Submitted URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/index.php?userid=office%40hemswortharchitecture.com
Effective URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Submission: On February 11 via manual from New York, US

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 15 HTTP transactions.
The main IP is 210.16.100.46, located in India and belongs to AS40676 - Psychz Networks, US. The main domain is lnahwe.duckdns.org.
This is the first time this domain was scanned on urlscan.io!
Potentially malicious content or behaviour on this page! Show Details
Phishing detected — Impersonating GoDaddy (Online)

Domain & IP information

IP Address AS Autonomous System
1 9 210.16.100.46 40676 (AS40676)
1 2a00:1450:400... 15169 (GOOGLE)
5 2.20.21.198 20940 (AKAMAI-ASN1)
1 104.111.233.125 16625 (AKAMAI-AS)
15 5
Domain
Subdomains
Transfer
9 lnahwe.duckdns.org
221 KB
5 wsimg.com
179 KB
1 godaddy.com
1 KB
1 googletagmanager.com
25 KB
15 4
Domain Requested by
9 lnahwe.duckdns.org 1 redirects lnahwe.duckdns.org
img1.wsimg.com
5 img1.wsimg.com lnahwe.duckdns.org
1 gui.godaddy.com img1.wsimg.com
1 www.googletagmanager.com lnahwe.duckdns.org
15 4

This site contains links to these domains. Also see Links.

Domain
www.godaddy.com
Subject / Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3
2019-01-23 -
2019-04-17
3 months
*.wsimg.com
Starfield Secure Certificate Authority - G2
2018-09-25 -
2020-09-25
2 years
*.godaddy.com
Go Daddy Secure Certificate Authority - G2
2018-07-31 -
2020-07-31
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Web
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Adblocked index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
/goddy/GodaddyAuto/Godaddy356/workspace
Redirect Chain
  • http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/index.php?userid=office%40hemswortharchitecture.com
  • http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
219 KB
220 KB
Document
General
Full URL
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
3d469a389722521b619bb310a7d0eac2990c2f8777e74eb042e740b52ae3a4d5
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Host
lnahwe.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:48 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 11 Feb 2019 17:03:48 GMT
Server
Apache
Location
workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Adblocked gtm.js?id=GTM-SXRF&l=_gaDataLayer
www.googletagmanager.com
75 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
5450052ba3ccddfd985b06ead95c5abbd4a3a7f19e3060862ab3a79d7e563cde
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 17:03:50 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25631
x-xss-protection
1; mode=block
expires
Mon, 11 Feb 2019 17:03:50 GMT
bg-pass.png
img1.wsimg.com/auth/v1/static/359/img
300 B
300 B
Image
General
Full URL
https://img1.wsimg.com/auth/v1/static/359/img/bg-pass.png
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.21.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-20-21-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ab4b80dd1c5c1220ad1543693c2176089e9c4a096dc3919d582d3e159661560

Request headers

Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Feb 2019 17:03:50 GMT
content-encoding
gzip
access-control-allow-origin
*
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=31536000
timing-allow-origin
*
content-length
245
expires
Tue, 11 Feb 2020 17:03:50 GMT
Adblocked uxcore.en.min.js.download
/goddy/GodaddyAuto/Godaddy356/workspace/Sign%20In_files
0
0
Script
General
Full URL
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/Sign%20In_files/uxcore.en.min.js.download
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Connection
keep-alive
Cache-Control
no-cache
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
395
Content-Type
text/html; charset=iso-8859-1
Adblocked languageheader.min.js.download
/goddy/GodaddyAuto/Godaddy356/workspace/Sign%20In_files
0
0
Script
General
Full URL
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/Sign%20In_files/languageheader.min.js.download
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Connection
keep-alive
Cache-Control
no-cache
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
400
Content-Type
text/html; charset=iso-8859-1
data:truncated
data:truncated
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
316798ddb9d835066f727ac3af8969a5ca00adfe3b0042c0d8076bc5ab05567e

Request headers

Response headers

Content-Type
text/plain;charset=US-ASCII
Adblocked uxfont.woff2
/goddy/GodaddyAuto/Godaddy356/fonts
0
0
Font
General
Full URL
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/fonts/uxfont.woff2
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Origin
http://lnahwe.duckdns.org
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Origin
http://lnahwe.duckdns.org

Response headers

Date
Mon, 11 Feb 2019 17:03:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
Boing-Bold.woff2
img1.wsimg.com/ux/fonts/1.4/woff2
0
0
Font
General
Full URL
https://img1.wsimg.com/ux/fonts/1.4/woff2/Boing-Bold.woff2
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.21.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-20-21-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Origin
http://lnahwe.duckdns.org

Response headers

date
Mon, 11 Feb 2019 17:03:51 GMT
access-control-allow-origin
*
content-type
text/html
status
404
cache-control
max-age=31536000
timing-allow-origin
*
content-length
1245
expires
Tue, 11 Feb 2020 17:03:51 GMT
Adblocked uxfont.woff
/goddy/GodaddyAuto/Godaddy356/fonts
0
0
Font
General
Full URL
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/fonts/uxfont.woff
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Origin
http://lnahwe.duckdns.org
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Origin
http://lnahwe.duckdns.org

