documentscert.email Open in urlscan Pro
198.54.125.171 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://documentscert.email/godaddy/
Submission: On December 05 via manual (December 5th 2019, 9:55:01 am UTC) from IE

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 198.54.125.171, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is documentscert.email.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 30th 2019. Valid for: a year.

This is the only time documentscert.email was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GoDaddy (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	198.54.125.171 198.54.125.171	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
10	2.20.21.198 2.20.21.198	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	23.45.104.222 23.45.104.222	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	4

9 198.54.125.171 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server261-3.web-hosting.com

documentscert.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.20.21.198 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-21-198.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.45.104.222 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-104-222.deploy.static.akamaitechnologies.com

events.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	wsimg.com img1.wsimg.com	303 KB
9	documentscert.email documentscert.email	402 KB
4	secureserver.net 1 redirects events.secureserver.net	3 KB
22	3

	Domain	Requested by
10	img1.wsimg.com	documentscert.email
9	documentscert.email	documentscert.email
4	events.secureserver.net	1 redirects documentscert.email
22	3

This site contains links to these domains. Also see Links.

Domain
www.godaddy.com

Subject Issuer	Validity	Valid
documentscert.email Sectigo RSA Domain Validation Secure Server CA	`2019-11-30` - `2020-11-29`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2018-09-25` - `2020-09-25`	2 years	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://documentscert.email/godaddy/
Frame ID: 077E87ACB2F8651BEFBCEDDDF2D98C42
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

708 kB
Transfer

2332 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.godaddy.com/

Search URL Search Domain Scan URL

URL: https://www.godaddy.com/agreements/showdoc.aspx?pageid=PRIVACY
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://events.secureserver.net/image.aspx?timestamp=1575539683692&corrid=540741468&event_type=page.request&page=%2Fgodaddy&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id=412c59a3-ccff-5bb0-9556-30976ef75b1c&referrer=&vs=visible&rand=418347501&sitename=documentscert.email&visitor_guid=d05d268b-4500-533f-a5f8-75c69016cd38&page_url=https%3A%2F%2Fdocumentscert.email%2Fgodaddy%2F&environment_name=prod HTTP 302
https://events.secureserver.net/image.aspx?timestamp=1575539683692&corrid=540741468&event_type=page.request&page=%2Fgodaddy&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id=412c59a3-ccff-5bb0-9556-30976ef75b1c&referrer=&vs=visible&rand=418347501&sitename=documentscert.email&visitor_guid=d05d268b-4500-533f-a5f8-75c69016cd38&page_url=https%3A%2F%2Fdocumentscert.email%2Fgodaddy%2F&environment_name=prod&CookieTest=1

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
documentscert.email/godaddy/ 98 KB
23 KB 16111ms
15735ms Document
text/html 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache / PHP/7.2.25
Resource Hash: cad25a56214f7c5e2257ddde5d753a8bf670602c380f4aac96069b91d9ffeefa

Request headers

:method: GET
:authority: documentscert.email
:scheme: https
:path: /godaddy/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Thu, 05 Dec 2019 09:54:27 GMT
server: Apache
x-powered-by: PHP/7.2.25
vary: Accept-Encoding
content-encoding: gzip
content-length: 22873
content-type: text/html; charset=UTF-8

GET
H2 200 uxfont.woff2
img1.wsimg.com/ux/fonts/uxfont/1.4/ 13 KB
13 KB 100ms
46ms Font
application/font-woff2 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/ux/fonts/uxfont/1.4/uxfont.woff2
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2ed3bfbad14aa95968f7c0ab2e2ad07a7aeb6f090d9d3e71f7a71b715e7583ff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://documentscert.email/godaddy/
Origin: https://documentscert.email

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
last-modified: Tue, 01 May 2018 17:31:42 GMT
access-control-allow-origin: *
etag: "b6f2e44472e1d31:0"
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13212
expires: Fri, 04 Dec 2020 09:54:42 GMT

GET
H2 200 uxfont-2.woff2
img1.wsimg.com/ux/fonts/uxfont/1.4/ 28 KB
29 KB 131ms
76ms Font
application/font-woff2 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/ux/fonts/uxfont/1.4/uxfont-2.woff2
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ff2b18fa1e758d5d886fd13dba0187c707ac8c8c8cacbab8b8e80d2da6aa5782

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://documentscert.email/godaddy/
Origin: https://documentscert.email

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
last-modified: Tue, 01 May 2018 17:31:42 GMT
access-control-allow-origin: *
etag: "54c3ca4472e1d31:0"
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 29092
expires: Fri, 04 Dec 2020 09:54:42 GMT

GET
H2 200 Boing-Bold.woff2
img1.wsimg.com/ux/fonts/boing/1.0/ 28 KB
28 KB 82ms
27ms Font
application/font-woff2 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/ux/fonts/boing/1.0/Boing-Bold.woff2
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 49f6c1034e3661e29c5de12d1c97e489565c7d55fec513c2668a57329367e082

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://documentscert.email/godaddy/
Origin: https://documentscert.email

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
last-modified: Fri, 29 Jul 2016 18:49:38 GMT
access-control-allow-origin: *
etag: "ea5a8f5c9e9d11:0"
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 28220
expires: Fri, 04 Dec 2020 09:54:42 GMT

GET
H2 200 gdsherpa-bold.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ 25 KB
25 KB 123ms
69ms Font
application/font-woff2 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/ux/fonts/sherpa/1.0/gdsherpa-bold.woff2
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a976c28db56ea7a1e01ccb2b67f9ad923a0cfae8e0be17d0037b29ebb0e6c270

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://documentscert.email/godaddy/
Origin: https://documentscert.email

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
last-modified: Thu, 21 Dec 2017 23:08:05 GMT
access-control-allow-origin: *
etag: "2a87a78eb07ad31:0"
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 25832
expires: Fri, 04 Dec 2020 09:54:42 GMT

GET
H2 200 gdsherpa-regular.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ 26 KB
26 KB 115ms
61ms Font
application/font-woff2 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/ux/fonts/sherpa/1.0/gdsherpa-regular.woff2
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e729cb03aae3843f08d49b187de566cce586da0b384787cc304dbe43a713b70

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://documentscert.email/godaddy/
Origin: https://documentscert.email

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
last-modified: Thu, 21 Dec 2017 23:08:07 GMT
access-control-allow-origin: *
etag: "ec1d1690b07ad31:0"
content-type: application/font-woff2
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 26620
expires: Fri, 04 Dec 2020 09:54:42 GMT

GET
H2 200 uxcore2.css
documentscert.email/godaddy/index_files/ 245 KB
37 KB 700ms
699ms Stylesheet
text/css 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/uxcore2.css
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: 2c65342c70d6d4776f938b7c77b7c23bef48ca040a277714912a0701b6dc8849

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 38019

GET
H2 200 utilityheader.css
documentscert.email/godaddy/index_files/ 30 KB
8 KB 360ms
359ms Stylesheet
text/css 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/utilityheader.css
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: 3a4f81bed00fdc8805daa141c63e028afcf1cd7976d7cb770aeaa80bae1a7e07

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 7696

GET
H2 200 tcc.js Show response
documentscert.email/godaddy/index_files/ 89 KB
24 KB 361ms
360ms Script
application/javascript 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/tcc.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: ee9581e902a1c713fb058cce745cad969c58e0e738bb8137952f694ebb875af2

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 24062

GET
H2 200 polyfill.js Show response
documentscert.email/godaddy/index_files/ 1 KB
686 B 205ms
204ms Script
application/javascript 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/polyfill.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: e3202572b8f9401cb142f5a5390d46c555972877b2b5efb6125b0cd60f7e0524

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 516

GET
H2 200 vendor.js Show response
documentscert.email/godaddy/index_files/ 208 KB
57 KB 1250ms
1250ms Script
application/javascript 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/vendor.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: 5b148777bbfc5e30eec3d576f97e98987959597cf51f86ac4ed641a0bf0e042b

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

GET
H2 200 uxcore2.js Show response
documentscert.email/godaddy/index_files/ 234 KB
59 KB 1268ms
1267ms Script
application/javascript 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/uxcore2.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: 141bc659999926e2ab965ab65b08b14de5f719919ab1bd66ff8331a7c4c5b6e5

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

GET
H2 200 utilityheader.js Show response
documentscert.email/godaddy/index_files/ 164 KB
40 KB 507ms
507ms Script
application/javascript 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/utilityheader.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: ea220ee7bf407833a92b004c75f284f7313f8bff65a52128adf0ea8981421def

