urlscan.io logo urlscan.io
SecurityTrails logo

www.schoolmass.com Open in urlscan Pro
107.154.168.141  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u7727108.ct.sendgrid.net/ls/click?upn=nXoYoYQcqlL489dEVG660r15EwFXeQQTNnK5JJKlEWFs6swY0Og67eHy5EzPA8Gzan-2F-2F1Jqsw8WiYvh...
Effective URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=648...
Submission: On August 10 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 107.154.168.141, located in United States and belongs to INCAPSULA, US. The main domain is www.schoolmass.com.
This is the only time www.schoolmass.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Excel / PDF download (Online) Fake Adobe Update

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
7 107.154.168.141 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.218.176.152 16509 (AMAZON-02)
11 4
1    167.89.123.16 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u7727108.ct.sendgrid.net
7    107.154.168.141 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.168.141.ip.incapdns.net
www.schoolmass.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.218.176.152 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
Domain Requested by
7 www.schoolmass.com www.schoolmass.com
2 fonts.gstatic.com www.schoolmass.com
1 s3-us-west-2.amazonaws.com www.schoolmass.com
1 fonts.googleapis.com www.schoolmass.com
1 u7727108.ct.sendgrid.net 1 redirects
11 5

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-10		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Frame ID: CDE008DC08C9810F3160E722E56375E6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://u7727108.ct.sendgrid.net/ls/click?upn=nXoYoYQcqlL489dEVG660r15EwFXeQQTNnK5JJKlEWFs6swY0Og67eHy5EzPA8G... HTTP 302
    http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com Page URL
  2. http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

36 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

100 kB
Transfer

202 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u7727108.ct.sendgrid.net/ls/click?upn=nXoYoYQcqlL489dEVG660r15EwFXeQQTNnK5JJKlEWFs6swY0Og67eHy5EzPA8Gzan-2F-2F1Jqsw8WiYvhCY88XssFCrTdJivrQriBXQiN7we4AavWG-2BICps-2F5Kwe-2F1x-2BqpJp1N_UaQMKT5QdhU5DO-2B2ulDg8PS1X7olr8x1aIm1hvGwWeqxeAGAobHCzRT0u-2B9RP18BCg0RvyAl8HirjW-2BKKVGLEBpSb4C0WED7-2Ff6nd-2Fa7-2BXNojMmwKNrrb3v-2F4sYg4QsBNsxx4NuXTZWlY2OnxMVswHIVVP9T6fpEKagr3GgyIGBKQ5N9k3gXUjIGAvU2Ey8AHOnfMoOo30PggTVoW84mrw7OLWsZPfS4yPdRFpueFGc-3D HTTP 302
    http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com Page URL
  2. http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://u7727108.ct.sendgrid.net/ls/click?upn=nXoYoYQcqlL489dEVG660r15EwFXeQQTNnK5JJKlEWFs6swY0Og67eHy5EzPA8Gzan-2F-2F1Jqsw8WiYvhCY88XssFCrTdJivrQriBXQiN7we4AavWG-2BICps-2F5Kwe-2F1x-2BqpJp1N_UaQMKT5QdhU5DO-2B2ulDg8PS1X7olr8x1aIm1hvGwWeqxeAGAobHCzRT0u-2B9RP18BCg0RvyAl8HirjW-2BKKVGLEBpSb4C0WED7-2Ff6nd-2Fa7-2BXNojMmwKNrrb3v-2F4sYg4QsBNsxx4NuXTZWlY2OnxMVswHIVVP9T6fpEKagr3GgyIGBKQ5N9k3gXUjIGAvU2Ey8AHOnfMoOo30PggTVoW84mrw7OLWsZPfS4yPdRFpueFGc-3D HTTP 302
  • http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set index.php
www.schoolmass.com/RG/excelzz/
Redirect Chain
  • http://u7727108.ct.sendgrid.net/ls/click?upn=nXoYoYQcqlL489dEVG660r15EwFXeQQTNnK5JJKlEWFs6swY0Og67eHy5EzPA8Gzan-2F-2F1Jqsw8WiYvhCY88XssFCrTdJivrQriBXQiN7we4AavWG-2BICps-2F5Kwe-2F1x-2BqpJp1N_UaQMKT5...
  • http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com
157 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
nginx/1.14.1 /
Resource Hash
2870978ceb9b6a3782d492bc0ac4c147cfffd3bac99441720f3c354ecb5c4e40

