thebridgeonline.net
Open in
urlscan Pro
45.60.98.252
Malicious Activity!
Public Scan
Effective URL: https://thebridgeonline.net/cd/1c6f70567c917b321229/
Submission: On April 24 via manual from SA — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 10th 2022. Valid for: 3 months.
This is the only time thebridgeonline.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a00:1450:400... 2a00:1450:4001:830::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2606:4700:303... 2606:4700:3034::ac43:bc7d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 19 | 45.60.98.252 45.60.98.252 | 19551 (INCAPSULA) (INCAPSULA) | |
6 | 2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c25c | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
23 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
thebridgeonline.net
3 redirects
thebridgeonline.net |
415 KB |
6 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 469 |
|
1 |
kutt.it
1 redirects
kutt.it — Cisco Umbrella Rank: 949167 |
991 B |
1 |
page.link
1 redirects
privadaes.page.link |
1 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
19 | thebridgeonline.net |
3 redirects
thebridgeonline.net
|
6 | use.typekit.net |
thebridgeonline.net
|
1 | kutt.it | 1 redirects |
1 | privadaes.page.link | 1 redirects |
23 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
autodiscover.thebridgeonline.net R3 |
2022-03-10 - 2022-06-08 |
3 months | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-07 - 2023-04-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://thebridgeonline.net/cd/1c6f70567c917b321229/
Frame ID: 7E2A44DF110DC0EED684EC538E1ED16D
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Saudi Post | SPLPage URL History Show full URLs
-
https://privadaes.page.link/saAUdiaa
HTTP 302
https://kutt.it/sAouD HTTP 302
https://thebridgeonline.net/cd Page URL
-
https://thebridgeonline.net/cd
HTTP 301
https://thebridgeonline.net/cd/ HTTP 302
https://thebridgeonline.net/cd/1c6f70567c917b321229 HTTP 301
https://thebridgeonline.net/cd/1c6f70567c917b321229/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- <input[^>]+name="__VIEWSTATE
Imperva (Security) Expand
Detected patterns
- /_Incapsula_Resource
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://privadaes.page.link/saAUdiaa
HTTP 302
https://kutt.it/sAouD HTTP 302
https://thebridgeonline.net/cd Page URL
-
https://thebridgeonline.net/cd
HTTP 301
https://thebridgeonline.net/cd/ HTTP 302
https://thebridgeonline.net/cd/1c6f70567c917b321229 HTTP 301
https://thebridgeonline.net/cd/1c6f70567c917b321229/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://privadaes.page.link/saAUdiaa HTTP 302
- https://kutt.it/sAouD HTTP 302
- https://thebridgeonline.net/cd
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
cd
thebridgeonline.net/ Redirect Chain
|
212 B 557 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
thebridgeonline.net/ |
177 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
thebridgeonline.net/ |
29 B 56 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
thebridgeonline.net/cd/1c6f70567c917b321229/ Redirect Chain
|
28 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
thebridgeonline.net/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_Incapsula_Resource
thebridgeonline.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
typeKit.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
18 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
149 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
22 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
242 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1_002.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
92 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
206 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource_002.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
349 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.js
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
93 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
POST.svg
thebridgeonline.net/cd/1c6f70567c917b321229/Redsys_files/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ogilvy-iconoTarjeta.png
thebridgeonline.net/cd/1c6f70567c917b321229/Seleccione%20medio%20de%20pago_fichiers/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/802da8/0000000000000000000124f9/27/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/7505b0/0000000000000000000124fa/27/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d
use.typekit.net/af/7505b0/0000000000000000000124fa/27/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d
use.typekit.net/af/802da8/0000000000000000000124f9/27/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
use.typekit.net/af/7505b0/0000000000000000000124fa/27/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a
use.typekit.net/af/802da8/0000000000000000000124f9/27/ |
0 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- thebridgeonline.net
- URL
- https://thebridgeonline.net/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A148%2Cr%3A1553)
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| Typekit function| $ function| jQuery function| DP_jQuery_1650795202207 function| initializeComponents function| validarNro function| confirmarCancelar function| hideLoading function| changeMMPP function| setValues object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| __cultureInfo function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.thebridgeonline.net/ | Name: visid_incap_2709185 Value: rkViMD9ySzaoKyav5g7zk7giZWIAAAAAQUIPAAAAAACdIyBnYmjIWCHTeVYG+RNZ |
|
.thebridgeonline.net/ | Name: incap_ses_676_2709185 Value: SF5bKFGoAn+EXpW/EqNhCbgiZWIAAAAA8R6yjsAwdIkBtabTEtTW+g== |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kutt.it
privadaes.page.link
thebridgeonline.net
use.typekit.net
thebridgeonline.net
2606:4700:3034::ac43:bc7d
2a00:1450:4001:830::200e
2a02:26f0:ef::5c7b:c25c
45.60.98.252
06831185e31b1a87a5b40a61252ab31da46e5517f7899a1697a7ec8674adf5ab
0cfa72c034d5c3ddfa8c6845af7dd7a62e0540d1b3190e100ef42758bb73fcc4
0cfc4a70c37cecef342f0e14a9204008485665202a40ae48a2af09d381554435
135b3e975a07622009b38d953e58526082588b1ad0795820c50af504742e1646
1d1532c6ed3f42083f24c27b1971aa59ef6bfe07b4126d4666f319e43d011054
3cbab4ba18af9c0b3132c0e91509314d9eb810611ceec63b3a3f18a441e063b5
794bf1ff4b8bbc981cb280b4efeb6e5b040afb34b85f6e3cd2546ace15910301
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9fcc241093405946885039df428cfa7f0051a1f2bdbcc5a313a177a9e35f8806
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9
ca336329143990b5f69388900ab839aedb665dafe16293564a67b753b398c6f9
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
ecc047250aed883bd0038ba4cdf2b4b7f7105e28fae93712ad1a9090b014a9c9