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 40543

GET
H2 200 login-panel.js Show response
documentscert.email/godaddy/index_files/ 446 KB
155 KB 810ms
810ms Script
application/javascript 198.54.125.171
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://documentscert.email/godaddy/index_files/login-panel.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.54.125.171 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server261-3.web-hosting.com
Software: Apache /
Resource Hash: 692251be1f314fd8c913af0772d47c5882189aed7300f8bb40cc73a7f9af9768

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 09:54:42 GMT
content-encoding: gzip
last-modified: Sun, 10 Mar 2019 22:33:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

GET
H/1.1

200
OK

image.aspx
events.secureserver.net/
Redirect Chain

https://events.secureserver.net/image.aspx?timestamp=1575539683692&corrid=540741468&event_type=page.request&page=%2Fgodaddy&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id...
https://events.secureserver.net/image.aspx?timestamp=1575539683692&corrid=540741468&event_type=page.request&page=%2Fgodaddy&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id...

43 B
1 KB

137ms
137ms

Image
image/gif

23.45.104.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.secureserver.net/image.aspx?timestamp=1575539683692&corrid=540741468&event_type=page.request&page=%2Fgodaddy&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id=412c59a3-ccff-5bb0-9556-30976ef75b1c&referrer=&vs=visible&rand=418347501&sitename=documentscert.email&visitor_guid=d05d268b-4500-533f-a5f8-75c69016cd38&page_url=https%3A%2F%2Fdocumentscert.email%2Fgodaddy%2F&environment_name=prod&CookieTest=1

Requested by

Host: documentscert.email
URL: https://documentscert.email/godaddy/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.104.222 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-104-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 05 Dec 2019 09:54:44 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://documentscert.email, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 05 Dec 2019 09:54:43 GMT
X-Frame-Options: DENY
Location: https://events.secureserver.net/image.aspx?timestamp=1575539683692&corrid=540741468&event_type=page.request&page=%2Fgodaddy&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id=412c59a3-ccff-5bb0-9556-30976ef75b1c&referrer=&vs=visible&rand=418347501&sitename=documentscert.email&visitor_guid=d05d268b-4500-533f-a5f8-75c69016cd38&page_url=https%3A%2F%2Fdocumentscert.email%2Fgodaddy%2F&environment_name=prod&CookieTest=1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
text/plain

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 316798ddb9d835066f727ac3af8969a5ca00adfe3b0042c0d8076bc5ab05567e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 tcc.min.js Show response
img1.wsimg.com/wrhs-assets/ea64b4085c7bfad76b1465c699d51475/ 89 KB
24 KB 1100ms
1046ms Script
application/javascript 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wrhs-assets/ea64b4085c7bfad76b1465c699d51475/tcc.min.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee9581e902a1c713fb058cce745cad969c58e0e738bb8137952f694ebb875af2

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: rlk_Yp1C4YZd_HbFrJzOwT0BX1Z.5ulX
content-encoding: gzip
x-amz-request-id: D3A97BFC4BCDE7DF
status: 200
date: Thu, 05 Dec 2019 09:54:45 GMT
x-amz-replication-status: COMPLETED
content-length: 24062
x-amz-id-2: ZqQWImupbT4BCzOoMBaFNm6k/E0Zi4r7DBRaAT0X/vVpNRjf9p0P6VS/07Fbt3AQqP83WPvp46E=
last-modified: Tue, 05 Mar 2019 01:39:43 GMT
etag: "ea64b4085c7bfad76b1465c699d51475"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Dec 2020 09:54:45 GMT

GET
H2 200 polyfill.min.js Show response
img1.wsimg.com/poly/v2/ 222 B
656 B 117ms
63ms Script
text/javascript 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img1.wsimg.com/poly/v2/polyfill.min.js?features=Promise,Promise.prototype.finally,Intl.~locale.en-US&rum=0&unknown=polyfill&flags=gated

Requested by

Host: documentscert.email
URL: https://documentscert.email/godaddy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-20-21-198.deploy.static.akamaitechnologies.com