Request headers

Host
www.schoolmass.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.1
Date
Mon, 10 Aug 2020 01:58:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=300
Expires
Mon, 10 Aug 2020 02:03:42 GMT
X-Endurance-Cache-Level
2
X-Server-Cache
false
Content-Encoding
gzip
Set-Cookie
visid_incap_2228924=GqG8bbGTS/epAOIBZopvedCpMF8AAAAAQUIPAAAAAAASzcb4TA3zCq0FhdEzqbj1; expires=Mon, 09 Aug 2021 13:16:18 GMT; HttpOnly; path=/; Domain=.schoolmass.com incap_ses_764_2228924=d0qrJPSPa1RZ1W8IEkaaCtGpMF8AAAAAXIHrtksf4R9D76RDcXn/Xg==; path=/; Domain=.schoolmass.com ___utmvmDSuDKLFZ=oHCsjymawre; path=/; Max-Age=900 ___utmvaDSuDKLFZ=ZcGKqsp; path=/; Max-Age=900 ___utmvbDSuDKLFZ=NZq XiROdalx: Ste; path=/; Max-Age=900
X-CDN
Incapsula
X-Iinfo
8-4486612-4486613 NNNN CT(167 -1 0) RT(1597024720759 0) q(0 0 2 0) r(5 5) U18

Redirect headers

Server
nginx
Date
Mon, 10 Aug 2020 01:58:41 GMT
Content-Type
text/html; charset=utf-8
Content-Length
98
Connection
keep-alive
Location
http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com
X-Robots-Tag
noindex, nofollow
Primary Request Cookie set bizmail.php
www.schoolmass.com/RG/excelzz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
nginx/1.14.1 /
Resource Hash
ae1ffb087fa6874849bc5340981ed865d38962d3585951cdf27f0f27053fa932

Request headers

Host
www.schoolmass.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
visid_incap_2228924=GqG8bbGTS/epAOIBZopvedCpMF8AAAAAQUIPAAAAAAASzcb4TA3zCq0FhdEzqbj1; incap_ses_764_2228924=d0qrJPSPa1RZ1W8IEkaaCtGpMF8AAAAAXIHrtksf4R9D76RDcXn/Xg==; ___utmvmDSuDKLFZ=oHCsjymawre; ___utmvbDSuDKLFZ=NZq XiROdalx: Ste
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.schoolmass.com/RG/excelzz/index.php?email=MSBARGE@exxonmobil.com

Response headers

Server
nginx/1.14.1
Date
Mon, 10 Aug 2020 01:58:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=300
Expires
Mon, 10 Aug 2020 02:03:42 GMT
X-Endurance-Cache-Level
2
X-Server-Cache
false
Content-Encoding
gzip
Set-Cookie
visid_incap_2228924=GqG8bbGTS/epAOIBZopvedCpMF8AAAAAQUIPAAAAAAASzcb4TA3zCq0FhdEzqbj1; expires=Mon, 09 Aug 2021 13:16:18 GMT; HttpOnly; path=/; Domain=.schoolmass.com incap_ses_764_2228924=d0qrJPSPa1RZ1W8IEkaaCtGpMF8AAAAAXIHrtksf4R9D76RDcXn/Xg==; path=/; Domain=.schoolmass.com ___utmvbDSuDKLFZ=a; Max-Age=0; path=/; expires=Tue, 04 Aug 2020 13:10:59 GMT ___utmvmDSuDKLFZ=a; Max-Age=0; path=/; expires=Tue, 04 Aug 2020 13:10:59 GMT
X-CDN
Incapsula
X-Iinfo
8-4486612-4486613 SNNN RT(1597024720759 485) q(0 0 0 -1) r(3 3) U18
styles.css
www.schoolmass.com/RG/excelzz/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.schoolmass.com/RG/excelzz/css/styles.css
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
/
Resource Hash
66f05abca65a210dccfffc1c7e444c7e01bfb6f12f9d8bf7a281efb739dea9d7

