sigining.klickfunds.com
Open in
urlscan Pro
2c0f:f598::4
Malicious Activity!
Public Scan
Effective URL: https://sigining.klickfunds.com/Sig.html
Submission: On December 12 via manual from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 4th 2017. Valid for: 3 months.
This is the only time sigining.klickfunds.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online) Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.183.130.144 54.183.130.144 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
20 | 2c0f:f598::4 2c0f:f598::4 | 327813 (Web4Africa) (Web4Africa) | |
1 | 2a02:26f0:122... 2a02:26f0:122:381::35c1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
6 | 2a02:26f0:122... 2a02:26f0:122:38d::1d8e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 104.111.247.27 104.111.247.27 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
9 | 92.123.92.114 92.123.92.114 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
40 | 5 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ow.ly
ow.ly |
ASN20940 (AKAMAI-ASN1, US)
secure.aadcdn.microsoftonline-p.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-247-27.deploy.static.akamaitechnologies.com
appsforoffice.microsoft.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-92-114.deploy.akamaitechnologies.com
r4.res.office365.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
klickfunds.com
sigining.klickfunds.com |
3 MB |
9 |
office365.com
r4.res.office365.com |
846 KB |
6 |
msocdn.com
weuofficehome.msocdn.com |
36 KB |
4 |
microsoft.com
appsforoffice.microsoft.com |
112 KB |
1 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com |
82 B |
1 |
ow.ly
1 redirects
ow.ly |
124 B |
40 | 6 |
Domain | Requested by | |
---|---|---|
20 | sigining.klickfunds.com |
sigining.klickfunds.com
|
9 | r4.res.office365.com |
sigining.klickfunds.com
|
6 | weuofficehome.msocdn.com |
sigining.klickfunds.com
|
4 | appsforoffice.microsoft.com |
sigining.klickfunds.com
|
1 | secure.aadcdn.microsoftonline-p.com |
sigining.klickfunds.com
|
1 | ow.ly | 1 redirects |
40 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sigining.klickfunds.com cPanel, Inc. Certification Authority |
2017-12-04 - 2018-03-04 |
3 months | crt.sh |
secure.aadcdn.microsoftonline-p.com Microsoft IT TLS CA 1 |
2017-08-15 - 2019-08-15 |
2 years | crt.sh |
*.msocdn.com Symantec Class 3 Secure Server CA - G4 |
2017-06-26 - 2018-09-25 |
a year | crt.sh |
appsforoffice.microsoft.com Microsoft IT SSL SHA2 |
2016-12-23 - 2018-04-23 |
a year | crt.sh |
*.res.outlook.com Microsoft IT TLS CA 5 |
2017-11-27 - 2019-11-27 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://sigining.klickfunds.com/Sig.html
Frame ID: (D329CFAB9E0C53B8DD3EEE1432271034)
Requests: 9 HTTP requests in this frame
Frame:
https://sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/prefetch.html
Frame ID: (25463C0073D68A0BAA973C6497BCC4DA)
Requests: 12 HTTP requests in this frame
Frame:
https://sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: (BF4DD37C2571037F641914316C3D84E3)
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ow.ly/E91S30h6deQ
HTTP 301
https://sigining.klickfunds.com/Sig.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ow.ly/E91S30h6deQ
HTTP 301
https://sigining.klickfunds.com/Sig.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Sig.html
sigining.klickfunds.com/ Redirect Chain
|
26 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.min.css
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hover.min.css
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
89 B 89 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.1.11.min.js.download
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
108 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
heroillustration
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
199 KB 199 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bannerlogo
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
close.png
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
190 B 190 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.png
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.6741.21/content/cdnbundles/ |
89 B 82 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch.html
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (254 |
2 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticstyles.css
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (254 |
100 KB 100 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
document-sprite.png
weuofficehome.msocdn.com/s/fab5fe9a/Areas/Home/Content/images/ Frame (254 |
18 KB 18 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zero-docs-sprite.png
weuofficehome.msocdn.com/s/398b5c2a/Areas/Home/Content/images/ Frame (254 |
18 KB 18 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills-bundle.js
weuofficehome.msocdn.com/s/01954e96/Areas/Home/Content/js/build/bundles/ Frame (254 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-bundle.js
weuofficehome.msocdn.com/s/33f66e03/Areas/Home/Content/js/build/bundles/ Frame (254 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
staticscripts.js
weuofficehome.msocdn.com/s/89c78894/Areas/Home/Content/js/build/bundles/ Frame (254 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-bundle.js
