microsoft-seguridad-live2024.hstn.me Open in urlscan Pro
185.27.134.216 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://microsoft-seguridad-live2024.hstn.me/?i=1
Effective URL:
http://microsoft-seguridad-live2024.hstn.me/?i=2
Submission: On February 29 via api (February 29th 2024, 3:37:43 pm UTC) from US — Scanned from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 185.27.134.216, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is microsoft-seguridad-live2024.hstn.me.

This is the only time microsoft-seguridad-live2024.hstn.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
7 14	185.27.134.216 185.27.134.216	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
7 14	2606:4700:303... 2606:4700:3033::6815:316c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

14 185.27.134.216 (United Kingdom) 7 redirects

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

microsoft-seguridad-live2024.hstn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3033::6815:316c (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

aeonfree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	aeonfree.com 7 redirects aeonfree.com	2 KB
14	hstn.me 7 redirects microsoft-seguridad-live2024.hstn.me	224 KB
0	sociomantic.com Failed us-sonar.sociomantic.com Failed
15	3

	Domain	Requested by
14	aeonfree.com	7 redirects microsoft-seguridad-live2024.hstn.me
14	microsoft-seguridad-live2024.hstn.me	7 redirects microsoft-seguridad-live2024.hstn.me
0	us-sonar.sociomantic.com Failed	microsoft-seguridad-live2024.hstn.me
15	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://microsoft-seguridad-live2024.hstn.me/?i=2
Frame ID: 82D4D15D5FA21DA6F71DDC542F79D19A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live

Page URL History Show full URLs

http://microsoft-seguridad-live2024.hstn.me/?i=1 Page URL
http://microsoft-seguridad-live2024.hstn.me/?i=2 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

15
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

222 kB
Transfer

220 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://microsoft-seguridad-live2024.hstn.me/?i=1 Page URL
http://microsoft-seguridad-live2024.hstn.me/?i=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://microsoft-seguridad-live2024.hstn.me/Scripts/jquery-1.11.3.min.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 5

http://microsoft-seguridad-live2024.hstn.me/Scripts/jquery.blockUI.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 6

http://microsoft-seguridad-live2024.hstn.me/Scripts/_UtilidadesSitio.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 7

http://microsoft-seguridad-live2024.hstn.me/Scripts/Indicador.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 8

http://microsoft-seguridad-live2024.hstn.me/ScriptResource031e.html?d=4ejzBeCma20vHaNBi-aw0NblYCfCDh44zfCmtkgmX-yBzIqXKbfMlEW_EjiaJjEjhqgYuioyJ1BvTkvHoVBvzW62zskUJSAPVLQz2q6IFwy7deq3VKjEQE8AYwhLxBJ1gP5wkX3lrw9Mg6OT9XROgQfZt5aanpi8jNEJMX_TNFA1&t=ffffffffaa493ab8 HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 10

http://microsoft-seguridad-live2024.hstn.me/js/bk-coretag.html HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 11

