incoming-document-viig7.daftpage.com
Open in
urlscan Pro
76.76.21.123
Malicious Activity!
Public Scan
Effective URL: https://incoming-document-viig7.daftpage.com/
Submission: On July 27 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.
This is the only time incoming-document-viig7.daftpage.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sharepoint (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 164.68.109.83 164.68.109.83 | 51167 (CONTABO) (CONTABO) | |
19 | 76.76.21.123 76.76.21.123 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 54.231.161.41 54.231.161.41 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2003 | 15169 (GOOGLE) (GOOGLE) | |
29 | 5 |
ASN51167 (CONTABO, DE)
PTR: front-gglme-01.gglme.com
www.dashboard.gglme.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
daftpage.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
daftpage.com
incoming-document-viig7.daftpage.com |
544 KB |
6 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72 |
6 KB |
2 |
gstatic.com
fonts.gstatic.com |
58 KB |
2 |
amazonaws.com
daftpage.s3.amazonaws.com |
226 KB |
1 |
gglme.com
1 redirects
www.dashboard.gglme.com |
363 B |
29 | 5 |
Domain | Requested by | |
---|---|---|
19 | incoming-document-viig7.daftpage.com |
incoming-document-viig7.daftpage.com
|
6 | fonts.googleapis.com |
incoming-document-viig7.daftpage.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | daftpage.s3.amazonaws.com |
incoming-document-viig7.daftpage.com
|
1 | www.dashboard.gglme.com | 1 redirects |
29 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
daftpage.com |
desert-faithful-guava.glitch.me |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.daftpage.com R3 |
2022-07-27 - 2022-10-25 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-07-04 - 2022-09-26 |
3 months | crt.sh |
*.s3.amazonaws.com Amazon |
2021-12-15 - 2022-12-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-07-04 - 2022-09-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://incoming-document-viig7.daftpage.com/
Frame ID: 14BA2AA7963C6FE4B46476528B3B01DC
Requests: 30 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.dashboard.gglme.com/redirect_link_to/?keyword=MFA&link=https://incoming-document-viig7.daftpage....
HTTP 302
https://incoming-document-viig7.daftpage.com/ Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: ✨ Made with Daftpage
Search URL Search Domain Scan URL
Title: PREVIEW DOCUMENT HERE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.dashboard.gglme.com/redirect_link_to/?keyword=MFA&link=https://incoming-document-viig7.daftpage.com/
HTTP 302
https://incoming-document-viig7.daftpage.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
incoming-document-viig7.daftpage.com/ Redirect Chain
|
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
15 KB 760 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
27 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
22 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 665 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
19 KB 981 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29c21ae94ab7ae95.css
incoming-document-viig7.daftpage.com/_next/static/css/ |
170 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c72c533aca924c1e.css
incoming-document-viig7.daftpage.com/_next/static/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-c46bd53b3301cb26.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-fc1f2e8247ad02c2.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
127 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-de9a4cc9a544ed23.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
118 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-347ba4445431941f.js
incoming-document-viig7.daftpage.com/_next/static/chunks/pages/ |
1 KB 793 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3f43c12b-f18aaa400465754a.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
117 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c2f04ad0-e42808f1064aeceb.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
88 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
726-015eedaa849d8fd6.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
1 MB 308 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
400-20f78fa92180be42.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
129 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
344-81998dc2f51e6170.js
incoming-document-viig7.daftpage.com/_next/static/chunks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%5Bsite%5D-ec502eecd32894ab.js
incoming-document-viig7.daftpage.com/_next/static/chunks/pages/_sites/ |
478 B 662 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
incoming-document-viig7.daftpage.com/_next/static/lBkqJc1aJshbLWZXcTpnj/ |
1 KB 713 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
incoming-document-viig7.daftpage.com/_next/static/lBkqJc1aJshbLWZXcTpnj/ |
283 B 448 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index-udqwct.png
daftpage.s3.amazonaws.com/projects/cl63up8db004n09mo6ouhcxnd/assets/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screen-shot-2022-07-22-at-8-81jot0.png
daftpage.s3.amazonaws.com/projects/cl63up8db004n09mo6ouhcxnd/assets/ |
222 KB 222 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2
fonts.gstatic.com/s/robotomono/v22/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.json
incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/ |
12 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.json
incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/ |
12 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c72c533aca924c1e.css
incoming-document-viig7.daftpage.com/_next/static/css/ |
20 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
index.json
incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sharepoint (Online)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| _GIPHY_SDK_HEADERS_ string| giphyRandomId object| __framePainter function| __NEXT_PRELOADREADY function| hotkeys object| __MIDDLEWARE_MANIFEST function| __BUILD_MANIFEST_CB object| __BUILD_MANIFEST object| __SSG_MANIFEST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
daftpage.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
incoming-document-viig7.daftpage.com
www.dashboard.gglme.com
164.68.109.83
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
54.231.161.41
76.76.21.123
00ea5932bb1d578af1f186da1dbe175e6aed09c8e5fe67750ec68cd6ba64a1ee
01ff05c7fd4f7916ebde54a554717c869280f9f146f71884a0282de206326910
03f814d2efcea1ba44a88a4de85f6f71e5342bc9aa1315e657cbb7b17ebb0192
0421a786a247d27d82829496c02e408142031f615a17d748c38748c4628d16c9
07eedc7db7b489454d20d1a243fcf3e47c8a4af9f0cd47b6e6cde8373a09fe50
0dc8dace4241b24511af042c46543ccee50e23d327a76262a58ef728363bc614
0ebecadafbad88e07dbeaec1ba83d0ef6bb8a97dabdfec783d5628257b2ef4c3
1760e7eef9f42da62ffb7994497e42bcab6c37c5dd32c2f1de1cec942524c5c7
2458c6e69ec960015408bcff5b6e3c679da9a9e7cb3149cc810ef75158c0acf1
24cf272f68a3c186317cbbc866ef441d2aaa14f60921dd8e6dab16c78ee4b1df
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
393c97dc4fa93d168c376aef134d9430420d2eceeaaad15e7cb5c39b119fa2d8
3f8ed02f16405e37169b029190b7dcd581cf91509fe05d2e5b65ae14e59c46c1
493226137c06402a4a94720a930a7d5c026fdbd0cd652d3c95620e14495e6daf
4fd199bffd107e7f486613f7dfa6a430e691ca89f5e5bb6d110e712daf841534
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
73413560550e08bbd1f5e412e892e0829d49305c7ecffff3e8ce26c1f0bf42f5
7ce2a6072bfcfdf1aedecf58f7fcf1b46ca8fb11719dec63d81e842298990def
a79fbff29b1a21f505eb9536c830a661aba8390f0aac14d0a84cc367f9ee7192
b23152823d91b78293a46a42ed10e8345b703bae2c7e63d608d5eade46ed9327
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bfe656a9f28e453c98af761ba4eae7d8d6ec470d8419a77ae96845d5c26db6b3
da80f73637bedd2bf9178ee852d8a14b8a9d9a1f16349ccd839a293bd79a8342
dfb6aa04fe174f86ed5fb8b8614b34eb5baa2c018efce8d0e0315c682059a65e
ed518261972445f0ec39ea427d6d083ed69fffbc5e601d2b8f12cc659ef1d87e
f5d114abe30e55e11543cfe3ef731731e10623cc6da498ab0ed26bf00439ea2c
ff8faea81a89cefaf5dc866fc12c33eea0de39c3e63f9355c44818951223e677