sdgss56.mywebsites360.com Open in urlscan Pro
34.95.85.224 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sdgss56.mywebsites360.com/
Effective URL:
https://sdgss56.mywebsites360.com/
Submission: On July 10 via automatic, source openphish (July 10th 2021, 1:34:09 pm UTC)

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 34.95.85.224, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is sdgss56.mywebsites360.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on January 25th 2021. Valid for: a year.

This is the only time sdgss56.mywebsites360.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 8	34.95.85.224 34.95.85.224	15169 (GOOGLE) (GOOGLE)
1 3	198.54.125.151 198.54.125.151	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	8

8 34.95.85.224 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 224.85.95.34.bc.googleusercontent.com

sdgss56.mywebsites360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.54.125.151 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium101-5.web-hosting.com

a793gkgil4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	mywebsites360.com 1 redirects sdgss56.mywebsites360.com	113 KB
3	typekit.net use.typekit.net p.typekit.net	81 KB
3	a793gkgil4.xyz 1 redirects a793gkgil4.xyz	500 KB
2	amung.us 1 redirects whos.amung.us widgets.amung.us	2 KB
1	geojs.io get.geojs.io	930 B
1	jquery.com code.jquery.com	33 KB
15	6

	Domain	Requested by
8	sdgss56.mywebsites360.com	1 redirects sdgss56.mywebsites360.com
3	a793gkgil4.xyz	1 redirects sdgss56.mywebsites360.com
2	use.typekit.net	sdgss56.mywebsites360.com
1	widgets.amung.us
1	whos.amung.us	1 redirects
1	get.geojs.io	sdgss56.mywebsites360.com
1	p.typekit.net	sdgss56.mywebsites360.com
1	code.jquery.com	sdgss56.mywebsites360.com
15	8

This site contains no links.

Subject Issuer	Validity	Valid
*.mywebsites360.com AlphaSSL CA - SHA256 - G2	`2021-01-25` - `2022-02-26`	a year	crt.sh
a793gkgil4.xyz Sectigo RSA Domain Validation Secure Server CA	`2020-10-18` - `2021-10-18`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://sdgss56.mywebsites360.com/
Frame ID: 48425C6FCC31F0A93BDB7CE4C19B444E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sdgss56.mywebsites360.com/ HTTP 301
https://sdgss56.mywebsites360.com/ Page URL

Page Statistics

15
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

749 kB
Transfer

1395 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sdgss56.mywebsites360.com/ HTTP 301
https://sdgss56.mywebsites360.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://a793gkgil4.xyz/location HTTP 301
https://a793gkgil4.xyz/location/

Request Chain 15

https://whos.amung.us/widget/teamgemelos HTTP 307
https://widgets.amung.us/classic/00/6.png

15 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sdgss56.mywebsites360.com/
Redirect Chain

http://sdgss56.mywebsites360.com/
https://sdgss56.mywebsites360.com/

35 KB
24 KB

353ms
162ms

Document
text/html

34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: 4dd1aeeaa2802498854045e23a7c1efab6b626bf9d7da3ac13b7fa7a4cd52795

Request headers

:method: GET
:authority: sdgss56.mywebsites360.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-type: text/html; charset=utf-8
set-cookie: deviceType=desktop; Path=/; Expires=Sun, 10 Jul 2022 13:33:52 GMT devicePixelRatio=1; Path=/; Expires=Sun, 10 Jul 2022 13:33:52 GMT __fp_cjq=; Max-Age=0; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure
cache-control: no-cache, must-revalidate
etag: /NTc/4Ak1EpQt6l94fkooVbYtoU
vary: Accept-Encoding
content-encoding: gzip
x-request-id: 7727e240e18311eb8eb2630cebe0586f
server: None

Redirect headers

Date: Sat, 10 Jul 2021 13:33:51 GMT
Content-Type: text/html
Content-Length: 182
Location: https://sdgss56.mywebsites360.com/
Server: None
Via: 1.1 google

GET
H2 200 base
sdgss56.mywebsites360.com/css/ 211 KB
32 KB 184ms
183ms Stylesheet
text/css 34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/css/base
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: f839d19b125f9870cf926055c3ed4659faec2aaad2118d21216554b0fd1d49d8

Request headers

:path: /css/base
pragma: no-cache
cookie: deviceType=desktop; devicePixelRatio=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sdgss56.mywebsites360.com
referer: https://sdgss56.mywebsites360.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-encoding: gzip
server: None
etag: 5+mtHg23F8giR+wdjRsH4bKr6no
vary: Accept-Encoding
content-type: text/css; charset=utf-8
set-cookie: devicePixelRatio=1; Path=/; Expires=Sun, 10 Jul 2022 13:33:52 GMT
x-request-id: 77415db0e18311eb9989692f3f679012

