anderwryandesign.shaleshforging.com Open in urlscan Pro
5.153.47.250 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://anderwryandesign.shaleshforging.com/ofx/office/?email=gurka@smurf.nu
Submission: On October 17 via manual (October 17th 2018, 2:11:40 pm UTC) from SE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 5.153.47.250, located in Amsterdam, Netherlands and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is anderwryandesign.shaleshforging.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 26th 2018. Valid for: 3 months.

This is the only time anderwryandesign.shaleshforging.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
5	5.153.47.250 5.153.47.250	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c797	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
5	52.218.248.144 52.218.248.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	209.17.68.209 209.17.68.209	14173 (PHOTOBUCKET) (PHOTOBUCKET - PHOTOBUCKET.COM)
19	6

5 5.153.47.250 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: ibis.whogohost.com

anderwryandesign.shaleshforging.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.218.248.144 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.17.68.209 (Denver, United States)

ASN14173 (PHOTOBUCKET - PHOTOBUCKET.COM, INC., US)

i66.tinypic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	amazonaws.com s3-us-west-2.amazonaws.com	133 KB
5	shaleshforging.com anderwryandesign.shaleshforging.com	44 KB
1	tinypic.com i66.tinypic.com	201 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com	16 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
0	googleapis.com Failed ajax.googleapis.com Failed fonts.googleapis.com Failed
19	6

	Domain	Requested by
5	s3-us-west-2.amazonaws.com	anderwryandesign.shaleshforging.com
5	anderwryandesign.shaleshforging.com	anderwryandesign.shaleshforging.com
1	i66.tinypic.com	anderwryandesign.shaleshforging.com
1	netdna.bootstrapcdn.com	anderwryandesign.shaleshforging.com
1	cdnjs.cloudflare.com	anderwryandesign.shaleshforging.com
0	fonts.googleapis.com Failed	anderwryandesign.shaleshforging.com
0	ajax.googleapis.com Failed	anderwryandesign.shaleshforging.com
19	7

This site contains no links.

Subject Issuer	Validity	Valid
anderwryandesign.com Let's Encrypt Authority X3	`2018-09-26` - `2018-12-25`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-08-02` - `2019-11-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://anderwryandesign.shaleshforging.com/ofx/office/?email=gurka@smurf.nu
Frame ID: AC2C2E1C41B993D6B6DCDCD43D2946CB
Requests: 19 HTTP requests in this frame