http://microsoft-seguridad-live2024.hstn.me/_Incapsula_Resourcef8dd.html?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=6&cb=108360433 HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response microsoft-seguridad-live2024.hstn.me/	847 B 1 KB	2870ms 139ms	Document text/html	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://microsoft-seguridad-live2024.hstn.me/?i=1 Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `4ccdf785c4a51e2f9bbffc73d280124180e9b620dc24843461abb34358c93a6c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache Connection keep-alive Content-Length 847 Content-Type text/html Date Thu, 29 Feb 2024 15:37:33 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx
GET H/1.1	200 OK	aes.js microsoft-seguridad-live2024.hstn.me/	13 KB 14 KB	143ms 142ms	Script application/javascript	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://microsoft-seguridad-live2024.hstn.me/aes.js Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=1 Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/?i=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 15:37:33 GMT Last-Modified Sun, 15 Oct 2023 17:30:23 GMT Server nginx ETag "652c21af-35a5" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 13733
GET H/1.1	200 OK	Primary Request / Show response microsoft-seguridad-live2024.hstn.me/	17 KB 17 KB	167ms 166ms	Document text/html	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://microsoft-seguridad-live2024.hstn.me/?i=2 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=1 Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `6c4cb830bcc06d195ad6449a6ce99face33ba630499a5322f956f2012a7893ac` Request headers Referer http://microsoft-seguridad-live2024.hstn.me/?i=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=2592000, public, proxy-revalidate Connection keep-alive Content-Length 17134 Content-Type text/html; charset=UTF-8 Date Thu, 29 Feb 2024 15:37:33 GMT ETag "42ee-6105c78259320" Expires Sat, 30 Mar 2024 15:37:33 GMT Last-Modified Fri, 02 Feb 2024 01:59:59 GMT Server nginx
GET H/1.1	200 OK	styles.css microsoft-seguridad-live2024.hstn.me/	25 KB 26 KB	155ms 140ms	Stylesheet text/css	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://microsoft-seguridad-live2024.hstn.me/styles.css Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `c5a4c9c6389203ed9d770a1c52f119886ebc3c579215d12dcf1f6df8171564ce` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/?i=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 15:37:33 GMT Last-Modified Fri, 02 Feb 2024 02:00:02 GMT Server nginx ETag "6559-6105c78558490" Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 25945 Expires Sat, 30 Mar 2024 15:37:33 GMT
GET H/1.1	200 OK	bootstrap.css microsoft-seguridad-live2024.hstn.me/	158 KB 159 KB	157ms 139ms	Stylesheet text/css	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://microsoft-seguridad-live2024.hstn.me/bootstrap.css Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/?i=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 15:37:33 GMT Last-Modified Fri, 02 Feb 2024 02:00:03 GMT Server nginx ETag "278e1-6105c786da070" Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 162017 Expires Sat, 30 Mar 2024 15:37:33 GMT
GET H2	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/Scripts/jquery-1.11.3.min.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	133ms 125ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H2 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR72M2XJ3GPD02GEZBNP36 date Thu, 29 Feb 2024 15:37:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 739 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9W2MW%2BfBdJ8VZVCQmDFeiMYWzKPOGjDqv1nW96pL%2FXwSR%2BkJVVETZs91oIGynsZMKb3XF%2FRCjrKQfBrTRcQ52ruWShRxzIp40YNy56xLN2Jey5Mno47tb7YK5fA07BX%2FM2yqREAmAeecphI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd490bd7b3e6-MIA alt-svc h3=":443"; ma=86400
GET H3	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/Scripts/jquery.blockUI.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	381ms 373ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H3 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR72MBHG8BW7XWMP8JDFYM date Thu, 29 Feb 2024 15:37:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 739 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2KInPmUGjuUG%2Byh%2FdUtHBZ%2B9cHfNx094zNS6l3a5gF5fncKqP%2BDjF7McjLtQtXw9LnXsktKnHqqLD%2Fhr3ss2eqxaIQpi3i7FCWGhh5NGXUiaOIzQA0hTJG5PXVcuduarRQC%2FzwwnXZJm%2Fo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd490bdeb3e6-MIA alt-svc h3=":443"; ma=86400
GET H2	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/Scripts/_UtilidadesSitio.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	139ms 132ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H2 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR72M02SCH9XE18THF5N9C date Thu, 29 Feb 2024 15:37:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 739 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcZ%2F%2FISAvN2MSkBK5GJ7nBhZVCvdCl6QCCWhw84r81YkvH5VDIPupSOkJS6Hjb6UXg7J1K9doszVKjHhe2WPSwLMC%2BjbMrCs3xlIxHxs1dkr75%2F2PjVcoEWc%2Fi2cyRdyHRzZLS3hOaMs1tk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd490bd9b3e6-MIA alt-svc h3=":443"; ma=86400
GET H2	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/Scripts/Indicador.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	130ms 123ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H2 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR72M2TX9GQ2KN00EJ4XWK date Thu, 29 Feb 2024 15:37:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 739 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUo85BR03CDaREyCOaE0xYO7%2F2%2BU18Mk54COLWWjAhJtUTp1hVLPgfD35L7RbRMA080p9NuAUrB%2BdR0okDw%2BklkNkzmawz%2FW78q%2FJ5GFXs%2FvpMz9WvqvbMPvXXXqm3Gs%2FTzWXOa2Sq90bFM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd490be1b3e6-MIA alt-svc h3=":443"; ma=86400
