taledpressek.com Open in urlscan Pro
188.214.30.55  Malicious Activity! Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response taledpressek.com/uc/	60 KB 60 KB	5096ms 60ms	Document text/html	188.214.30.55 THCPROJECTS
General Check archive.org Show headers Download Go to Full URL http://taledpressek.com/uc/ Protocol HTTP/1.1 Server 188.214.30.55 , Romania, ASN51177 (THCPROJECTS, RO), Reverse DNS s15-30-55.thcservers.com Software Apache / Resource Hash fcb8de6809d2bb107e49aae042b126f9e65614c2f085a7c5bbf60f7e89c639ae Request headers Pragma no-cache Accept-Encoding gzip, deflate Host taledpressek.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 16 Mar 2018 16:08:43 GMT Last-Modified Fri, 16 Mar 2018 15:08:15 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 61359
GET H/1.1	200 OK	avatar_2.png taledpressek.com/uc/index_files/	626 B 859 B	41ms 40ms	Image image/png	188.214.30.55 THCPROJECTS
General Check archive.org Show headers Download Go to Show image Full URL http://taledpressek.com/uc/index_files/avatar_2.png Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol HTTP/1.1 Server 188.214.30.55 , Romania, ASN51177 (THCPROJECTS, RO), Reverse DNS s15-30-55.thcservers.com Software Apache / Resource Hash cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host taledpressek.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://taledpressek.com/uc/ Connection keep-alive Cache-Control no-cache Referer http://taledpressek.com/uc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 16 Mar 2018 16:08:43 GMT Last-Modified Fri, 16 Mar 2018 15:08:16 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 626
GET H/1.1	200 OK	universa.png taledpressek.com/uc/index_files/	199 B 432 B	75ms 41ms	Image image/png	188.214.30.55 THCPROJECTS
General Check archive.org Show headers Download Go to Show image Full URL http://taledpressek.com/uc/index_files/universa.png Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol HTTP/1.1 Server 188.214.30.55 , Romania, ASN51177 (THCPROJECTS, RO), Reverse DNS s15-30-55.thcservers.com Software Apache / Resource Hash 59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host taledpressek.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://taledpressek.com/uc/ Connection keep-alive Cache-Control no-cache Referer http://taledpressek.com/uc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 16 Mar 2018 16:08:43 GMT Last-Modified Fri, 16 Mar 2018 15:08:17 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 199
GET H/1.1	200 OK	logo_1x0.png taledpressek.com/uc/index_files/	4 KB 4 KB	74ms 41ms	Image image/png	188.214.30.55 THCPROJECTS
General Check archive.org Show headers Download Go to Show image Full URL http://taledpressek.com/uc/index_files/logo_1x0.png Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol HTTP/1.1 Server 188.214.30.55 , Romania, ASN51177 (THCPROJECTS, RO), Reverse DNS s15-30-55.thcservers.com Software Apache / Resource Hash 8e9b29c7cedd0ed1d67d03c6db9cf29c855ec82ec74b2c11fe10c1ee1dc500c4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host taledpressek.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://taledpressek.com/uc/ Connection keep-alive Cache-Control no-cache Referer http://taledpressek.com/uc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 16 Mar 2018 16:08:43 GMT Last-Modified Fri, 16 Mar 2018 15:08:16 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 3815
GET H/1.1	200 OK	logo_str.png taledpressek.com/uc/index_files/	4 KB 4 KB	62ms 38ms	Image image/png	188.214.30.55 THCPROJECTS
General Check archive.org Show headers Download Go to Show image Full URL http://taledpressek.com/uc/index_files/logo_str.png Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol HTTP/1.1 Server 188.214.30.55 , Romania, ASN51177 (THCPROJECTS, RO), Reverse DNS s15-30-55.thcservers.com Software Apache / Resource Hash 9975d1272a4feed0e18149ac93a79e77cdbd8ec4f7d7868a767ece75d78b3636 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host taledpressek.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://taledpressek.com/uc/ Connection keep-alive Cache-Control no-cache Referer http://taledpressek.com/uc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 16 Mar 2018 16:08:43 GMT Last-Modified Fri, 16 Mar 2018 15:08:17 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 4360