Response headers

Date
Mon, 11 Feb 2019 17:03:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
363
Content-Type
text/html; charset=iso-8859-1
Boing-Bold.woff
img1.wsimg.com/ux/fonts/1.4/woff
34 KB
35 KB
Font
General
Full URL
https://img1.wsimg.com/ux/fonts/1.4/woff/Boing-Bold.woff
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.21.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-20-21-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8cdc865f528e0af92dd7d42a2a0e4b9f1310960017febc221a70e47e53dd27ca

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Origin
http://lnahwe.duckdns.org

Response headers

date
Mon, 11 Feb 2019 17:03:51 GMT
last-modified
Wed, 04 May 2016 22:29:16 GMT
access-control-allow-origin
*
etag
"da8ba06454a6d11:0"
content-type
font/x-woff
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
35310
expires
Tue, 11 Feb 2020 17:03:51 GMT
Adblocked uxfont.ttf
/goddy/GodaddyAuto/Godaddy356/fonts
0
0
Font
General
Full URL
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/fonts/uxfont.ttf
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Origin
http://lnahwe.duckdns.org
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Origin
http://lnahwe.duckdns.org

Response headers

Date
Mon, 11 Feb 2019 17:03:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=94
Content-Length
362
Content-Type
text/html; charset=iso-8859-1
uxcore.en.min.js
img1.wsimg.com/ux/1.3.46-brand/js
448 KB
138 KB
Script
General
Full URL
http://img1.wsimg.com/ux/1.3.46-brand/js/uxcore.en.min.js
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
2.20.21.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-20-21-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f969c5d4666381c1855e62aea5280caaa2e053bc73b0b2cf29cababe96c6f85

Request headers

Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 19:31:20 GMT
ETag
"b39fedbab99d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
141237
Expires
Tue, 11 Feb 2020 17:03:51 GMT
languageheader.min.js
img1.wsimg.com/ux/eldorado/1.5.105/js
14 KB
5 KB
Script
General
Full URL
http://img1.wsimg.com/ux/eldorado/1.5.105/js/languageheader.min.js
Requested by
Host: lnahwe.duckdns.org
URL: http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
Protocol
HTTP/1.1
Server
2.20.21.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-20-21-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02bb3a4e3dc0682ff8d9d500cba553de419ef2b73f3ef588896130146429910e

Request headers

Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2017 17:27:03 GMT
ETag
"3d216a157df6d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
5103
Expires
Tue, 11 Feb 2020 17:03:51 GMT
includemarket?plid=1&callback=jQuery18307440936344248918_1549904631806&_=1549904631856
gui.godaddy.com/pcjson/support
620 B
1 KB
Script
General
Full URL
https://gui.godaddy.com/pcjson/support/includemarket?plid=1&callback=jQuery18307440936344248918_1549904631806&_=1549904631856
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/ux/1.3.46-brand/js/uxcore.en.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.233.125 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-233-125.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash
76f75a84131a8300b2ab542f73a3a4ce4048395fe9015974e33e49ab1f6c1b67

Request headers

Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Feb 2019 17:03:52 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
X-Powered-By
ARR/2.5, ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
620
Expires
-1
Adblocked login.js?v=359&_=1549904631861
/v1/js/src
335 B
535 B
XHR
General
Full URL
http://lnahwe.duckdns.org/v1/js/src/login.js?v=359&_=1549904631861
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/ux/1.3.46-brand/js/uxcore.en.min.js
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
8e37396d17aa941902c9229c7f73939f75ae069b7111b47231b1cf000e5bd12e
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=93
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Adblocked form.js?v=359&_=1549904632007
/v1/js/src
334 B
534 B
XHR
General
Full URL
http://lnahwe.duckdns.org/v1/js/src/form.js?v=359&_=1549904632007
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/ux/1.3.46-brand/js/uxcore.en.min.js
Protocol
HTTP/1.1
Server
210.16.100.46 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
4a88db8385e229451b5f441fde11a858f5e1c03390a48272937df1de1b2e239d
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
lnahwe.duckdns.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:03:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=92
Content-Length
334
Content-Type
text/html; charset=iso-8859-1

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/index.php?userid=office%40hemswortharchitecture.com
  • http://lnahwe.duckdns.org/goddy/GodaddyAuto/Godaddy356/workspace/index.php?l=_JeHFUq_VJOXK0QWHtoGYDw_Product-UserID&userid=office@hemswortharchitecture.com

Malicious behaviour and content

Google Safe Browsing

There was 1 malicious URLs contacted according to Google Safe Browsing! See report

SOCIAL_ENGINEERING http://lnahwe.duckdns.org/v1/js/src/form.js?v=359&_=1549904632007

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| google_tag_manager object| _gaDataLayer object| ux object| Globals object| translate_dict object| uxel function| require object| openit function| $ function| jQuery function| _ object| jQuery18307440936344248918 undefined| jQuery18307440936344248918_1549904631806

0 Cookies