GET H2	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/ScriptResource031e.html?d=4ejzBeCma20vHaNBi-aw0NblYCfCDh44zfCmtkgmX-yBzIqXKbfMlEW_EjiaJjEjhqgYuioyJ1BvTkvHoVBvzW62zskUJSAPVLQz2q6IFwy7deq3VKjEQE8AYwhLxBJ... https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	152ms 144ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H2 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR72M1SSG9G7XXEQPTYV5H date Thu, 29 Feb 2024 15:37:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 739 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBDRYQV5s3vLRsJgyw1pB%2F1dVW0185job1EHfug0akNaG4Or3k%2FqIZ%2F0FALBGhJs6u0KcBBdY5L6duuQ4Ort9mTPB%2FBIEhY5gh5i9umKUAuM1UmASNKADlYIGl3o5IPmc6GYjqM3DykVvpk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd490bebb3e6-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	logo%20micro.svg microsoft-seguridad-live2024.hstn.me/	4 KB 4 KB	145ms 143ms	Image image/svg+xml	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL http://microsoft-seguridad-live2024.hstn.me/logo%20micro.svg Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/?i=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 15:37:34 GMT Last-Modified Fri, 02 Feb 2024 01:59:59 GMT Server nginx ETag "e43-6105c782bc510" Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 3651 Expires Thu, 29 Feb 2024 15:37:34 GMT
GET H3	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/js/bk-coretag.html https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	378ms 377ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H3 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR72RFBFCQX7A77FFWZZ3R date Thu, 29 Feb 2024 15:37:35 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 739 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DpOr3RnncdtvNyGz%2Bu9O1S20luzloA7drhVOeO1LkD6T8oa8J0HmrQYt%2BsInevTB4PmsDFuOx6xlI99iIRtuDtH4T%2BUk5DQjY6KRFhAIU9rsTBKB12vroMLXHbr%2FH%2FQGzJ0jU63OUlPIMo%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd4b0f2bb3e6-MIA alt-svc h3=":443"; ma=86400
GET H3	200	404 Show response aeonfree.com/error/ Redirect Chain http://microsoft-seguridad-live2024.hstn.me/_Incapsula_Resourcef8dd.html?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=6&cb=108360433 https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0	164ms 143ms	Script text/html	2606:4700:3033::6815:316c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aeonfree.com/error/404 Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/?i=2 Protocol H3 Server 2606:4700:3033::6815:316c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Redirect headers x-nf-request-id 01HQTR73S6V93F4MM6776XY6CH date Thu, 29 Feb 2024 15:37:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1734 cache-status "Netlify Edge"; hit report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ1GxV6apPn%2FRL39E%2B80K5FR%2FOxEPpl83lgCsB2lg7cjTfuFkPoaXjIX%2BZi6XOfElJQyaX8B1xVAr4SdaeRcEmS%2BWVkucgeC%2F7wcvzpVUG4s6f9TGm73Ryr88gnF5Bq4FbbDWlaPIyXztl4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /error/404 cache-control public,max-age=0,must-revalidate accept-ranges bytes cf-ray 85d1fd519ee56c87-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	fondo%20outloook.svg microsoft-seguridad-live2024.hstn.me/	2 KB 2 KB	675ms 592ms	Image image/svg+xml	185.27.134.216 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL http://microsoft-seguridad-live2024.hstn.me/fondo%20outloook.svg Requested by Host: microsoft-seguridad-live2024.hstn.me URL: http://microsoft-seguridad-live2024.hstn.me/styles.css Protocol HTTP/1.1 Server 185.27.134.216 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68` Request headers accept-language en-US,en;q=0.9 Referer http://microsoft-seguridad-live2024.hstn.me/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 15:37:34 GMT Last-Modified Fri, 02 Feb 2024 02:00:03 GMT Server nginx ETag "748-6105c786dee90" Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 1864 Expires Thu, 29 Feb 2024 15:37:34 GMT
GET		tuya-co us-sonar.sociomantic.com/js/2010-07-01/adpan/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us-sonar.sociomantic.com
URL: http://us-sonar.sociomantic.com/js/2010-07-01/adpan/tuya-co

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			microsoft-seguridad-live2024.hstn.me/	1970-01-21 04:23:01	Name: __test Value: 3c509e4116f0091944b4d1384869895d

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://us-sonar.sociomantic.com/js/2010-07-01/adpan/tuya-co Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeonfree.com
microsoft-seguridad-live2024.hstn.me
us-sonar.sociomantic.com
us-sonar.sociomantic.com
185.27.134.216
2606:4700:3033::6815:316c
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
4ccdf785c4a51e2f9bbffc73d280124180e9b620dc24843461abb34358c93a6c
6c4cb830bcc06d195ad6449a6ce99face33ba630499a5322f956f2012a7893ac
c5a4c9c6389203ed9d770a1c52f119886ebc3c579215d12dcf1f6df8171564ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

microsoft-seguridad-live2024.hstn.me Open in urlscan Pro 185.27.134.216 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

0 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

222 kBTransfer

220 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

microsoft-seguridad-live2024.hstn.me Open in urlscan Pro
185.27.134.216 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

222 kB
Transfer

220 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!