kundecenter-dandomain.is-by.us Open in urlscan Pro
166.88.19.142  Malicious Activity! Public Scan

Submitted URL: https://yethayah.mybigcommerce.com/w/
Effective URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Submission: On December 17 via manual from DK

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 166.88.19.142, located in San Jose, United States and belongs to EGIHOSTING, US. The main domain is kundecenter-dandomain.is-by.us.
TLS certificate: Issued by R3 on December 14th 2020. Valid for: 3 months.
This is the only time kundecenter-dandomain.is-by.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DanDomain (Online)

Domain & IP information

IP Address AS Autonomous System
2 35.241.47.235 15169 (GOOGLE)
3 12 166.88.19.142 18779 (EGIHOSTING)
3 2a00:1450:400... 15169 (GOOGLE)
14 3
Apex Domain
Subdomains
Transfer
12 is-by.us
kundecenter-dandomain.is-by.us
606 KB
3 gstatic.com
fonts.gstatic.com
39 KB
2 mybigcommerce.com
yethayah.mybigcommerce.com
2 KB
14 3
Domain Requested by
12 kundecenter-dandomain.is-by.us 3 redirects kundecenter-dandomain.is-by.us
3 fonts.gstatic.com kundecenter-dandomain.is-by.us
2 yethayah.mybigcommerce.com yethayah.mybigcommerce.com
14 3

This site contains no links.

Subject Issuer Validity Valid
*.mybigcommerce.com
DigiCert SHA2 High Assurance Server CA
2020-09-21 -
2021-10-23
a year crt.sh
kundecenter-dandomain.is-by.us
R3
2020-12-14 -
2021-03-14
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 2 frames:

Primary Page: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Frame ID: 05A6454B69F10DBD1ACB6C852BD54971
Requests: 11 HTTP requests in this frame

Frame: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/saved_resource.html
Frame ID: 1CF63618CAD4DED80E7868FD6F16C0B6
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://yethayah.mybigcommerce.com/w/ Page URL
  2. https://kundecenter-dandomain.is-by.us/a HTTP 301
    https://kundecenter-dandomain.is-by.us/a/ HTTP 302
    https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf HTTP 301
    https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /mybigcommerce\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

646 kB
Transfer

643 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yethayah.mybigcommerce.com/w/ Page URL
  2. https://kundecenter-dandomain.is-by.us/a HTTP 301
    https://kundecenter-dandomain.is-by.us/a/ HTTP 302
    https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf HTTP 301
    https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
yethayah.mybigcommerce.com/w/
687 B
1 KB
Document
General
Full URL
https://yethayah.mybigcommerce.com/w/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.241.47.235 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
235.47.241.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
685fa7d387647d2278f9b8b3663a7f2dbe93185c479ee60e5641fbea25e19a82

Request headers

:method
GET
:authority
yethayah.mybigcommerce.com
:scheme
https
:path
/w/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
openresty
date
Thu, 17 Dec 2020 10:24:28 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
content-encoding
gzip
x-request-id
7748bd20f27a25ca1f8aa3ddbec732b4
set-cookie
Shopper-Pref=2DDF86B18C03872C447AD398F0558F1C7D5B3309-1608805468877-x%7B%22cur%22%3A%22KRW%22%7D; Expires=Thu, 24 Dec 2020 10:24:28 GMT; Path=/; HttpOnly SHOP_SESSION_TOKEN=kv1me0h8cpr0gg7osupam1lg7s; expires=Thu, 24-Dec-2020 10:24:28 GMT; path=/; Secure; HttpOnly; SameSite=none fornax_anonymousId=f5448399-3277-4256-89de-73331d43f11f; expires=Sat, 17-Dec-2022 10:24:28 GMT; path=/; Secure; SameSite=none XSRF-TOKEN=d592345c918d8e03d1fb3ee17b7f764da1c336adebb4fad6cbd7909179560a14; path=/; Secure; SameSite=none
trigger-visit-event
yethayah.mybigcommerce.com/events/
0
455 B
XHR
General
Full URL
https://yethayah.mybigcommerce.com/events/trigger-visit-event
Requested by
Host: yethayah.mybigcommerce.com
URL: https://yethayah.mybigcommerce.com/w/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.241.47.235 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
235.47.241.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://yethayah.mybigcommerce.com/w/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 17 Dec 2020 10:24:29 GMT
content-encoding
gzip
server
openresty
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-request-id
e7a8599e6061cdc751c25089ad4e0f6d
expires
Thu, 19 Nov 1981 08:52:00 GMT
Primary Request /
kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Redirect Chain
  • https://kundecenter-dandomain.is-by.us/a
  • https://kundecenter-dandomain.is-by.us/a/
  • https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf
  • https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
7 KB
7 KB
Document
General
Full URL
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PHP/7.4.13 PleskLin
Resource Hash
3cafd441b548e40bc2de7d3ad79e6e0450a1700c65f98b92399266f0c59188af

Request headers

:method
GET
:authority
kundecenter-dandomain.is-by.us
:scheme
https
:path
/a/0920dedb5ffa37fee400f34b29341bbf/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://yethayah.mybigcommerce.com/w/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://yethayah.mybigcommerce.com/w/

Response headers

server
nginx
date
Thu, 17 Dec 2020 10:24:30 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.13 PleskLin

Redirect headers

server
nginx
date
Thu, 17 Dec 2020 10:24:30 GMT
content-type
text/html; charset=iso-8859-1
content-length
282
location
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
x-powered-by
PleskLin
loginCssBundleDandomain.css
kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/
207 KB
208 KB
Stylesheet
General
Full URL
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8b31ea58f03894d697a0dfaf7c909bec5aa214066add79f0ac131255f3cce9ec

Request headers

Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:30 GMT
last-modified
Thu, 17 Dec 2020 10:24:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fdb31de-33cb5"
content-type
text/css
accept-ranges
bytes
content-length
212149
css.css
kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/
9 KB
9 KB
Stylesheet
General
Full URL
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2fc0ec9f081d890f2810adbc1eef34392448fd833294fc314b58771761b5c156

Request headers

Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:30 GMT
last-modified
Thu, 17 Dec 2020 10:24:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fdb31de-22fc"
content-type
text/css
accept-ranges
bytes
content-length
8956
saved_resource.html
kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/ Frame 1CF6
808 B
942 B
Document
General
Full URL
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/saved_resource.html
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

:method
GET
:authority
kundecenter-dandomain.is-by.us
:scheme
https
:path
/a/0920dedb5ffa37fee400f34b29341bbf/src/saved_resource.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/

Response headers

server
nginx
date
Thu, 17 Dec 2020 10:24:30 GMT
content-type
text/html
content-length
808
last-modified
Mon, 14 Dec 2020 13:06:10 GMT
etag
"328-5b66c4e58033c"
accept-ranges
bytes
styles.css
kundecenter-dandomain.is-by.us/error_docs/ Frame 1CF6
3 KB
3 KB
Stylesheet
General
Full URL
https://kundecenter-dandomain.is-by.us/error_docs/styles.css
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/saved_resource.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
21caff9a36c2bc2c373c02d54cd9eb81c038aa16ec5f8a9f508fed87dfa1d59b

Request headers

Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/saved_resource.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:31 GMT
last-modified
Mon, 14 Dec 2020 13:06:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"a9e-5b66c4e581aac"
content-type
text/css
accept-ranges
bytes
content-length
2718
dandomain-background.jpg
kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/
365 KB
366 KB
Image
General
Full URL
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/dandomain-background.jpg
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3c0502da78c1a0829b714598dbdeca7c9320a80c45e91ec8d269cbf0895e2b62

Request headers

Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:31 GMT
last-modified
Thu, 17 Dec 2020 10:24:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fdb31de-5b564"
content-type
image/jpeg
accept-ranges
bytes
content-length
374116
dandomain-logo.svg
kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/
4 KB
4 KB
Image
General
Full URL
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/dandomain-logo.svg
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
cc500b9e655b466ff86fee996ca368802b65b4035aa554d2e70eed6fc4013add

Request headers

Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:31 GMT
last-modified
Thu, 17 Dec 2020 10:24:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fdb31de-10a8"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4264
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://kundecenter-dandomain.is-by.us
Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 18:42:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:08 GMT
server
sffe
age
56527
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13224
x-xss-protection
0
expires
Thu, 16 Dec 2021 18:42:24 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://kundecenter-dandomain.is-by.us
Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 01:14:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:16 GMT
server
sffe
age
378618
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13108
x-xss-protection
0
expires
Mon, 13 Dec 2021 01:14:13 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://kundecenter-dandomain.is-by.us
Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 01:29:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:14 GMT
server
sffe
age
204885
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Wed, 15 Dec 2021 01:29:46 GMT
dandomain-logo-white.svg
kundecenter-dandomain.is-by.us/
808 B
808 B
Image
General
Full URL
https://kundecenter-dandomain.is-by.us/dandomain-logo-white.svg
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Referer
https://kundecenter-dandomain.is-by.us/a/0920dedb5ffa37fee400f34b29341bbf/src/loginCssBundleDandomain.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:31 GMT
last-modified
Mon, 14 Dec 2020 13:06:10 GMT
server
nginx
accept-ranges
bytes
etag
"328-5b66c4e58033c"
content-length
808
content-type
text/html
server.svg
kundecenter-dandomain.is-by.us/error_docs/ Frame 1CF6
7 KB
7 KB
Image
General
Full URL
https://kundecenter-dandomain.is-by.us/error_docs/server.svg
Requested by
Host: kundecenter-dandomain.is-by.us
URL: https://kundecenter-dandomain.is-by.us/error_docs/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
166.88.19.142 San Jose, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f74b80306280ccf2ddc635eb09f5f36070ee5769365b0a7a53ca3747602eebcb

Request headers

Referer
https://kundecenter-dandomain.is-by.us/error_docs/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 10:24:31 GMT
last-modified
Mon, 14 Dec 2020 13:06:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"1cf8-5b66c4e57d45c"
content-type
image/svg+xml
accept-ranges
bytes
content-length
7416

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DanDomain (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies