icann.godaddy-verify.domains Open in urlscan Pro
78.137.164.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://icann.godaddy-verify.domains/
Submission: On March 09 via automatic, source certstream-suspicious (March 9th 2020, 12:20:45 am UTC)

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 78.137.164.80, located in United Kingdom and belongs to DIGIWEB-AS, IE. The main domain is icann.godaddy-verify.domains.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 8th 2020. Valid for: 3 months.

This is the only time icann.godaddy-verify.domains was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
10	78.137.164.80 78.137.164.80		31122 (DIGIWEB-AS) (DIGIWEB-AS)
10	1

10 78.137.164.80 (United Kingdom)

ASN31122 (DIGIWEB-AS, IE)
PTR: lh40.dnsireland.com

icann.godaddy-verify.domains	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	godaddy-verify.domains icann.godaddy-verify.domains	358 KB
10	1

	Domain	Requested by
10	icann.godaddy-verify.domains	icann.godaddy-verify.domains
10	1

This site contains links to these domains. Also see Links.

Domain
www.icann.org

Subject Issuer	Validity	Valid
icann.godaddy-verify.domains Let's Encrypt Authority X3	`2020-03-08` - `2020-06-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://icann.godaddy-verify.domains/
Frame ID: 1F85693082A45CF2ECD399DE590C1BE8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

358 kB
Transfer

356 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.icann.org/
Title:

Search URL Search Domain Scan URL

URL: http://www.icann.org/en/resources/registrars/raa/approved-with-specs-27jun13-en.htm#whois-accuracy
Title: ICANN HELP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response icann.godaddy-verify.domains/	4 KB 5 KB	214ms 109ms	Document text/html	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Full URL https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `f09acaa0e2b61c875f6bbbb4d8b4cc06d076c1f921b8c3808864cbe7568fad0d` Request headers Host icann.godaddy-verify.domains Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	sheet.css icann.godaddy-verify.domains/source/	10 KB 10 KB	32ms 30ms	Stylesheet text/css	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Full URL https://icann.godaddy-verify.domains/source/sheet.css Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `304aa31ed1145f6d46dff03f965fe6455a37792b1500216cf7392cdf0dcb4260` Request headers Referer https://icann.godaddy-verify.domains/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Last-Modified Sun, 08 Mar 2020 19:14:54 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 ETag "1860578-27dd-5a05cb396e780" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10205
GET H/1.1	200 OK	ICANN_01.jpg icann.godaddy-verify.domains/	12 KB 12 KB	88ms 33ms	Image image/jpeg	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/ICANN_01.jpg Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `589b25927b2a58bc4adcbf79a3344eb3776fb915970858aa0eae894a82852d0b` Request headers Referer https://icann.godaddy-verify.domains/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Last-Modified Sun, 08 Mar 2020 19:54:16 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 ETag "1846b3f-2e12-5a05d40602a00" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 11794
GET H/1.1	200 OK	SpryValidationTextField.js Show response icann.godaddy-verify.domains/	72 KB 73 KB	64ms 29ms	Script application/javascript	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Full URL https://icann.godaddy-verify.domains/SpryValidationTextField.js Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `84f29322a7cd7a6691f18482df7a5355d5e8fa81b74ae3fa0806afa03320f0d8` Request headers Referer https://icann.godaddy-verify.domains/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Last-Modified Sun, 08 Mar 2020 22:49:20 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 ETag "1846b47-120e1-5a05fb2767c00" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 73953
GET H/1.1	200 OK	secure.png icann.godaddy-verify.domains/	55 KB 55 KB	85ms 31ms	Image image/png	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/secure.png Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `eb99a9a3fc4349ffa77cefbd09d46ac646d3d9645569a2abd0e9f084df127dd1` Request headers Referer https://icann.godaddy-verify.domains/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Last-Modified Sat, 20 Apr 2019 09:41:02 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 ETag "1846b43-dbe7-586f3088a2780" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 56295
GET H/1.1	200 OK	GD_01.png icann.godaddy-verify.domains/	106 KB 106 KB	84ms 29ms	Image image/png	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/GD_01.png Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `3b924192c3540eb5eb52c6aed4978b1eb162b23d9201510489e1ab10fbe63d14` Request headers Referer https://icann.godaddy-verify.domains/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Last-Modified Sun, 08 Mar 2020 19:44:56 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 ETag "1846b3d-1a72d-5a05d1eff3e00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 108333
GET H/1.1	200 OK	UAE_Paloma_Teppa_100.jpg icann.godaddy-verify.domains/source/	96 KB 96 KB	52ms 32ms	Image image/jpeg	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/source/UAE_Paloma_Teppa_100.jpg Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `b697e62dabc4399944d86ac084115de70f324abbd2556b452083f54cd824f9d4` Request headers Referer https://icann.godaddy-verify.domains/source/sheet.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Last-Modified Sun, 08 Mar 2020 19:03:34 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 ETag "1860579-17f08-5a05c8b0eed80" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 98056
GET H/1.1	404 Not Found	pdf-logo.html icann.godaddy-verify.domains/Adobe%20Sign%20In_files/	315 B 315 B	94ms 41ms	Image text/html	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/Adobe%20Sign%20In_files/pdf-logo.html Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://icann.godaddy-verify.domains/source/sheet.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	bg_form.html icann.godaddy-verify.domains/source/images/	315 B 315 B	36ms 35ms	Image text/html	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/source/images/bg_form.html Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://icann.godaddy-verify.domains/source/sheet.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	adobe_logo_new_1.html icann.godaddy-verify.domains/images/	315 B 315 B	31ms 31ms	Image text/html	78.137.164.80 DIGIWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://icann.godaddy-verify.domains/images/adobe_logo_new_1.html Requested by Host: icann.godaddy-verify.domains URL: https://icann.godaddy-verify.domains/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.137.164.80 , United Kingdom, ASN31122 (DIGIWEB-AS, IE), Reverse DNS lh40.dnsireland.com Software Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://icann.godaddy-verify.domains/source/sheet.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Mon, 09 Mar 2020 00:20:27 GMT Server Apache/2.4.41 (cPanel) OpenSSL/1.1.1d mod_bwlimited/1.4 Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Spry boolean| r

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

icann.godaddy-verify.domains
78.137.164.80
304aa31ed1145f6d46dff03f965fe6455a37792b1500216cf7392cdf0dcb4260
3b924192c3540eb5eb52c6aed4978b1eb162b23d9201510489e1ab10fbe63d14
589b25927b2a58bc4adcbf79a3344eb3776fb915970858aa0eae894a82852d0b
84f29322a7cd7a6691f18482df7a5355d5e8fa81b74ae3fa0806afa03320f0d8
b697e62dabc4399944d86ac084115de70f324abbd2556b452083f54cd824f9d4
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
eb99a9a3fc4349ffa77cefbd09d46ac646d3d9645569a2abd0e9f084df127dd1
f09acaa0e2b61c875f6bbbb4d8b4cc06d076c1f921b8c3808864cbe7568fad0d

icann.godaddy-verify.domains Open in urlscan Pro 78.137.164.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

358 kBTransfer

356 kBSize

0 Cookies

2 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

icann.godaddy-verify.domains Open in urlscan Pro
78.137.164.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

358 kB
Transfer

356 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!