urlscan.io logo urlscan.io
SecurityTrails logo

mail-mod-gov-bd.herokuapp.com Open in urlscan Pro
3.227.117.91  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://mail-mod-gov-bd.herokuapp.com/
Submission: On January 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 3.227.117.91, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mail-mod-gov-bd.herokuapp.com.
This is the only time mail-mod-gov-bd.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
5 3.227.117.91 14618 (AMAZON-AES)
5 1
Apex Domain
Subdomains		 Transfer
5 herokuapp.com
mail-mod-gov-bd.herokuapp.com
92 KB
5 1
Domain Requested by
5 mail-mod-gov-bd.herokuapp.com mail-mod-gov-bd.herokuapp.com
5 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://mail-mod-gov-bd.herokuapp.com/
Frame ID: 8B498BD7FBD1BBFC702701F54E8EA946
Requests: 2 HTTP requests in this frame

Frame: http://mail-mod-gov-bd.herokuapp.com/mail.php?username=
Frame ID: 5E0412A1EA3D4D3B00B1990A067465B5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

92 kB
Transfer

91 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail-mod-gov-bd.herokuapp.com/ 		807 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
http://mail-mod-gov-bd.herokuapp.com/
Protocol
HTTP/1.1
Server
3.227.117.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-117-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1a77519214353b1dec86dde901b374410851e3e96217923dd5dab349afb5afc8

Request headers

Host
mail-mod-gov-bd.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 05 Jan 2021 21:12:17 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Via
1.1 vegur
1.svg
mail-mod-gov-bd.herokuapp.com/error_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail-mod-gov-bd.herokuapp.com/error_files/1.svg
Requested by
Host: mail-mod-gov-bd.herokuapp.com
URL: http://mail-mod-gov-bd.herokuapp.com/
Protocol
HTTP/1.1
Server
3.227.117.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-117-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
http://mail-mod-gov-bd.herokuapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 05 Jan 2021 21:12:17 GMT
Via
1.1 vegur
Last-Modified
Fri, 20 Nov 2020 10:21:11 GMT
Server
Apache
Etag
"748-5b487341613c0"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1864
mail.php
mail-mod-gov-bd.herokuapp.com/ Frame 5E04 		84 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mail-mod-gov-bd.herokuapp.com/mail.php?username=
Requested by
Host: mail-mod-gov-bd.herokuapp.com
URL: http://mail-mod-gov-bd.herokuapp.com/
Protocol
HTTP/1.1
Server
3.227.117.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-117-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fe9579c5fd69f43249288e22e880bce555815e3fcede42ab4d5a2a4f81229f28

Request headers

Host
mail-mod-gov-bd.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://mail-mod-gov-bd.herokuapp.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mail-mod-gov-bd.herokuapp.com/

Response headers

Connection
keep-alive
Date
Tue, 05 Jan 2021 21:12:17 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Via
1.1 vegur
webmail_urs_mail126.css
mail-mod-gov-bd.herokuapp.com/error_files/ Frame 5E04 		105 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mail-mod-gov-bd.herokuapp.com/error_files/webmail_urs_mail126.css
Requested by
Host: mail-mod-gov-bd.herokuapp.com
URL: http://mail-mod-gov-bd.herokuapp.com/mail.php?username=
Protocol
HTTP/1.1
Server
3.227.117.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-117-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6881d1e8725baa82916cb67934c91bd1e3483b31498507f7376f531b54559df0

Request headers

Referer
http://mail-mod-gov-bd.herokuapp.com/mail.php?username=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 05 Jan 2021 21:12:17 GMT
Via
1.1 vegur
Last-Modified
Fri, 20 Nov 2020 10:21:11 GMT
Server
Apache
Etag
"69-5b487341613c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105
tt.png
mail-mod-gov-bd.herokuapp.com/error_files/ Frame 5E04 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mail-mod-gov-bd.herokuapp.com/error_files/tt.png
Requested by
Host: mail-mod-gov-bd.herokuapp.com
URL: http://mail-mod-gov-bd.herokuapp.com/mail.php?username=
Protocol
HTTP/1.1
Server
3.227.117.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-117-91.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7eb71a7b37d7ecec6ff7519ccddb109319859035a74a1604b4135b2833d30326

Request headers

Referer
http://mail-mod-gov-bd.herokuapp.com/mail.php?username=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 05 Jan 2021 21:12:18 GMT
Via
1.1 vegur
Last-Modified
Fri, 20 Nov 2020 10:21:11 GMT
Server
Apache
Etag
"1163-5b487341613c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4451

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies