URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Submission: On June 26 via manual from US

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 216.119.146.15, located in Atlanta, United States and belongs to HOSTINGSERVICES-INC - Hosting Services, Inc., US. The main domain is dioramarosa.icu.
This is the only time dioramarosa.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
5 216.119.146.15 32780 (HOSTINGSE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 4
Domain Requested by
5 dioramarosa.icu dioramarosa.icu
1 fonts.googleapis.com dioramarosa.icu
1 ajax.googleapis.com dioramarosa.icu
0 maxcdn.bootstrapcdn.com Failed dioramarosa.icu
10 4

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
*.googleapis.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh

This page contains 1 frames:

Primary Page: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Frame ID: 2886E903C002035643E580A8DEB8C4FB
Requests: 10 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

10
Requests

20 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

79 kB
Transfer

176 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dioramarosa.icu/elysa/1/
12 KB
4 KB
Document
General
Full URL
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
HTTP/1.1
Server
216.119.146.15 Atlanta, United States, ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US),
Reverse DNS
new.siliconprice.com
Software
LiteSpeed /
Resource Hash
495d2045824faa193cd10858d61b7950e1c2838c182d538687243064cad7d593

Request headers

Host
dioramarosa.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Etag
"2f3b-5ce01bb8-82186;gz"
Last-Modified
Sat, 18 May 2019 14:50:32 GMT
Content-Type
text/html
Content-Length
4242
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Wed, 26 Jun 2019 17:44:27 GMT
Server
LiteSpeed
Connection
Keep-Alive
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
0
0

bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
0
0

style.css
dioramarosa.icu/elysa/1/css/
4 KB
2 KB
Stylesheet
General
Full URL
http://dioramarosa.icu/elysa/1/css/style.css
Requested by
Host: dioramarosa.icu
URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
HTTP/1.1
Security
, ,
Server
216.119.146.15 Atlanta, United States, ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US),
Reverse DNS
new.siliconprice.com
Software
LiteSpeed /
Resource Hash
e714878c37fd93c25a3ac18a77ae828b1a5adc8ca5d9ac8dd1fdc368de368039

Request headers

Referer
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 17:44:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Nov 2018 15:34:32 GMT
Server
LiteSpeed
Etag
"103a-5bf81e08-c0c44;gz"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1299
Expires
Wed, 03 Jul 2019 17:44:27 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: dioramarosa.icu
URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 19 Jun 2019 20:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594466
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30399
x-xss-protection
0
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jun 2020 20:36:41 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/
0
0

rsod.png
dioramarosa.icu/elysa/1/images/
11 KB
11 KB
Image
General
Full URL
http://dioramarosa.icu/elysa/1/images/rsod.png
Requested by
Host: dioramarosa.icu
URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
HTTP/1.1
Security
, ,
Server
216.119.146.15 Atlanta, United States, ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US),
Reverse DNS
new.siliconprice.com
Software
LiteSpeed /
Resource Hash
606a248227b8bfb26e81383ad9d7fa4d01a31ed02a31b282dc57790cf285d42a

Request headers

Referer
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 17:44:27 GMT
Last-Modified
Fri, 23 Nov 2018 15:34:32 GMT
Server
LiteSpeed
Etag
"2a9c-5bf81e08-c0c49;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10908
Expires
Wed, 03 Jul 2019 17:44:27 GMT
335158-windows-8-window.png
dioramarosa.icu/elysa/1/images/
28 KB
28 KB
Image
General
Full URL
http://dioramarosa.icu/elysa/1/images/335158-windows-8-window.png
Requested by
Host: dioramarosa.icu
URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
HTTP/1.1
Security
, ,
Server
216.119.146.15 Atlanta, United States, ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US),
Reverse DNS
new.siliconprice.com
Software
LiteSpeed /
Resource Hash
312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e

Request headers

Referer
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 17:44:27 GMT
Last-Modified
Fri, 23 Nov 2018 15:34:32 GMT
Server
LiteSpeed
Etag
"7019-5bf81e08-c0c46;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
28697
Expires
Wed, 03 Jul 2019 17:44:27 GMT
main.js
dioramarosa.icu/elysa/1/
3 KB
2 KB
Script
General
Full URL
http://dioramarosa.icu/elysa/1/main.js
Requested by
Host: dioramarosa.icu
URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
HTTP/1.1
Security
, ,
Server
216.119.146.15 Atlanta, United States, ASN32780 (HOSTINGSERVICES-INC - Hosting Services, Inc., US),
Reverse DNS
new.siliconprice.com
Software
LiteSpeed /
Resource Hash
035f18de6a2e149d4d657accc183abff4e1b1dc1526190123123d1ec5d3574ff

Request headers

Referer
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 17:44:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Apr 2019 20:53:32 GMT
Server
LiteSpeed
Etag
"ccf-5cb8e3cc-82187;gz"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1325
Expires
Wed, 03 Jul 2019 17:44:27 GMT
css
fonts.googleapis.com/
33 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Comfortaa:300|Cormorant+Garamond|Cormorant+Infant|Cormorant+SC|Cormorant+Unicase|EB+Garamond|El+Messiri|Forum|Jura|Lobster|Neucha|Open+Sans+Condensed:300|PT+Sans|PT+Sans+Narrow|Philosopher|Playfair+Display+SC|Poiret+One|Ruslan+Display|Russo+One|Ubuntu&subset=cyrillic
Requested by
Host: dioramarosa.icu
URL: http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
195e971b0ab47e9484914db60c36589144dfaafce37408fdacf99aef82ebc5c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://dioramarosa.icu/elysa/1/?n\=KDg4OCkgOTY1LTQ1MzI\=1MzI\=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 26 Jun 2019 17:44:27 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 26 Jun 2019 17:44:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 26 Jun 2019 17:44:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

0 Cookies