daddy-account.site Open in urlscan Pro
2606:4700:3035::6815:3d28 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://daddy-account.site/
Effective URL:
https://daddy-account.site/
Submission: On March 21 via api (March 21st 2021, 7:07:06 am UTC) from US

Summary HTTP 23 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3035::6815:3d28, located in United States and belongs to CLOUDFLARENET, US. The main domain is daddy-account.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 17th 2021. Valid for: a year.

This is the only time daddy-account.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GoDaddy (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3035::6815:3d28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 16	2.17.185.233 2.17.185.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2a02:26f0:710... 2a02:26f0:7100:186::1771	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.108.69.220 104.108.69.220	16625 (AKAMAI-AS) (AKAMAI-AS)
23	4

3 2606:4700:3035::6815:3d28 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

daddy-account.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.17.185.233 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-185-233.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:7100:186::1771 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.69.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-69-220.deploy.static.akamaitechnologies.com

sso.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	wsimg.com 2 redirects img1.wsimg.com img6.wsimg.com	36 KB
9	godaddy.com 2 redirects www.godaddy.com de.godaddy.com sso.godaddy.com	42 KB
3	daddy-account.site 1 redirects daddy-account.site	46 KB
23	3

	Domain	Requested by
14	img6.wsimg.com	daddy-account.site
5	sso.godaddy.com	daddy-account.site sso.godaddy.com
3	daddy-account.site	1 redirects daddy-account.site
2	de.godaddy.com	daddy-account.site
2	www.godaddy.com	2 redirects
2	img1.wsimg.com	2 redirects
23	6

This site contains links to these domains. Also see Links.

Domain
ru.godaddy.com
sso.godaddy.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.godaddy.com Go Daddy Secure Certificate Authority - G2	`2021-01-15` - `2022-02-16`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2020-09-22` - `2021-10-24`	a year	crt.sh
sso.godaddy.com Go Daddy Secure Certificate Authority - G2	`2020-11-30` - `2022-01-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://daddy-account.site/
Frame ID: B4C2F293353008D341F1DCEDFEF9A637
Requests: 18 HTTP requests in this frame

Frame: https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
Frame ID: 2CC6A1B45E663B911EA357D9FD61CE4A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://daddy-account.site/ HTTP 301
https://daddy-account.site/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

6
Subdomains

4
IPs

2
Countries

122 kB
Transfer

498 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ru.godaddy.com/?app=email&realm=pass
Title: GoDaddyGoDaddy

Search URL Search Domain Scan URL

URL: https://ru.godaddy.com/contact-us
Title: Телефоны и время работы

Search URL Search Domain Scan URL

URL: https://ru.godaddy.com/help
Title: Получить помощь

Search URL Search Domain Scan URL

URL: https://sso.godaddy.com/v1/account/reset?app=email&realm=pass
Title: password

Search URL Search Domain Scan URL

URL: https://ru.godaddy.com/legal/agreements/privacy-policy?target=_blank
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://daddy-account.site/ HTTP 301
https://daddy-account.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://img1.wsimg.com/auth/v1/static/3523/js/src/trackjs HTTP 302
https://www.godaddy.com/godaddy-404 HTTP 302
https://de.godaddy.com/godaddy-404

Request Chain 12

https://img1.wsimg.com/auth/v1/static/3523/react/bundles/login-panel HTTP 302
https://www.godaddy.com/godaddy-404 HTTP 302
https://de.godaddy.com/godaddy-404

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response daddy-account.site/ Redirect Chain http://daddy-account.site/ https://daddy-account.site/	194 KB 45 KB	194ms 179ms	Document text/html	2606:4700:3035::6815:3d28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:3d28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f63407af6b52dddd28ed93c3732744353893af892235c466578345b0e36487a9` Request headers :method GET :authority daddy-account.site :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 07:06:45 GMT content-type text/html set-cookie __cfduid=d1c7e476fb3105abc241c89788bfa6a701616310405; expires=Tue, 20-Apr-21 07:06:45 GMT; path=/; domain=.daddy-account.site; HttpOnly; SameSite=Lax; Secure last-modified Wed, 17 Mar 2021 23:47:45 GMT vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 08f5349fd800004e970d8bb000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rz07rJoNWTlu7SGKJ8Fhw2CsgXJ9HnZjkYc1xvrRRw3v%2FVBurogovWQPiKsryoCDF3Q%2FspxM%2BxzWr1UsQryhaw1GgZZ5q34tHWWVQn4X7RXy2AU2o9n8gnUZR1xwMN4%3D"}],"max_age":604800,"group":"cf-nel"} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 633556dfcd584e97-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers Date Sun, 21 Mar 2021 07:06:45 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Sun, 21 Mar 2021 08:06:45 GMT Location https://daddy-account.site/ cf-request-id 08f5349fba00004a9e74aea000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0KfLPmNE7RwiM%2BnY%2FQU1vZ6kimOIhMruC9kgDuYGWhP%2Ff2z57aApo5RhPPYSimsOf9BhAUhP%2BIwFhDz7PtNkEOhjBQ6bofv06%2BEwt3Zw3V6MkrsLP3vzLl0S0nNGWGQ%3D"}],"group":"cf-nel","max_age":604800} NEL {"max_age":604800,"report_to":"cf-nel"} Vary Accept-Encoding Server cloudflare CF-RAY 633556df8f5e4a9e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	p daddy-account.site/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/	0 0	149ms 147ms	Script text/html	2606:4700:3035::6815:3d28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://daddy-account.site/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:3d28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 07:06:45 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kSfp5249twdcEf2oRRQeRAqxfDcTYDfnwexMjtn7f8c0Pm%2Fk4evXiSEx9Lqvc4HNpdG5560bMRfIewqs%2BoNJz%2FNSq1jQrXwJuaVAlKkZTdhoJciX%2FQKjQM1gjFPt6rc%3D"}],"max_age":604800,"group":"cf-nel"} content-type text/html cf-ray 633556e0eec54e97-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f534a09000004e971bb99000000001
GET H2	200	godaddy-404 Show response de.godaddy.com/ Redirect Chain https://img1.wsimg.com/auth/v1/static/3523/js/src/trackjs https://www.godaddy.com/godaddy-404 https://de.godaddy.com/godaddy-404	0 0	180ms 179ms	Script text/html	2a02:26f0:7100:186::1771 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://de.godaddy.com/godaddy-404 Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:7100:186::1771 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers location https://de.godaddy.com/godaddy-404 date Sun, 21 Mar 2021 07:06:45 GMT x-arc 2, 6 server AkamaiGHost content-length 0 x-frame-options DENY
GET H2	200	uxcore2.min.css img6.wsimg.com/wrhs/5e66b049db64898800c25748a76891bb/	181 KB 24 KB	151ms 48ms	Stylesheet text/css	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/5e66b049db64898800c25748a76891bb/uxcore2.min.css Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash `d98e27ba3c39a5caf8341eaf2ed0a1ebce894e62879477ecce97380bb0e9f3d7` Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 77, 77, 77 x-amz-version-id D_TypmmSCJl56Dvf1TJyQvoLqXWSbn4g content-encoding br etag "e8b09e437255b577eb0598aa633a9ee5" x-amz-request-id 1S9X5YY17DS8NHYM x-edgeconnect-midmile-rtt 0, 0, 2 x-amz-server-side-encryption AES256 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 24366 x-amz-id-2 34suIN/nerOVMumiCiX7fLcYNxyXHYI78w5L83if+Se5pQr9nd3MV+9MEO5YPCIXXYvvPFZaq0g= last-modified Thu, 11 Mar 2021 21:41:51 GMT date Sun, 21 Mar 2021 07:06:45 GMT vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	utilityheader.min.css img6.wsimg.com/wrhs/f69a829d7e747775d489bf72d2651b29/	63 KB 11 KB	181ms 77ms	Stylesheet text/css	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/f69a829d7e747775d489bf72d2651b29/utilityheader.min.css Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash `c0684882734dae6b9598bae0d8f9d7cee878d3275bf875369ddbab1ce51c552c` Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 744, 744 x-amz-version-id SYKLR9YnSXL0On5oVQt7mHhR_uszPFyx content-encoding br etag "518b49785971e1d06064079851211a3c" x-amz-request-id 65E0558E31DEDC4D x-edgeconnect-midmile-rtt 1, 138 x-amz-server-side-encryption AES256 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 10708 x-amz-id-2 UDTQ2dDG17h+gQ9oq2gvcFqiLE1AV0KEJkuBo6B8DB9ovp8XiE3ADUh200OHwHP3BYsL/jX1u0Q= last-modified Wed, 03 Feb 2021 22:14:37 GMT date Sun, 21 Mar 2021 07:06:45 GMT vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	404	vendors~browser-deprecation-banner.header-chunk.min img6.wsimg.com/wrhs/24c73062868bc8db0a4d8d030b83ab65/	0 0	814ms 744ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/24c73062868bc8db0a4d8d030b83ab65/vendors~browser-deprecation-banner.header-chunk.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	tti.min img6.wsimg.com/wrhs/fb1258e31ab7be158d088d86a2c990af/	0 0	703ms 702ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/fb1258e31ab7be158d088d86a2c990af/tti.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	tcc.min img6.wsimg.com/wrhs/6bfa2e44ce3e7e67d4bd5e7943f3cae1/	0 0	702ms 701ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/6bfa2e44ce3e7e67d4bd5e7943f3cae1/tcc.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	polyfill.min img6.wsimg.com/poly/v3/	0 0	230ms 167ms	Script text/html	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/poly/v3/polyfill.min?features=Promise,Promise.prototype.finally,fetch,AbortController,Intl.~locale.ru-RU&rum=0&unknown=polyfill&flags=gated Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	uxcore2.min img6.wsimg.com/wrhs/223c0bf243fe3dde6522682743f0d881/	0 0	802ms 738ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/223c0bf243fe3dde6522682743f0d881/uxcore2.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	vendor~uxcore2.min img6.wsimg.com/wrhs/c173502e75fe1f3b2f79d267c2acd2e6/	0 0	815ms 752ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/c173502e75fe1f3b2f79d267c2acd2e6/vendor~uxcore2.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	heartbeat.min img6.wsimg.com/wrhs/d6c7b1acb132140b70d61ad9ce6bc527/	0 0	704ms 704ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/d6c7b1acb132140b70d61ad9ce6bc527/heartbeat.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	utilityheader.min img6.wsimg.com/wrhs/79a3429b4caebb6ef1ec806676fdde6c/	0 0	812ms 749ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/79a3429b4caebb6ef1ec806676fdde6c/utilityheader.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	200	godaddy-404 Show response de.godaddy.com/ Redirect Chain https://img1.wsimg.com/auth/v1/static/3523/react/bundles/login-panel https://www.godaddy.com/godaddy-404 https://de.godaddy.com/godaddy-404	0 0	431ms 431ms	Script text/html	2a02:26f0:7100:186::1771 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://de.godaddy.com/godaddy-404 Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:7100:186::1771 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers location https://de.godaddy.com/godaddy-404 date Sun, 21 Mar 2021 07:06:45 GMT x-arc 2, 6 server AkamaiGHost content-length 0 x-frame-options DENY
GET H2	404	polyfill.min img6.wsimg.com/poly/v3/	0 0	43ms 43ms	Script text/html	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/poly/v3/polyfill.min?features=Promise,Promise.prototype.finally,fetch,AbortController,Intl.~locale.ru-RU&rum=0&unknown=polyfill&flags=gated Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	uxcore2.min img6.wsimg.com/wrhs/223c0bf243fe3dde6522682743f0d881/	0 0	43ms 43ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/223c0bf243fe3dde6522682743f0d881/uxcore2.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	vendor~uxcore2.min img6.wsimg.com/wrhs/c173502e75fe1f3b2f79d267c2acd2e6/	0 0	43ms 43ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/c173502e75fe1f3b2f79d267c2acd2e6/vendor~uxcore2.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H2	404	utilityheader.min img6.wsimg.com/wrhs/79a3429b4caebb6ef1ec806676fdde6c/	0 0	57ms 57ms	Script application/xml	2.17.185.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img6.wsimg.com/wrhs/79a3429b4caebb6ef1ec806676fdde6c/utilityheader.min Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-17-185-233.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://daddy-account.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *
GET H/1.1	429 Too Many Requests	Cookie set fp Show response sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 2CC6	614 B 2 KB	659ms 436ms	Document text/html	104.108.69.220 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp Requested by Host: daddy-account.site URL: https://daddy-account.site/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.69.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-69-220.deploy.static.akamaitechnologies.com Software / Resource Hash `0ae4b326f25944e420ca1dbee330ca6d2b620571c2a5d7740fcfc4c3ac7e7846` Request headers Host sso.godaddy.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://daddy-account.site/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://daddy-account.site/ Response headers Content-Type text/html; charset=utf-8 p3p CP="This site does not specify a policy in the P3P header" Content-Length 614 Expires Sun, 21 Mar 2021 07:06:47 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Sun, 21 Mar 2021 07:06:47 GMT Connection keep-alive Set-Cookie akm_lmprb=wUw%2BGrlbJifNDiOvHnZxgQ%3D%3D%3A%3AifNtFmfiCTozQjuj6%2B2C%2By9mOeDuZ2NmrsJGzz9y7ISSS9OvFvZPAOGh1aW77YHUH0XKV%2BtAIlJn13lq%2BabkK6hvZsk4S3oX90pleIWNRaGEkLC%2FonV22GkVSeJvwWNpdE%2FZwxSLRPCOIGebhFu3rcouZ9dEPGqYKE1beJdwp7%2FZNUOZZ0da8FNKTxySY%2BsahWRvWHeenWVttRT4TqRbhhFq%2Bl1YO7B7fYwr%2F7PsTQfi%2BAnpWEPAh%2ByiiCigjENmTEN4%2FDYwzEceW9pL8wRItSpafyk9lmCmmCGR87CF3Hh9bKY%2FSH3BUF%2F2tkYJF2UJqFEsYQ68yRJFf9mCzqYNrm8japB3RmXT7kPtFiAO4rY6I8JG8i1K35UmLDClQt4zSds8gxIr0jw6PyAqO59E9Bdf%2Bn4jiWxF2gub9QUsEwIc3jO0lAOm2iXGO1Cp11bvJIDwvYg6J3ae7CjXGDkFAwuVIiDuWVODytUbObU302UnPkzc0WMGTuFhmi4oNoO1EKgFHG9wOhcLgHwHwcWLpF1o8nQ1DkMJqPSuRmlePvo%3D; Path=/; Expires=Mon, 22 Mar 2021 07:05:46 GMT; HttpOnly
GET H/1.1	200 OK	j.js Show response sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 2CC6	0 203 B	421ms 421ms	Script text/plain	104.108.69.220 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/j.js Requested by Host: sso.godaddy.com URL: https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.69.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-69-220.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 21 Mar 2021 07:06:47 GMT Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Expires Sun, 21 Mar 2021 07:06:47 GMT
GET H/1.1	200 OK	f.js Show response sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 2CC6	33 KB 10 KB	486ms 388ms	Script application/javascript	104.108.69.220 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/f.js Requested by Host: sso.godaddy.com URL: https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.69.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-69-220.deploy.static.akamaitechnologies.com Software / Resource Hash `faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7` Request headers Referer https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 21 Mar 2021 07:06:47 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 10209 Expires Sun, 21 Mar 2021 07:06:47 GMT
GET H/1.1	200 OK	kpf.js Show response sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/script/ Frame 2CC6	28 KB 29 KB	653ms 548ms	Script application/javascript	104.108.69.220 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/script/kpf.js?url=/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint&token=fcb39669-73dc-5b1e-26fa-5d3a0a683d48 Requested by Host: sso.godaddy.com URL: https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.69.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-69-220.deploy.static.akamaitechnologies.com Software / Resource Hash `5985b8181a9ef8c58233ebe4b591ab6fa4ad70f55a77d75e1961c5bf4c066c1d` Request headers Referer https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 21 Mar 2021 07:06:47 GMT Cache-Control max-age=0, no-cache, no-store Expires Sun, 21 Mar 2021 07:06:47 GMT Connection keep-alive Content-Length 28230 Content-Type application/javascript; charset=utf-8
POST H/1.1	404 Not Found	fingerprint Show response sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 2CC6	0 1 KB	395ms 395ms	XHR text/plain	104.108.69.220 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint Requested by Host: sso.godaddy.com URL: https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint/script/kpf.js?url=/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fingerprint&token=fcb39669-73dc-5b1e-26fa-5d3a0a683d48 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.69.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-69-220.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://sso.godaddy.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Pragma no-cache Date Sun, 21 Mar 2021 07:06:48 GMT p3p CP="This site does not specify a policy in the P3P header" Cache-Control max-age=0, no-cache, no-store Connection close Content-Type text/plain; charset=utf-8 Content-Length 0 Expires Sun, 21 Mar 2021 07:06:48 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GoDaddy (Online)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