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
normalized-user-agent: chrome/74.0.0
detected-user-agent: Chrome/74.0.3729
status: 200
date: Thu, 05 Dec 2019 09:54:44 GMT
request_came_from_shield: HHN
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, MISS-CLUSTER, fastly;desc="Edge time";dur=12
content-length: 166
referrer-policy: origin-when-cross-origin
etag: W/"a6-G8q6owJMQtqw2+FJAsGwQ0ZV1A8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2019 09:54:44 GMT

GET
H2 200 vendor.min.js Show response
img1.wsimg.com/wrhs-assets/07ff49f73fd6ce4ee12a346569fbf92e/ 208 KB
58 KB 1269ms
1215ms Script
application/javascript 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wrhs-assets/07ff49f73fd6ce4ee12a346569fbf92e/vendor.min.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5b148777bbfc5e30eec3d576f97e98987959597cf51f86ac4ed641a0bf0e042b

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: lUeAxKYqhKdNm7ZZmvmSXg4b42SkPREl
content-encoding: gzip
x-amz-request-id: 51A0D4621D00BD85
status: 200
date: Thu, 05 Dec 2019 09:54:45 GMT
x-amz-replication-status: COMPLETED
x-amz-id-2: nkQSxjyMJVv0AlmuKpJ2BVvqQznTn1fWC/UkJt3n44LfAu+JNN7oz2ovv1YoKlvNX64rBt3F8Ws=
last-modified: Mon, 18 Feb 2019 21:19:10 GMT
etag: "07ff49f73fd6ce4ee12a346569fbf92e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Dec 2020 09:54:45 GMT

GET
H2 200 uxcore2.min.js Show response
img1.wsimg.com/wrhs-assets/60ba5f2afb5a6295fc83da1faa5da920/ 234 KB
59 KB 1286ms
1233ms Script
application/javascript 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wrhs-assets/60ba5f2afb5a6295fc83da1faa5da920/uxcore2.min.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 141bc659999926e2ab965ab65b08b14de5f719919ab1bd66ff8331a7c4c5b6e5

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 284yYHAp6Z8NZ6pnVgV4Lt4oNceTGPQw
content-encoding: gzip
x-amz-request-id: EE212A8DD1AB2C90
status: 200
date: Thu, 05 Dec 2019 09:54:45 GMT
x-amz-replication-status: COMPLETED
x-amz-id-2: 3OqOpy7Ym9ZiAHV7+GqBvkmy860px2AuNTdVQb3r1hzM08ofqYP6mQRxpI3j7DX5vcfOLF1FPDc=
last-modified: Tue, 05 Mar 2019 17:19:45 GMT
etag: "60ba5f2afb5a6295fc83da1faa5da920"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Dec 2020 09:54:45 GMT

GET
H2 200 utilityheader.min.js Show response
img1.wsimg.com/wrhs-assets/a441444ab751a5b4195d874cc29acbe1/ 164 KB
40 KB 1236ms
1182ms Script
application/javascript 2.20.21.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wrhs-assets/a441444ab751a5b4195d874cc29acbe1/utilityheader.min.js
Requested by: Host: documentscert.email
URL: https://documentscert.email/godaddy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.21.198 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-21-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea220ee7bf407833a92b004c75f284f7313f8bff65a52128adf0ea8981421def

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: xpsKaWniTlXkrO.aa9.hK6Awo2kz.5Qs
content-encoding: gzip
x-amz-request-id: 7EF505A1F4E53B94
status: 200
date: Thu, 05 Dec 2019 09:54:45 GMT
x-amz-replication-status: COMPLETED
content-length: 40545
x-amz-id-2: CEXs03gJFl3poO8mxv7KBSCwAwPDTeMH3GRAKy/uhAhhMqzIu1tU26c67QkxppX/zxXycurVLLA=
last-modified: Tue, 15 Jan 2019 17:23:28 GMT
etag: "a441444ab751a5b4195d874cc29acbe1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Dec 2020 09:54:45 GMT

GET
H/1.1 200
OK b.aspx
events.secureserver.net/ 43 B
640 B 132ms
131ms Image
image/gif 23.45.104.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.secureserver.net/b.aspx?timestamp=1575539684448&corrid=540741468&event_type=page.log&eventdate=2019-12-05T09%3A54%3A44.448Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1575539667123&connectStart=1575539666788&domComplete=1575539684337&domContentLoadedEventEnd=1575539684337&domContentLoadedEventStart=1575539684337&domInteractive=1575539684337&domLoading=1575539682860&domainLookupEnd=1575539666788&domainLookupStart=1575539666748&fetchStart=1575539666747&navigationStart=1575539666747&requestStart=1575539667123&responseEnd=1575539682862&responseStart=1575539682858&loadEventStart=1575539684337&loadEventEnd=1575539684339&fp=17602&fcp=17602&referrer=&vs=visible&rand=823026051&sitename=documentscert.email&page=%2Fgodaddy&visitor_guid=0cf7799a-ab5e-5c06-bd80-26a2091e7ebc&page_url=https%3A%2F%2Fdocumentscert.email%2Fgodaddy%2F&environment_name=prod

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.104.222 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-104-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 05 Dec 2019 09:54:44 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://documentscert.email, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pageEvents.aspx
events.secureserver.net/ 43 B
640 B 127ms
126ms Image
image/gif 23.45.104.222
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.secureserver.net/pageEvents.aspx?timestamp=1575539685681&corrid=540741468&event_type=page.event&eventdate=2019-12-05T09%3A54%3A45.681Z&eventtype=impression&type=&eventid=&eventclass=&absolutex=0&absolutey=0&relativex=0&relativey=0&e_id=uxp.hyd.int.utilityheader.sso.impression&usrin=market%2Cen-US%5Esplit%2C%5Euxcore%2C2%5Ecurrency%2CUSD%5Ehostname%2Cdocumentscert.email%5Epath%2Cundefined%5Equery%2C%5Bobject%20Object%5D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&hit_id=cedfd3d9-14de-5e36-8757-f10267cf57ae&referrer=&vs=visible&rand=874460526&sitename=documentscert.email&page=%2Fgodaddy&visitor_guid=f934ba9f-156f-5b40-adcd-23e35b700e66&page_url=https%3A%2F%2Fdocumentscert.email%2Fgodaddy%2F&environment_name=prod

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.104.222 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-104-222.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://documentscert.email/godaddy/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 05 Dec 2019 09:54:45 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://documentscert.email, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GoDaddy (Online)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

documentscert.email
events.secureserver.net
img1.wsimg.com
198.54.125.171
2.20.21.198
23.45.104.222
141bc659999926e2ab965ab65b08b14de5f719919ab1bd66ff8331a7c4c5b6e5
2c65342c70d6d4776f938b7c77b7c23bef48ca040a277714912a0701b6dc8849
2ed3bfbad14aa95968f7c0ab2e2ad07a7aeb6f090d9d3e71f7a71b715e7583ff
316798ddb9d835066f727ac3af8969a5ca00adfe3b0042c0d8076bc5ab05567e
3a4f81bed00fdc8805daa141c63e028afcf1cd7976d7cb770aeaa80bae1a7e07
49f6c1034e3661e29c5de12d1c97e489565c7d55fec513c2668a57329367e082
4e729cb03aae3843f08d49b187de566cce586da0b384787cc304dbe43a713b70
5b148777bbfc5e30eec3d576f97e98987959597cf51f86ac4ed641a0bf0e042b
692251be1f314fd8c913af0772d47c5882189aed7300f8bb40cc73a7f9af9768
a976c28db56ea7a1e01ccb2b67f9ad923a0cfae8e0be17d0037b29ebb0e6c270
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cad25a56214f7c5e2257ddde5d753a8bf670602c380f4aac96069b91d9ffeefa
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
e3202572b8f9401cb142f5a5390d46c555972877b2b5efb6125b0cd60f7e0524
ea220ee7bf407833a92b004c75f284f7313f8bff65a52128adf0ea8981421def
ee9581e902a1c713fb058cce745cad969c58e0e738bb8137952f694ebb875af2
ff2b18fa1e758d5d886fd13dba0187c707ac8c8c8cacbab8b8e80d2da6aa5782

documentscert.email Open in urlscan Pro 198.54.125.171 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

708 kBTransfer

2332 kBSize

0 Cookies

2 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

30 JavaScript Global Variables

0 Cookies

Indicators

documentscert.email Open in urlscan Pro
198.54.125.171 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

708 kB
Transfer

2332 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!