weuofficehome.msocdn.com/s/8b381229/Areas/Home/Content/js/build/bundles/ Frame (254 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prefetch(1).html
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
3 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SegoeUI-Regular.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (254 |
33 KB 33 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SegoeUI-Semibold.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (254 |
30 KB 30 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SegoeUI-Semilight.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (254 |
25 KB 25 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SegoeUI-Light.woff
appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/ Frame (254 |
24 KB 24 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.0.mouse.js.download
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
641 KB 641 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.1.mouse.js.download
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
635 KB 635 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.2.mouse.js.download
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
638 KB 638 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.3.mouse.js.download
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
633 KB 633 KB |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.png
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
16 KB 16 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite1.mouse.css
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.worldwide.mouse.css
sigining.klickfunds.com/Sign%20in%20to%20your%20account_files/ Frame (BF4 |
225 KB 225 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.2001.0.2424154/scripts/ Frame (BF4 |
641 KB 174 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office365icons.woff
sigining.klickfunds.com/fonts/ Frame (BF4 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.2001.0.2424154/scripts/ Frame (BF4 |
635 KB 157 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.2001.0.2424154/scripts/ Frame (BF4 |
638 KB 165 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.2001.0.2424154/scripts/ Frame (BF4 |
633 KB 140 KB |
Stylesheet
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.png
r4.res.office365.com/owa/prem/16.2001.0.2424154/resources/images/0/ Frame (BF4 |
16 KB 16 KB |
Stylesheet
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite1.mouse.css
r4.res.office365.com/owa/prem/16.2001.0.2424154/resources/images/0/ Frame (BF4 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/16.2001.0.2424154/resources/styles/0/ Frame (BF4 |
225 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office365icons.ttf
sigining.klickfunds.com/fonts/ Frame (BF4 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
office365icons.woff
r4.res.office365.com/owa/prem/16.2001.0.2424154/resources/styles/fonts/ Frame (BF4 |
75 KB 75 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
office365icons.woff
r4.res.office365.com/owa/prem/16.2001.0.2424154/resources/styles/fonts/ Frame (BF4 |
75 KB 75 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online) Microsoft (Consumer)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint boolean| isTouch string| cssId object| head object| link undefined| msViewportStyle function| $ function| jQuery object| jQuery111208651215036252211 object| Constants undefined| Tiles0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appsforoffice.microsoft.com
ow.ly
r4.res.office365.com
secure.aadcdn.microsoftonline-p.com
sigining.klickfunds.com
weuofficehome.msocdn.com
104.111.247.27
2a02:26f0:122:381::35c1
2a02:26f0:122:38d::1d8e
2c0f:f598::4
54.183.130.144
92.123.92.114
080ff245615e719959bc5537e164ac4495c4b8036462dfee2076dd92f22c8491
1f48642c7a161ee2741f74deb5946f9655e2b58f30f6c296d2102baccb944457
35da40fa9698bb1f3bad33fba79819584f68265168098c38e08ff31d57cf5354
3859434608f281a7cac3bad36f788a8d900c26491d1e10b68210188336da9b5e
3d2a73e9fa388756407fba150c25fbf2b8c179cec1028e688b93b2bd8aaa8ba6
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
58c8851cbf14153c9559ec9159d74091d633fc08d3e792299f208866c07da331
5a089af77a5d50162e96a8631b35e26177f0c507eb52c29ac42c8ca4391b5fe5
794a3e7ac5b0b61344702fd93fef4eb4cd794df080d909a90a05d62efdd21957
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b
8de1df7110b60d0df1a477ee803fcd696899ea3c8262c02f9f0811037a6723ff
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
969aeeac43273cf108f02e6a54aaf99d351acd586e762e3d8be373e5786bede7
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
9e444d6e8e9247aa4f8fb0025995c7867fc1d63c182774f4524a3cf8588c10c5
a4f1d94f628b2c71b04512aafdf5ce3a4c8ace8c1f8aa85aabad1d2c5ed9b451
ad7651fd526975089873c84315a7e8fbe1d96033421062e0354490f5bb8f0ccd
c8ae1941c0005e49dc92e79ce05b8f7daa36c6960bc94fa80e15a83cd524ea63
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
d7d0001a27e8c089f5fb00d5860cae907159b4226b4ef5c02e2b3262bf183f74
d9a89f021f0eeaf357f59392360b37c916c24e6d3075899f22190654c9fbb9c8
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
f4767025eecd336516b8b2247fc3d17c8ead992e912d549491c0186e147ef94a
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
fb27159dcd171ff7f4897350b69d9acfea592969783922a1882b82862073c16e