URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Submission: On July 31 via api from TW

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 104.250.187.73, located in Karachi, Pakistan and belongs to VOXILITY, GB. The main domain is pxi.ferter.net.
This is the only time pxi.ferter.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

IP Address AS Autonomous System
1 104.250.187.73 3223 (VOXILITY)
7 2a00:1450:400... 15169 (GOOGLE)
8 2
Apex Domain
Subdomains
Transfer
7 googleapis.com
firebasestorage.googleapis.com
87 KB
1 ferter.net
pxi.ferter.net
6 KB
8 2
Domain Requested by
7 firebasestorage.googleapis.com pxi.ferter.net
1 pxi.ferter.net
8 2

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh

This page contains 1 frames:

Primary Page: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Frame ID: 2C44803ADABB7B0A193520E82B1B2C12
Requests: 8 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

93 kB
Transfer

90 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
5 KB
6 KB
Document
General
Full URL
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
HTTP/1.1
Server
104.250.187.73 Karachi, Pakistan, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
Apache /
Resource Hash
bd3a31c1b2c86530f923999f17d9f4a67517dab0352430057724cd251fcbd6c2

Request headers

Host
pxi.ferter.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 12:18:39 GMT
Server
Apache
Last-Modified
Thu, 25 Jun 2020 15:07:42 GMT
Accept-Ranges
bytes
Content-Length
5525
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
one.png
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
22 KB
23 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/one.png?alt=media&token=865b2af0-80ca-4c5b-8542-99fcd42f1a8f
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7b289c8b999ed425b9f99b072f590722752f82f3f2107b497210459a63e33c9b

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUk9ZulyI4gszJuOcIrarFSKxq-8MASDHW8prquhSwz_e4bfFleur9C75rB5vuMEVaWQWRqMR4lxMR9TPed-RwI
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''one.png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22886
last-modified
Thu, 04 Jun 2020 16:07:55 GMT
server
UploadServer
etag
"b38adf6c6e5fa94dd3e31db68cd01e09"
x-goog-hash
crc32c=qGdxJA==, md5=s4rfbG5fqU3T4x22jNAeCQ==
x-goog-generation
1591286875339868
cache-control
private, max-age=0
x-goog-stored-content-length
22886
x-goog-meta-firebasestoragedownloadtokens
865b2af0-80ca-4c5b-8542-99fcd42f1a8f
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Jul 2020 12:18:39 GMT
b.jpg
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
59 KB
60 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/b.jpg?alt=media&token=da63ccc1-d4ab-4d92-a2a3-5d609a61dd37
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9f5812201213197d46d28f422ea9941ff80110a07f3c06a03c8eb4ca0edfbc5a

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUmH-RSql_CohOURiERIiko7GuvuvNn47aIFLoXmdC5oVOZ4cHGm5qkq9CvxOfPBynLKJNtQhtFJOxVEoOLFjRY
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''b.jpg
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60557
last-modified
Thu, 04 Jun 2020 16:07:55 GMT
server
UploadServer
etag
"dd29ce13db82abd77520acc02223fc55"
x-goog-hash
crc32c=0Wsh3g==, md5=3SnOE9uCq9d1IKzAIiP8VQ==
x-goog-generation
1591286875533193
cache-control
private, max-age=0
x-goog-stored-content-length
60557
x-goog-meta-firebasestoragedownloadtokens
da63ccc1-d4ab-4d92-a2a3-5d609a61dd37
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 31 Jul 2020 12:18:39 GMT
of.png
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
457 B
746 B
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/of.png?alt=media&token=980e3d1f-bcde-4aa5-8f62-2cefbf5ad259
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c6a5a7526ea13dbe6f7c542d376523d7ddc58d991b499a69fcdb9c9302579bcc

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUmPsPBdSxOUrNmvkbThaaCDFwAQw_RWwfk2UVmPOFgVxHaKkxdxqnQZn9w_Mf71ak4BnO-In8yMhLKikKqBWHs
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''of.png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
457
last-modified
Thu, 04 Jun 2020 16:07:54 GMT
server
UploadServer
etag
"fc380c69aee740d395ea02d6350231d3"
x-goog-hash
crc32c=rJXSqw==, md5=/DgMaa7nQNOV6gLWNQIx0w==
x-goog-generation
1591286874995908
cache-control
private, max-age=0
x-goog-stored-content-length
457
x-goog-meta-firebasestoragedownloadtokens
980e3d1f-bcde-4aa5-8f62-2cefbf5ad259
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Jul 2020 12:18:39 GMT
ot.png
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
361 B
658 B
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/ot.png?alt=media&token=98da5c03-a146-4d2f-8ee5-655e0831c84d
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
62308587d8095e0d250f492b6bdcc583db0887733dfc1cbb25517b20b02e0ce9

