mscon.site Open in urlscan Pro
195.201.179.80  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mscon.site/	2 KB 1 KB	7248ms 39ms	Document text/html	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/ Protocol HTTP/1.1 Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash ecf871849b04e224cd1a35b926051e67b9e65284481527a28a09b74be6a41857 Request headers Host mscon.site Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.16.0 Date Mon, 15 Jul 2019 20:04:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Mon, 15 Jul 2019 10:12:30 GMT ETag W/"6f1-58db57f761b4e" Cache-Control max-age=0 Expires Mon, 15 Jul 2019 20:04:51 GMT Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.css mscon.site/css/	6 KB 2 KB	57ms 57ms	Stylesheet text/css	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/css/main.css Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash f6165e67efd4759d090a373eb1519cc89768acb94bc0e5495ac21339ef127486 Request headers Referer http://mscon.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Content-Encoding gzip Last-Modified Thu, 22 Feb 2018 09:31:04 GMT Server nginx/1.16.0 ETag W/"176b-565c9b3dd2600" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=31536000 Transfer-Encoding chunked Connection keep-alive Expires Tue, 14 Jul 2020 20:04:51 GMT
GET H/1.1	200 OK	main.js Show response mscon.site/chrome-assets/	2 KB 1 KB	148ms 90ms	Script application/javascript	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/chrome-assets/main.js Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash b8083a297df129a89593717f837db232eb994c955a6d884b64c96c20cd07ba48 Request headers Referer http://mscon.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Content-Encoding gzip Last-Modified Thu, 22 Feb 2018 09:45:30 GMT Server nginx/1.16.0 ETag W/"88f-565c9e77b4280" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000 Transfer-Encoding chunked Connection keep-alive Expires Tue, 14 Jul 2020 20:04:51 GMT
GET H/1.1	200 OK	loader.gif mscon.site/images/	79 KB 79 KB	211ms 62ms	Image image/gif	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://mscon.site/images/loader.gif Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash 53746fa7fb9ee43d32c62ebbb6617e92900fde4590946b4045c06e05391105bc Request headers Referer http://mscon.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Last-Modified Thu, 15 Feb 2018 10:47:52 GMT Server nginx/1.16.0 ETag "13a66-5653df5a20600" Content-Type image/gif Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 80486 Expires Wed, 14 Aug 2019 20:04:51 GMT
GET H/1.1	200 OK	close-icon.png mscon.site/images/	2 KB 2 KB	537ms 69ms	Image image/png	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://mscon.site/images/close-icon.png Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash 845be6bbfc38a1418934d4c29ecadd89e7bfd751a6fee29e3b9243f2530654e6 Request headers Referer http://mscon.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Last-Modified Thu, 15 Feb 2018 09:52:10 GMT Server nginx/1.16.0 ETag "83c-5653d2e6f2680" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 2108 Expires Wed, 14 Aug 2019 20:04:51 GMT
GET		rout.js analytics.cuvesk.com/rout/	0 0
GET H/1.1	404 Not Found	121.png mscon.site/chrome-assets/	295 B 295 B	406ms 37ms	Image text/html	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://mscon.site/chrome-assets/121.png Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash 6206f855bf6ad851c2a543ec1826f0aaf511c62d98b15b063cfd33c2be63b10a Request headers Referer http://mscon.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Server nginx/1.16.0 Connection keep-alive Content-Length 295 Content-Type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	239 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c Request headers Referer http://mscon.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	SegoeUI-Semibold.woff2 mscon.site/fonts/	299 KB 300 KB	154ms 125ms	Font application/octet-stream	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/fonts/SegoeUI-Semibold.woff2 Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash bf538277086d59ae6e2e8f351416a88c937bf56a3d0fe732e4a60bf5cde80e54 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://mscon.site/css/main.css Origin http://mscon.site Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Last-Modified Thu, 15 Feb 2018 07:41:34 GMT Server nginx/1.16.0 ETag "4ad84-5653b5b5f4780" Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 306564 Expires Mon, 22 Jul 2019 20:04:51 GMT
GET H/1.1	200 OK	SegoeUI-Light.woff2 mscon.site/fonts/	319 KB 319 KB	187ms 65ms	Font application/octet-stream	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/fonts/SegoeUI-Light.woff2 Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash 122661434404faaf3477537eff6197e06f0db44dcf20d237e6c949726af950fa Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://mscon.site/css/main.css Origin http://mscon.site Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Last-Modified Thu, 15 Feb 2018 07:37:50 GMT Server nginx/1.16.0 ETag "4fad8-5653b4e054f80" Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 326360 Expires Mon, 22 Jul 2019 20:04:51 GMT
GET H/1.1	200 OK	SegoeUI.woff2 mscon.site/fonts/	170 KB 171 KB	361ms 107ms	Font application/octet-stream	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/fonts/SegoeUI.woff2 Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash 9a93266914ee5e352a907fa8b5f246189ebff72a8f4497e9f508b1774f762dc5 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://mscon.site/css/main.css Origin http://mscon.site Response headers Date Mon, 15 Jul 2019 20:04:51 GMT Last-Modified Thu, 15 Feb 2018 07:44:46 GMT Server nginx/1.16.0 ETag "2a964-5653b66d0f780" Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 174436 Expires Mon, 22 Jul 2019 20:04:51 GMT
GET H/1.1	206 Partial Content	kk.mp3 mscon.site/chrome-assets/	58 KB 59 KB	332ms 70ms	Media audio/mpeg	195.201.179.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://mscon.site/chrome-assets/kk.mp3 Requested by Host: mscon.site URL: http://mscon.site/ Protocol HTTP/1.1 Security , , Server 195.201.179.80 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS free-hosting-clients.freehosting.com Software nginx/1.16.0 / Resource Hash 26ddacb2ab4e8a3e0e6242ac05c896aabd340e6a0f573500c9c67e185c76da29 Request headers Referer http://mscon.site/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers Date Mon, 15 Jul 2019 20:04:52 GMT Last-Modified Wed, 14 Feb 2018 15:02:30 GMT Server nginx/1.16.0 ETag "e9ea-5652d666e6d80" Content-Type audio/mpeg Content-Range bytes 0-59881/59882 Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 59882 Expires Mon, 22 Jul 2019 20:04:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

analytics.cuvesk.com

URL

http://analytics.cuvesk.com/rout/rout.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Tech Support Scam (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| popupSite function| toggleFullScreen function| nocontextmenu function| norightclick string| CustomAnlysis function| ca

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.cuvesk.com
mscon.site
analytics.cuvesk.com
195.201.179.80
122661434404faaf3477537eff6197e06f0db44dcf20d237e6c949726af950fa
26ddacb2ab4e8a3e0e6242ac05c896aabd340e6a0f573500c9c67e185c76da29
53746fa7fb9ee43d32c62ebbb6617e92900fde4590946b4045c06e05391105bc
6206f855bf6ad851c2a543ec1826f0aaf511c62d98b15b063cfd33c2be63b10a
845be6bbfc38a1418934d4c29ecadd89e7bfd751a6fee29e3b9243f2530654e6
9a93266914ee5e352a907fa8b5f246189ebff72a8f4497e9f508b1774f762dc5
b8083a297df129a89593717f837db232eb994c955a6d884b64c96c20cd07ba48
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
bf538277086d59ae6e2e8f351416a88c937bf56a3d0fe732e4a60bf5cde80e54
ecf871849b04e224cd1a35b926051e67b9e65284481527a28a09b74be6a41857
f6165e67efd4759d090a373eb1519cc89768acb94bc0e5495ac21339ef127486