GET S	200	checkmark.png ssl.gstatic.com/ui/v1/menu/	239 B 338 B	7ms 6ms	Image image/png	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/ui/v1/menu/checkmark.png Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash 2210e36b5b21e54cd4dc2ccdcc06138db8598d704ebf19052e5caa84edb4a675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://taledpressek.com/uc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 12 Feb 2018 17:49:39 GMT x-content-type-options nosniff last-modified Thu, 21 Apr 2016 03:17:22 GMT server sffe age 2758744 vary Origin content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 239 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 17:49:39 GMT
GET S	200	DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff fonts.gstatic.com/s/opensans/v13/	20 KB 20 KB	7ms 7ms	Font font/woff	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash a5d937d8ccd079f0088d8095ac27f8387ac099382a8201ab903962a37a41ca1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer http://taledpressek.com/uc/ Origin http://taledpressek.com Response headers date Mon, 12 Feb 2018 15:33:43 GMT x-content-type-options nosniff last-modified Mon, 27 Apr 2015 23:46:43 GMT server sffe age 2766900 status 200 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 20848 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 15:33:43 GMT
GET S	200	cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff fonts.gstatic.com/s/opensans/v13/	20 KB 20 KB	7ms 7ms	Font font/woff	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff Requested by Host: taledpressek.com URL: http://taledpressek.com/uc/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash 819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer http://taledpressek.com/uc/ Origin http://taledpressek.com Response headers date Thu, 01 Mar 2018 13:14:35 GMT x-content-type-options nosniff last-modified Mon, 27 Apr 2015 23:46:39 GMT server sffe age 1306448 status 200 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35" content-length 20248 x-xss-protection 1; mode=block expires Fri, 01 Mar 2019 13:14:35 GMT
GET S	200	cleardot.gif mail.google.com/mail/images/	43 B 255 B	48ms 24ms	Image image/gif	172.217.22.101 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mail.google.com/mail/images/cleardot.gif?t=1521216524009 Protocol SPDY Server 172.217.22.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f101.1e100.net Software GSE / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://taledpressek.com/uc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 16 Mar 2018 16:08:44 GMT x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type image/gif; charset=UTF-8 status 200 cache-control public, max-age=31536000 alt-svc clear x-xss-protection 1; mode=block expires Sat, 16 Mar 2019 16:08:44 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gaia_attachEvent object| botguard function| gaia_parseFragment function| gaia_prefillEmail object| hashParams function| gaia_setFocus function| gaia_scrollToElement object| f function| g function| h function| k function| m object| n function| p function| q function| r object| gaia function| gaia_onLoginSubmit object| BrowserSupport_ boolean| is_browser_supported number| start_time function| SetGmailCookie function| lg function| StripParam number| fixed function| FixForm function| el object| CP object| quota_elem string| ONE_PX function| LogRoundtripTime function| GetRoundtripTimeFunction function| MaybePingUser function| OnLoad function| updateQuota string| PAD function| format string| google_conversion_type number| google_conversion_id string| google_conversion_language string| google_conversion_format string| google_conversion_color function| LoadConversionScript

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
mail.google.com
ssl.gstatic.com
taledpressek.com
172.217.22.101
172.217.22.99
188.214.30.55
2210e36b5b21e54cd4dc2ccdcc06138db8598d704ebf19052e5caa84edb4a675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
819747b05df4938922997e60e199603ecb04f4d987331ba5c3f7db30a835c3bd
8e9b29c7cedd0ed1d67d03c6db9cf29c855ec82ec74b2c11fe10c1ee1dc500c4
9975d1272a4feed0e18149ac93a79e77cdbd8ec4f7d7868a767ece75d78b3636
a5d937d8ccd079f0088d8095ac27f8387ac099382a8201ab903962a37a41ca1d
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
fcb8de6809d2bb107e49aae042b126f9e65614c2f085a7c5bbf60f7e89c639ae