daddy-account.site
de.godaddy.com
img1.wsimg.com
img6.wsimg.com
sso.godaddy.com
www.godaddy.com
104.108.69.220
2.17.185.233
2606:4700:3035::6815:3d28
2a02:26f0:7100:186::1771
0ae4b326f25944e420ca1dbee330ca6d2b620571c2a5d7740fcfc4c3ac7e7846
5985b8181a9ef8c58233ebe4b591ab6fa4ad70f55a77d75e1961c5bf4c066c1d
c0684882734dae6b9598bae0d8f9d7cee878d3275bf875369ddbab1ce51c552c
d98e27ba3c39a5caf8341eaf2ed0a1ebce894e62879477ecce97380bb0e9f3d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f63407af6b52dddd28ed93c3732744353893af892235c466578345b0e36487a9
faf063f091dd745b82f9aeb12544a10ef3ee5989078c1a90d377d863fff884c7

daddy-account.site Open in urlscan Pro 2606:4700:3035::6815:3d28 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

50 %IPv6

3 Domains

6 Subdomains

4 IPs

2 Countries

122 kBTransfer

498 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

0 Cookies

Indicators

daddy-account.site Open in urlscan Pro
2606:4700:3035::6815:3d28 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

6
Subdomains

4
IPs

2
Countries

122 kB
Transfer

498 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!