x.co
Open in
urlscan Pro
184.168.131.241
Malicious Activity!
Public Scan
Submission: On December 14 via manual from US
Summary
This is the only time x.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 184.168.131.241 184.168.131.241 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
7 | 104.111.214.19 104.111.214.19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 104.108.56.29 104.108.56.29 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
3 | 68.232.35.180 68.232.35.180 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2a00:1450:400... 2a00:1450:400c:c04::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 178.249.101.23 178.249.101.23 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a03:6400:16:... 2a03:6400:16:0:178:249:101:99 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
3 | 208.89.12.87 208.89.12.87 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
23 | 11 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
x.co | |
shortener.godaddy.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-214-19.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-56-29.deploy.static.akamaitechnologies.com
gui.godaddy.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
accdn.lpsnmedia.net |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
PTR: va.v.liveperson.net
va.v.liveperson.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
wsimg.com
img1.wsimg.com |
211 KB |
5 |
liveperson.net
lptag.liveperson.net va.v.liveperson.net |
57 KB |
3 |
tiqcdn.com
tags.tiqcdn.com |
30 KB |
2 |
godaddy.com
shortener.godaddy.com gui.godaddy.com |
113 KB |
1 |
lpsnmedia.net
accdn.lpsnmedia.net |
1 KB |
1 |
google-analytics.com
www.google-analytics.com |
710 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
19 KB |
1 |
x.co
x.co img.x.co Failed |
|
23 | 9 |
Domain | Requested by | |
---|---|---|
7 | img1.wsimg.com |
x.co
tags.tiqcdn.com |
3 | va.v.liveperson.net |
lptag.liveperson.net
|
3 | tags.tiqcdn.com |
img1.wsimg.com
tags.tiqcdn.com |
2 | lptag.liveperson.net |
img1.wsimg.com
|
1 | accdn.lpsnmedia.net |
lptag.liveperson.net
|
1 | www.google-analytics.com | |
1 | stats.g.doubleclick.net | |
1 | gui.godaddy.com |
img1.wsimg.com
|
1 | www.googletagmanager.com |
img1.wsimg.com
|
1 | shortener.godaddy.com |
x.co
|
1 | x.co | |
0 | img.x.co Failed |
x.co
|
23 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.godaddy.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2015-11-13 - 2018-11-13 |
3 years | crt.sh |
shortener.godaddy.com Go Daddy Secure Certificate Authority - G2 |
2016-12-16 - 2018-12-16 |
2 years | crt.sh |
*.godaddy.com Go Daddy Secure Certificate Authority - G2 |
2015-09-16 - 2018-09-16 |
3 years | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2017-12-05 - 2018-02-27 |
3 months | crt.sh |
*.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2015-01-29 - 2018-01-28 |
3 years | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2017-11-21 - 2018-02-13 |
3 months | crt.sh |
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA |
2015-05-27 - 2018-05-26 |
3 years | crt.sh |
*.v.liveperson.net COMODO RSA Organization Validation Secure Server CA |
2015-06-08 - 2018-06-07 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://x.co/6nke3
Frame ID: (D27E130424F2642F43E966A806DF08F1)
Requests: 23 HTTP requests in this frame
Screenshot
Detected technologies
CentOS (Operating Systems) ExpandDetected patterns
- headers server /CentOS/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
LivePerson (Live Chat) Expand
Detected patterns
- script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Tealium (Advertising Networks) Expand
Detected patterns
- script /^\/\/tags\.tiqcdn\.com\//i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: GoDaddy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://stats.g.doubleclick.net/dc.js HTTP 307
- https://stats.g.doubleclick.net/dc.js
- http://www.google-analytics.com/plugins/ga/inpage_linkid.js HTTP 307
- https://www.google-analytics.com/plugins/ga/inpage_linkid.js
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
6nke3
x.co/ |
10 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uxcore.min.css
img1.wsimg.com/ux/1.3.50-brand/css/ |
145 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brandheader-brand2.min.css
img1.wsimg.com/ux/eldorado/1.5.107/css/ |
32 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uxcore.en.min.js
img1.wsimg.com/ux/1.3.50-brand/js/ |
448 KB 138 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brandheader.min.js
img1.wsimg.com/ux/eldorado/1.5.107/js/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gd-header-logo.png
