load-c.club
Open in
urlscan Pro
198.54.120.190
Malicious Activity!
Public Scan
Submission: On December 30 via api from US
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 30th 2020. Valid for: 3 months.
This is the only time load-c.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DocuSign (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 198.54.120.190 198.54.120.190 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 185.81.101.38 185.81.101.38 | 62856 (DOCUS-6-PROD) (DOCUS-6-PROD) | |
15 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business85-4.web-hosting.com
load-c.club |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
load-c.club
load-c.club |
424 KB |
1 |
docusign.com
account.docusign.com |
4 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
14 | load-c.club |
load-c.club
|
1 | account.docusign.com |
load-c.club
|
15 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.docusign.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
load-c.club ZeroSSL RSA Domain Secure Site CA |
2020-12-30 - 2021-03-30 |
3 months | crt.sh |
account.docusign.com DigiCert SHA2 Extended Validation Server CA |
2020-01-09 - 2022-03-26 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://load-c.club/ultimate/
Frame ID: 235FF85318BA78D5AC50D02465B02A04
Requests: 15 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Intellectual Property
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
load-c.club/ultimate/ |
26 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
load-c.club/ultimate/signinfiles/ |
236 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
docusign_logo_small.png
account.docusign.com/LoginAppNext/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_auth_providers.png
load-c.club/ultimate/signinfiles/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corenext
load-c.club/ultimate/signinfiles/ |
235 KB 236 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
templates
load-c.club/ultimate/signinfiles/ |
63 KB 63 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app(1)
load-c.club/ultimate/signinfiles/ |
75 KB 75 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeueW01-55Roma.woff
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maven_pro_bold.woff
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
olive-icons.woff
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeueW01-55Roma.ttf
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maven_pro_bold.ttf
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
olive-icons.ttf
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeueW01-75Bold.woff
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeueW01-75Bold.ttf
load-c.club/ultimate/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DocuSign (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.docusign.com
load-c.club
185.81.101.38
198.54.120.190
663d4369ed5b27d6a63b19b060dda920dc91519f6c409503805eef73c47a6387
87e037eb1e78b9990a357338e7fa75b034af66be60eebc5c1c89625d6a7b33cd
b00f79276e0f3bcbd44db251683eed5c7d52e574b97a35ac75afcb362ee6cdc7
c72f74c01ecd82af0a6a32acfaa05097f11a17dd975518c979cc6e4bb0fb95fe
e83f8d0b4a78d14185abfca96ee2fbaf18e396a047f725d944ff27a845787279
eeb878cd7d3076fb96ace30d9f7d8d380e8818e71e863fc4317b800f6d87d6d4
fc38767c5270e458fa2433d18b22354752e1d7173d7f0a21e4f4b13e0aae5b33