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 10 Aug 2020 01:58:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2019 20:47:12 GMT
X-CDN
Incapsula
Etag
"d8e8e90a"
Content-Type
text/css
X-Iinfo
8-4486612-4483326 2CNN RT(1597024720759 778) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=2590157, public
Content-Length
1026
Expires
Wed, 09 Sep 2020 01:27:59 GMT
ex.png
www.schoolmass.com/RG/excelzz/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.schoolmass.com/RG/excelzz/img/ex.png
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
/
Resource Hash
5cfa556160a353d37185d8cbcf478f97b215f7d57d9821f20981bd0a4ad1fdd4

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 10 Aug 2020 01:58:42 GMT
Last-Modified
Thu, 20 Jun 2019 20:47:12 GMT
X-CDN
Incapsula
Etag
"01e861f5"
Content-Type
image/png
X-Iinfo
11-21062887-21037185 2CNN RT(1597024721554 0) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=31534158, public
Content-Length
8180
Expires
Tue, 10 Aug 2021 01:28:00 GMT
_Incapsula_Resource
www.schoolmass.com/ 		116 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.schoolmass.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1026092821
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
/
Resource Hash
8cd9a449b2ea28943c2a8f6bd77a2102d3e9bbb321c16b82299b7be5f0ca8340

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
16820
Content-Type
application/javascript
css
fonts.googleapis.com/ 		3 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34401e82a1141472df1697a141aa50812c17e6138424ca4caba5f3fc69885f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Aug 2020 01:29:05 GMT
server
ESF
date
Mon, 10 Aug 2020 01:58:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Aug 2020 01:58:42 GMT
pdf.png
www.schoolmass.com/RG/excelzz/img/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.schoolmass.com/RG/excelzz/img/pdf.png
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
/
Resource Hash
180f3bc8288f8f33b56133542536937dadecc33ceb27fcba770739061a4f5f80

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 10 Aug 2020 01:58:42 GMT
Last-Modified
Thu, 20 Jun 2019 20:47:14 GMT
X-CDN
Incapsula
Etag
"984cbb1a"
Content-Type
image/png
X-Iinfo
11-21062887-21027205 2CNN RT(1597024721554 23) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=31534159, public
Content-Length
48843
Expires
Tue, 10 Aug 2021 01:28:01 GMT
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Origin
http://www.schoolmass.com

Response headers

date
Thu, 23 Jul 2020 16:19:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:25 GMT
server
sffe
age
1503567
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11504
x-xss-protection
0
expires
Fri, 23 Jul 2021 16:19:15 GMT
check.svg
s3-us-west-2.amazonaws.com/s.cdpn.io/3/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-2.amazonaws.com/s.cdpn.io/3/check.svg
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.176.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Origin
http://www.schoolmass.com

Response headers

date
Tue, 21 Jul 2020 12:36:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:28:02 GMT
server
sffe
age
1689717
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11380
x-xss-protection
0
expires
Wed, 21 Jul 2021 12:36:45 GMT
_Incapsula_Resource
www.schoolmass.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.schoolmass.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6939823319622354
Requested by
Host: www.schoolmass.com
URL: http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
Protocol
HTTP/1.1
Server
107.154.168.141 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.141.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.schoolmass.com/RG/excelzz/bizmail.php?email=TVNCQVJHRUBleHhvbm1vYmlsLmNvbQ==&.rand=13vqcr8bp0gud&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Excel / PDF download (Online) Fake Adobe Update

