login.smartattach.com
Open in
urlscan Pro
207.245.83.11
Malicious Activity!
Public Scan
Effective URL: https://login.smartattach.com/webmail/
Submission: On August 23 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 2nd 2022. Valid for: a year.
This is the only time login.smartattach.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Mailgun (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 207.245.83.11 207.245.83.11 | 6372 (DCANET) (DCANET) | |
14 | 1 |
ASN6372 (DCANET, US)
PTR: sa.smartattach.com
login.smartattach.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
smartattach.com
1 redirects
login.smartattach.com |
1 MB |
14 | 1 |
Domain | Requested by | |
---|---|---|
15 | login.smartattach.com |
1 redirects
login.smartattach.com
|
14 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.linkedin.com |
www.icewarp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.smartattach.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-02 - 2023-11-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.smartattach.com/webmail/
Frame ID: E7846BF455BE497836284C538E558BD1
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
SmartAttach - Sign InPage URL History Show full URLs
-
https://login.smartattach.com/
HTTP 302
https://login.smartattach.com/webmail/ Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: www.icewarp.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.smartattach.com/
HTTP 302
https://login.smartattach.com/webmail/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
login.smartattach.com/webmail/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.css
login.smartattach.com/-.._._.--.._1590066418/webmail/css/ |
2 KB 867 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.js
login.smartattach.com/-.._._.--.._1590066418/webmail/ |
43 B 319 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
framework.min.js
login.smartattach.com/-.._._.--.._1590066418/webmail/ |
33 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.min.js
login.smartattach.com/-.._._.--.._1590066418/webmail/ |
298 KB 79 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
login.smartattach.com/icewarpapi/ |
1 KB 436 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
login.smartattach.com/icewarpapi/ |
82 KB 3 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
login.smartattach.com/-.._._.--.._1590066418/webmail/css/ |
46 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pikaday.css
login.smartattach.com/-.._._.--.._1590066418/webmail/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.svg
login.smartattach.com/-.._._.--.._1590066418/webmail/images/icons/ |
13 KB 14 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download.php
login.smartattach.com/-.._._.--.._1590066418/webmail/server/ |
1013 KB 1013 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Medium.woff2
login.smartattach.com/-.._._.--.._1590066418/webmail/fonts/ |
62 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.woff2
login.smartattach.com/-.._._.--.._1590066418/webmail/fonts/ |
62 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download.php
login.smartattach.com/-.._._.--.._1590066418/webmail/server/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Mailgun (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| config function| require object| hashChange function| __ object| Debugger object| _me0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.smartattach.com
207.245.83.11
0bf6bc6e7e66c9cfacaf824c257a091e908f00a134213c5c433e024729eddb3a
2fea2f2aa913b7aa163f45c897a463ba47a00fba670f747ead3d73c44c0d61bd
3f94ec10490b022db92bdf32e8a6e563dbb914714ad8c24a0df11b4d2195c7a3
4396ddb97d7225da28c4716822ce3b264a2708388f047df58926973d68b14281
63a602d76f364623cb6477ff9237f60df0bd2c5948658207974864c1c2275793
65de8a3e5c4e0307b538ebe97df4dbcae0303b7a7afc5753aba95c218ae33a8e
7245d9fa1bfc1cabea3545d42b4333bec825f868a4f758cb66a02a0901dd12a9
7259b08e1806afd11445fa8037574f16ef6b89b84c17e2eadc507a5047b54094
79c2cfeeb5805247bfc09a5c721883ae457c137995867d27b4eee9d533dde2c3
97df426d3982edecc950803d7cf879348ab0017b11b403098acc9d10205235fd
a9d4dd98dc1f2fdf537d352c6be74e850cc86a050e8a2b87f0cb9cf0c5116e5a
aaae82bf0b8dfddf8a4b5fc2a9daf341634c7d25e447b2a2cbbd5b7ad58c7236
b40eea5338ffb4de44b8ced4bb257cf7ca0296537f8ce4772323c38c961eea80
e530ef443c682ca02cab15d939402ead8c7c060fcf676164efd4078508e510e6