img1.wsimg.com/ux/eldorado/1.5.107/images/brand2.0/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Boing-Bold.woff2
img1.wsimg.com/ux/fonts/1.4/woff2/ |
28 KB 28 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shortener_bg.jpg
shortener.godaddy.com/static/img/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
www.googletagmanager.com/ |
49 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
gui.godaddy.com/pcjson/applicationheader/ |
208 B 208 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.js
tags.tiqcdn.com/utag/godaddy/godaddy/prod/ |
141 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pageevents.aspx
img.x.co/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.1355.js
tags.tiqcdn.com/utag/godaddy/godaddy/prod/ |
2 KB 888 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc.js
stats.g.doubleclick.net/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
liveengage.js
img1.wsimg.com/liveengage/v2/tag/1.9.0/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 2 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inpage_linkid.js
www.google-analytics.com/plugins/ga/ Redirect Chain
|
1 KB 710 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.jsonp
lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/ |
143 KB 51 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zones
accdn.lpsnmedia.net/api/account/30187337/configuration/le-campaigns/ |
8 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
30187337
va.v.liveperson.net/api/js/ |
207 B 208 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
30187337
va.v.liveperson.net/api/js/ |
110 B 134 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
30187337
va.v.liveperson.net/api/js/ |
42 B 73 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- img.x.co
- URL
- http://img.x.co/pageevents.aspx?sitename=x.co&page=/6nke3&eventtype=impression&e_id=uxp.eld.int.brandheader.shortener.impression.uxpHeaderServed&rand=2717326857
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint object| ux function| require object| openit function| $ function| jQuery function| _ object| jQuery183023521544757871093 object| uxel object| _gaDataLayer undefined| jQuery183023521544757871093_1513262607261 object| utag_data object| _gaq object| google_tag_manager boolean| utag_condload object| utag object| utag_cfg_ovrd object| customTealiumTiming object| tagUtils object| selector function| setImmediate function| clearImmediate object| lpTag object| _trfq object| _gat object| e function| f function| _typeof object| lpMTagConfig4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.x.co/ | Name: cookie-warning-accepted Value: true |
|
.x.co/ | Name: market Value: en-US |
|
.x.co/ | Name: utag_main Value: v_id:0160557aeca40013fe1aa01fd1bb00079001107100b08$_sn:1$_ss:1$_st:1513264407525$ses_id:1513262607525%3Bexp-session$_pn:1%3Bexp-session |
|
.x.co/ | Name: OPTOUTMULTI Value: 0:0%7Cc2:0%7Cc9:0%7Cc11:0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accdn.lpsnmedia.net
gui.godaddy.com
img.x.co
img1.wsimg.com
lptag.liveperson.net
shortener.godaddy.com
stats.g.doubleclick.net
tags.tiqcdn.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
x.co
img.x.co
104.108.56.29
104.111.214.19
178.249.101.23
184.168.131.241
208.89.12.87
2a00:1450:4001:814::200e
2a00:1450:4001:816::2008
2a00:1450:400c:c04::9a
2a03:6400:16:0:178:249:101:99
68.232.35.180
0a1d968c635fbf40c4942d5c2566d061b89fc31803ac63a116cf0bf9dffc293e
1d927a62cedfed8647f781cbb32a72e3a14b74b741b2b3ce20ba334c94d3054b
25f922ece09a93201d861e91bbc6dcc356f885ed3d9c79002d99ed5d0a5f3648
2bb96cd3b8c2c1dd9f879670c0612cc00ed49a09af73ff847232d8682588c877
49f6c1034e3661e29c5de12d1c97e489565c7d55fec513c2668a57329367e082
4e9eb39bd2d4a943ebc78767969a9b62c5490ae30dff9dc6d29c8f4cd3e4c112
5df2e53f0fb2bcd2127d868006f864b192f2ad9758017a1bc3202bfcc97059f5
623e7a431ee37d7a757c636ed608cf2f2dd7db8e997f1cf69beeb99215293366
64cbf7917561cfe91c75b5e1d0712c975fc938c04d3718fa257d234319e43638
6a61ccea48b7a140bea52b70839c2449079095a489aeca9540489a76664c20b7
84f7c8260f73d2b4a2b833afc8bdb2e157608c1ebd52f240cd47f3a4bb6047ac
8d854fc62fc6325e4825f8ec6d0ed66f52d0ae9cf299b5b16c0335d57c4f734f
954f13fd899c99fa539f66fb7b8cfb83ef6409540822df89544adb58b0134a9a
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b107ed47d8dc52696807ebee2405972a04022114519dacc0fcac7936214ab3d0
bf61ed2a448815aae212e1f3b7e87b1ae3b6f30738156b808ddc502fbdd5e0e3
c8a18c582d47da500d209aec71b6e5719541fa1f80c5ac5e2efa1f5efbeb5d18
d07b9671212be779e2a4322c479f1d146dc8abf68c69479224753743b9ef77c5
f4362ac81a41a4f978b559932f80d39f19885bb23121761c151aea9d755af759
f58a5a630ba6585b75f9f80a0502ec8535ad0872f5a34140dabb4c16ae30c9c4
fe0f219d8a144641c8a6ad21070be76f65a4920fccb34e285948d58f259c9300