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUnYEnce8IEwyA7HI3F9flXMQVO_2jPHCFPZexHNIZNXSmpn3d1CjKgWgGLCS3VHDlrFFPLeDGwQHy1BdVVICEE
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''ot.png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
361
last-modified
Thu, 04 Jun 2020 16:07:55 GMT
server
UploadServer
etag
"4d55460347294007a90c4e8870906104"
x-goog-hash
crc32c=0ZX2Rw==, md5=TVVGA0cpQAepDE6IcJBhBA==
x-goog-generation
1591286875226297
cache-control
private, max-age=0
x-goog-stored-content-length
361
x-goog-meta-firebasestoragedownloadtokens
98da5c03-a146-4d2f-8ee5-655e0831c84d
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Jul 2020 12:18:39 GMT
ao.png
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
427 B
715 B
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/ao.png?alt=media&token=094c1813-08e7-4b27-a51b-3131d8d82bc0
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
11f6bf364f364f2c539450a43f8922429d882505d1f7a7f6b702581702104597

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUmMIRy8ndzQvoWpFrCU8WSg-3HhS72Ngw3eWeHc0hoCmnNurQoQeHJGHW2MmcZR2Mhq5V5mre_J5V6JZ-9fqK4
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''ao.png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
427
last-modified
Thu, 04 Jun 2020 16:07:54 GMT
server
UploadServer
etag
"57b856136254bd74fe3eb0a4ea040dfe"
x-goog-hash
crc32c=sa2qsg==, md5=V7hWE2JUvXT+PrCk6gQN/g==
x-goog-generation
1591286874761188
cache-control
private, max-age=0
x-goog-stored-content-length
427
x-goog-meta-firebasestoragedownloadtokens
094c1813-08e7-4b27-a51b-3131d8d82bc0
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Jul 2020 12:18:39 GMT
ya.png
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
1 KB
2 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/ya.png?alt=media&token=2a91746e-8b6f-41bb-851b-4d3c1de85043
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5e337e802ad173ebe9bf2244db2b77262a0dd8f6c89b8d6dfb2ef649a730cf1f

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUmxWFS1htLvfv6M3HnqzA6Ry_ToFYzSZpg0R5i71N1kIEMEuGfNNQNOH7njloQPgAGEfm4hsW8RrymCrUEqECM
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''ya.png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
last-modified
Thu, 04 Jun 2020 16:07:55 GMT
server
UploadServer
etag
"943ce75b2be5b7a1296e565314b4306a"
x-goog-hash
crc32c=yHEBiA==, md5=lDznWyvlt6EpblZTFLQwag==
x-goog-generation
1591286875218652
cache-control
private, max-age=0
x-goog-stored-content-length
1522
x-goog-meta-firebasestoragedownloadtokens
2a91746e-8b6f-41bb-851b-4d3c1de85043
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Jul 2020 12:18:39 GMT
an.png
firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/
494 B
805 B
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/one0drive.appspot.com/o/an.png?alt=media&token=1c71f385-487b-49e1-91dc-2ce55a286f8f
Requested by
Host: pxi.ferter.net
URL: http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a1a760b8219df5d045b706e4aed02245e35102e9de8412fc00ce356bda6b3dc

Request headers

Referer
http://pxi.ferter.net/ONedrive/one-drive-e-signature/dashboard/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 12:18:39 GMT
x-guploader-uploadid
AAANsUnnKxJcMZEbEFV0sry-qfB9wbj_k_gZjjvAjJoYxfBH-9Bwvs9nubhIfVL0w4W8a1I6JFNcVjr86eCCh4uA-oM
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''an.png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
494
last-modified
Thu, 04 Jun 2020 16:07:54 GMT
server
UploadServer
etag
"f93d407101e4eb065c99db4e09621445"
x-goog-hash
crc32c=kyE03w==, md5=+T1AcQHk6wZcmdtOCWIURQ==
x-goog-generation
1591286874765603
cache-control
private, max-age=0
x-goog-stored-content-length
494
x-goog-meta-firebasestoragedownloadtokens
1c71f385-487b-49e1-91dc-2ce55a286f8f
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Jul 2020 12:18:39 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| an function| of function| ou function| ao function| ya

0 Cookies