urlscan.io logo urlscan.io
SecurityTrails logo

secure.gotwickedhosting.com Open in urlscan Pro
173.231.245.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.gotwickedhosting.com/
Effective URL: http://secure.gotwickedhosting.com/cgi-sys/defaultwebpage.cgi
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 173.231.245.198, located in United States and belongs to IMH-IAD, US. The main domain is secure.gotwickedhosting.com.
This is the only time secure.gotwickedhosting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 173.231.245.198 54641 (IMH-IAD)
1 1 199.250.205.41 54641 (IMH-IAD)
1 2606:4700:310... 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
2 inmotionhosting.com
inmotionhosting.com — Cisco Umbrella Rank: 63445
www.inmotionhosting.com — Cisco Umbrella Rank: 155438
2 KB
2 gotwickedhosting.com
secure.gotwickedhosting.com
2 KB
3 2
Domain Requested by
2 secure.gotwickedhosting.com
1 www.inmotionhosting.com secure.gotwickedhosting.com
1 inmotionhosting.com 1 redirects
3 3

This site contains links to these domains. Also see Links.

Domain
documentation.cpanel.net
www.inmotionhosting.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://secure.gotwickedhosting.com/cgi-sys/defaultwebpage.cgi
Frame ID: F18BA2BC2B8A37590EE730834EB3F573
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

InMotion Hosting

Page URL History Show full URLs

  1. http://secure.gotwickedhosting.com/ Page URL
  2. http://secure.gotwickedhosting.com/cgi-sys/defaultwebpage.cgi Page URL

Page Statistics

3
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

4 kB
Transfer

3 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.gotwickedhosting.com/ Page URL
  2. http://secure.gotwickedhosting.com/cgi-sys/defaultwebpage.cgi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://inmotionhosting.com/clickx/r/imh1.gif HTTP 301
  • https://www.inmotionhosting.com/clickx/r/imh1.gif

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secure.gotwickedhosting.com/ 		163 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
http://secure.gotwickedhosting.com/
Protocol
HTTP/1.1
Server
173.231.245.198 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
secure.gotwickedhosting.com
Software
nginx/1.23.4 /
Resource Hash
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
163
Content-Type
text/html
Date
Tue, 01 Aug 2023 16:56:46 GMT
Expires
0
Last-Modified
Tue, 11 Jul 2023 17:58:54 GMT
Pragma
no-cache
Server
nginx/1.23.4
Primary Request defaultwebpage.cgi
secure.gotwickedhosting.com/cgi-sys/ 		994 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://secure.gotwickedhosting.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
173.231.245.198 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
secure.gotwickedhosting.com
Software
nginx/1.23.4 /
Resource Hash
d0810fd3e6374f7502471c8360337216e381f51d85de04fc8848ef8da4f32b9c

Request headers

Referer
http://secure.gotwickedhosting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 01 Aug 2023 16:56:46 GMT
Server
nginx/1.23.4
Transfer-Encoding
chunked
imh1.gif
www.inmotionhosting.com/clickx/r/
Redirect Chain
  • https://inmotionhosting.com/clickx/r/imh1.gif
  • https://www.inmotionhosting.com/clickx/r/imh1.gif
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.inmotionhosting.com/clickx/r/imh1.gif
Requested by
Host: secure.gotwickedhosting.com
URL: http://secure.gotwickedhosting.com/cgi-sys/defaultwebpage.cgi
Protocol
H2
Server
2606:4700:3108::ac42:2ae1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c25420e0a08a2841c5b171572074be37bc094e4c416395a489e897777168583
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.optimizely.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://secure.gotwickedhosting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 16:56:47 GMT
content-security-policy
frame-ancestors 'self' https://app.optimizely.com
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Thu, 13 Jul 2023 15:32:18 GMT
server
cloudflare
cf-polished
status=not_needed
etag
"7a9-600600996c480"
vary
Accept, Accept-Encoding
content-type
image/gif
accept-ranges
bytes
cf-ray
7eff9dd08aab4d9c-FRA
content-length
1961

Redirect headers

location
https://www.inmotionhosting.com/clickx/r/imh1.gif
date
Tue, 01 Aug 2023 16:56:47 GMT
server
nginx/1.24.0
content-length
169
content-type
text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies