scesolarsolutions.com Open in urlscan Pro
184.95.46.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com
Submission: On February 07 via manual (February 7th 2020, 9:45:20 pm UTC) from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 184.95.46.67, located in Tempe, United States and belongs to SSASN2, US. The main domain is scesolarsolutions.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 22nd 2019. Valid for: 3 months.

This is the only time scesolarsolutions.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
7	184.95.46.67 184.95.46.67	20454 (SSASN2) (SSASN2)
1	2606:4700:303... 2606:4700:3033::6818:6adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

7 184.95.46.67 (Tempe, United States)

ASN20454 (SSASN2, US)
PTR: server3.hostsoch.in

scesolarsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6818:6adc (United States)

ASN13335 (CLOUDFLARENET, US)

3dprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	scesolarsolutions.com scesolarsolutions.com	88 KB
1	3dprint.com 3dprint.com	449 KB
8	2

	Domain	Requested by
7	scesolarsolutions.com	scesolarsolutions.com
1	3dprint.com	scesolarsolutions.com
8	2

This site contains no links.

Subject Issuer	Validity	Valid
scesolarsolutions.com Let's Encrypt Authority X3	`2019-12-22` - `2020-03-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-22` - `2020-10-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com
Frame ID: B54F546E703E088F50D45575BC073157
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

537 kB
Transfer

671 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response scesolarsolutions.com///wp-admin/mouse_apple/getonknees/	62 KB 13 KB	630ms 166ms	Document text/html	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `82a952ee17ebb04916907941ae0ad1c4ce795102c30714c9b91158932671ebca` Request headers :method GET :authority scesolarsolutions.com :scheme https :path ///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 last-modified Tue, 14 Jan 2020 00:40:59 GMT content-type text/html content-length 13505 accept-ranges bytes content-encoding br vary Accept-Encoding,User-Agent date Fri, 07 Feb 2020 21:44:59 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="35,39,43,44"
GET H2	200	jquery.min.js Show response scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/	85 KB 29 KB	197ms 197ms	Script application/javascript	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/jquery.min.js Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:44:59 GMT content-encoding br last-modified Tue, 14 Jan 2020 00:40:59 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 29708 expires Fri, 14 Feb 2020 21:44:59 GMT
GET H2	200	bootstrap.min.js Show response scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/	37 KB 9 KB	239ms 239ms	Script application/javascript	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/bootstrap.min.js Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:44:59 GMT content-encoding br last-modified Tue, 14 Jan 2020 00:40:59 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 9674 expires Fri, 14 Feb 2020 21:44:59 GMT
GET H2	200	maersk.svg scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/	4 KB 2 KB	502ms 502ms	Image image/svg+xml	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Show image Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/maersk.svg Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `7ad842ecf9aab88ba486f9df87af6ed09b00104034d518edce301a78c8c1aa21` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:44:59 GMT content-encoding br last-modified Tue, 14 Jan 2020 00:40:59 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type image/svg+xml status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 1487 expires Fri, 14 Feb 2020 21:44:59 GMT
GET H2	200	SecurePDFsmall.png scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/	35 KB 35 KB	503ms 503ms	Image image/png	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Show image Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/le_files/SecurePDFsmall.png Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `211212a726d841505acbe33a45c5de37da0c90b26dcde67d72d3e4810a567f70` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:44:59 GMT last-modified Tue, 14 Jan 2020 00:40:59 GMT server LiteSpeed vary User-Agent content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 35385 expires Fri, 14 Feb 2020 21:44:59 GMT
GET H2	200	mar-feat.jpg 3dprint.com/wp-content/uploads/2014/07/	448 KB 449 KB	682ms 647ms	Image image/jpeg	2606:4700:3033::6818:6adc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://3dprint.com/wp-content/uploads/2014/07/mar-feat.jpg Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6818:6adc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `215350d9dc487f28f5a702ad112e289f8e4ed4dcbcbb3f33ad625ac0eca9e04c` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:45:01 GMT cf-cache-status MISS last-modified Fri, 22 Nov 2019 19:40:00 GMT server cloudflare access-control-allow-origin * etag "5dd83990-6ff6f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=31536000 accept-ranges bytes cf-ray 56188c639a98973c-FRA content-length 458607
GET H2	200	b1.jpg scesolarsolutions.com///wp-admin/mouse_apple/getonknees/images/	0 84 B	701ms 701ms	Image image/jpeg	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Show image Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/images/b1.jpg Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:45:00 GMT server LiteSpeed vary User-Agent content-type image/jpeg status 200 cache-control public, max-age=604800 alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Fri, 14 Feb 2020 21:45:00 GMT
GET H2	200	pattern.png scesolarsolutions.com///wp-admin/mouse_apple/images/	0 27 B	738ms 738ms	Image image/png	184.95.46.67 SSASN2
General Check archive.org Show headers Download Go to Show image Full URL https://scesolarsolutions.com///wp-admin/mouse_apple/images/pattern.png Requested by Host: scesolarsolutions.com URL: https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 184.95.46.67 Tempe, United States, ASN20454 (SSASN2, US), Reverse DNS server3.hostsoch.in Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://scesolarsolutions.com///wp-admin/mouse_apple/getonknees/index.html?email=who.dat@who.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 07 Feb 2020 21:45:00 GMT server LiteSpeed vary User-Agent content-type image/png status 200 cache-control public, max-age=604800 alt-svc quic=":443"; ma=2592000; v="35,39,43,44" content-length 0 expires Fri, 14 Feb 2020 21:45:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3dprint.com
scesolarsolutions.com
184.95.46.67
2606:4700:3033::6818:6adc
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
211212a726d841505acbe33a45c5de37da0c90b26dcde67d72d3e4810a567f70
215350d9dc487f28f5a702ad112e289f8e4ed4dcbcbb3f33ad625ac0eca9e04c
7ad842ecf9aab88ba486f9df87af6ed09b00104034d518edce301a78c8c1aa21
82a952ee17ebb04916907941ae0ad1c4ce795102c30714c9b91158932671ebca
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

scesolarsolutions.com Open in urlscan Pro 184.95.46.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

537 kBTransfer

671 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

scesolarsolutions.com Open in urlscan Pro
184.95.46.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

537 kB
Transfer

671 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!