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.schoolmass.com/ Name: incap_ses_764_2228924
Value: d0qrJPSPa1RZ1W8IEkaaCtGpMF8AAAAAXIHrtksf4R9D76RDcXn/Xg==
www.schoolmass.com/ Name: ___utmvc
Value: yrxtzgsNp6c/bpdmpXEDhTIMC79La0CcFAVQif6pwd26uj0tp/pQN++V819qZAsFa+OyNJV+Ybf6Y8rvICK88L6veaDV41ezTq2EFRlFziKL82b7VfMXb3UG6CUDvY3/hoKQzQ9UEYNFaoUQBkx8FDgN8Sl+B6x+NDGU8ghTYoOKDwH5Meq2dDXVZKV8ImDMpM40/JYmp3mlwYZ/wm62sbw5vEeu95o6K+H/reB8aEDyKq6hwrdGWNdhnhJHsM3uNZ/iSW/ee8/7aZc+h/yEBZobGCc5pYA43pIYcfOgDB61dx40PbbFeWhBc1BMnES9B3eGaF9TPi6gb/dfvV5yZyrU/wPnYQrn8C1F/D+EgnbR/OyrnTWw8bo1MveSd5GgFFC5BiWaKs1Ub3nAMoZFyrxEASnVhneVKiBHRx6K1kyoEdMVAwQNOY+fpVEatcFjSSwQseZfx0CLNCH3EtUad2/CkFVLFNo28rrVzDZjJhA33JSgW6x1p2x443ZE9lt4wxJ34wyt3qPwrCoLyCo/5uND43kQMX2oIet2ct+urbjiAAJ2WCozbkYpE5sSAwZ2N9INgtrZQaOPnxdjVn31iBvip3zEPEJjauNNJGM13UkIRJMBSPPdU1Pp7XL+jLA5Gzss7VSqNNk1DEnTU9Qr2aYLh/C4qhv38daNlVvmKn19G8LYHirH+CK2G1vky57pSEjU04CA+mccVOvl6y1Pixh1Xyc5OTd0bNzBO9b1OaiadqQcGxYi4yv6U34rbWpUczJvj+8xwPgtG6ibjSGj6xPHdnoAjbjxPvFUMM1JgfUBG6/R2l/bOIjlHJpczEIKO+uHZATmiSwIjhTdVwqmchWvmn4k7o59gMfthkGD9wKLVJtsnMenqOqbwpbzP48SQat1Z5ZCY9q3fIt5FBdQNMLvckyxEGxElM0dsKbhpnbdJMkJT1X0UbwT7i8ANku++aSHY2o6JzCijob7HRKK9bWcmhW1j2HVVHwWBQXEurfaVKA0PHthyc3nzGiYyIirxCV7e/OCEAyQ2wTVwNnPHmGgJ2iSHugI5oYvI4VP0DE10PGiVNI4ol8ZE2Ew06Ki4ALsjNQbPEjI228YWRYz/yS5bAAhSZFPBeWJqWmJ0eAFqz+n4RVIr7lM1y1SqGPBQVbMdJoijJ/GYzoIuOXw8Lqoqk3LlTEW8ngsf4oCe4eOQKVXcBzIei/4GHieKpjHFXawyNC7DjI/TIvUp0cscSIKqrcHIkSpk5c2mzSUA3e74x8hYYHqwFrarjO9drg471ucDhVT9jl9rj/hONHxrFtYl+Nw+MS+zfPBJyrRb36bz2exGKmkHzKWKA/caBng/IFa1sIt+D097WTCnGRnwujK5Bc4m6D6WzTdz+XsLuJXG/2FuUn6qSEv63d0fTMjbPwRE6VAhNvdrY//ZKKybFWGAmcaCcBImupBhfihReiKapp1d06uHX6PeSl4JmgtaDyCNKCX00rKGOfJm+X38z0UYaOtNodqvg5lNWhrmwgzb2MJCF5Lpei7yzyOscELsFuMg//T2HwdwCwEPN+OT0VqbShVKc2GSLRv2CRKa/HHe7aUUve5h6KbIsV24+WGrZwKwxRnDkbUZzTeiDdlzHYgtHg4Z4CMa0G+7CxkaWdlc3Q9MTE1MDE4LHM9NzY4MDdmN2I4MWFjNzk5N2ExODM3ZjdlODY3ZDZiN2Q5YjljOWY5YjgwN2VhNTg4NzVhOThhNjRhOWFhN2I4OGFlOTk2MDY3ODNhODcyNmQ=
.schoolmass.com/ Name: visid_incap_2228924
Value: GqG8bbGTS/epAOIBZopvedCpMF8AAAAAQUIPAAAAAAASzcb4TA3zCq0FhdEzqbj1