
6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62
773c6d9285cd15d602c75e50012c1f1a22e0b9af60bc86d344883ef086c45c6c
77dd13125cf9d9d5f6aaffb97addcb8ac0f39305099d41c4f370afc130c77182
798182a2b039571b2542b82c7f435c1165c42e1b7df73d13fc62c3361dbd0740
85d63837624a003bec9ee8773f61a40267a0579cb6079cefcffab9c40ca508cc
8b90eae310ca7f1c9a2eda688c209473b6af3f002186626256873ce0255929b7
a0ea370d3fdd16579ac4492deb36eaf1d37481bf248a543d838bf6662844cf06
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d65920b72f7f0db34aaeead4867163e8c9eaac162de76a63263bb58b4fd68013
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
ec3c1f8801ad0e47683749ee40d8cade3708b6440d9c08118d05437fe954a552
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e