GET
H2 200 page
sdgss56.mywebsites360.com/css/ 42 B
260 B 154ms
153ms Stylesheet
text/css 34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/css/page?styleIds=ZTY3MjViNThlMTFhNDcwM2FiNmQxN2M4YzY4Yjg3OTMsYjA2YTk3YzljMmUxNDU2ZTljYjE0NmUyNzc5OTVjOTk=
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: 013d6f0beeb99f4a8db656629da9612d1b7f8d6034c64168d397dff5b39cfbc7

Request headers

:path: /css/page?styleIds=ZTY3MjViNThlMTFhNDcwM2FiNmQxN2M4YzY4Yjg3OTMsYjA2YTk3YzljMmUxNDU2ZTljYjE0NmUyNzc5OTVjOTk=
pragma: no-cache
cookie: deviceType=desktop; devicePixelRatio=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sdgss56.mywebsites360.com
referer: https://sdgss56.mywebsites360.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
server: None
etag: Z0Z7PEmZvKyC4mdgwsTO/1jqRN4
vary: Accept-Encoding
content-type: text/css; charset=utf-8
set-cookie: devicePixelRatio=1; Path=/; Expires=Sun, 10 Jul 2022 13:33:52 GMT
content-length: 42
x-request-id: 77415db0e18311eb824fc3791b565942

GET
H2 200 vendor-print
sdgss56.mywebsites360.com/css/ 17 KB
7 KB 166ms
165ms Stylesheet
text/css 34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/css/vendor-print
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: 24ef69a04e1712e7c573612144f80ca1147f4242828977a92713cf031db104d1

Request headers

:path: /css/vendor-print
pragma: no-cache
cookie: deviceType=desktop; devicePixelRatio=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: sdgss56.mywebsites360.com
referer: https://sdgss56.mywebsites360.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-encoding: gzip
server: None
etag: 5Bno+E547JdFcO4VitIT+2YKCdc
vary: Accept-Encoding
content-type: text/css; charset=utf-8
set-cookie: devicePixelRatio=1; Path=/; Expires=Sun, 10 Jul 2022 13:33:52 GMT
x-request-id: 77415db0e18311ebaa428bbb03dcbec4

GET
H2 200 modernizr.respond.min.js Show response
sdgss56.mywebsites360.com/ 24 KB
9 KB 154ms
153ms Script
application/javascript 34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/modernizr.respond.min.js
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: f71e7f086748ec0bcd7fefd95799c5eb435f2e775449d23c7bdf0718c09a9e07

Request headers

:path: /modernizr.respond.min.js
pragma: no-cache
cookie: deviceType=desktop; devicePixelRatio=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sdgss56.mywebsites360.com
referer: https://sdgss56.mywebsites360.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 16:22:09 GMT
server: None
etag: W/"5e91-1796162b368"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-request-id: 77415db0e18311eb8163ff83a1885ec2

GET
H2 200 / Show response
a793gkgil4.xyz/ 718 KB
499 KB 774ms
369ms Script
application/javascript 198.54.125.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.125.151 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium101-5.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 4ab4ad452ebbfff009df0f1186c6d847de52891265a450b160fd98a8db156d58

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Jul 2021 13:33:53 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 28ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1625924032.dop132.fr8.t,1625924032.cds244.fr8.hn,1625924032.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 siteBundle.js Show response
sdgss56.mywebsites360.com/ 101 KB
30 KB 153ms
152ms Script
application/javascript 34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/siteBundle.js
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: 24f4017082465f7e92307e0ef8da7df7fa8ab1dd4ae3e18e091a38c01f018657

Request headers

:path: /siteBundle.js
pragma: no-cache
cookie: deviceType=desktop; devicePixelRatio=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sdgss56.mywebsites360.com
referer: https://sdgss56.mywebsites360.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 16:22:09 GMT
server: None
etag: W/"193f3-1796162b368"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-request-id: 77415db0e18311eb9defed40c93f122b

GET
H2 200 collections.js Show response
sdgss56.mywebsites360.com/ 29 KB
9 KB 241ms
240ms Script
application/javascript 34.95.85.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdgss56.mywebsites360.com/collections.js
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.95.85.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.85.95.34.bc.googleusercontent.com
Software: None /
Resource Hash: 66ea15675cda29186279e6cc52f287d1f313d65752dbd9280fc5b547f28af2d5

Request headers

:path: /collections.js
pragma: no-cache
cookie: deviceType=desktop; devicePixelRatio=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: sdgss56.mywebsites360.com
referer: https://sdgss56.mywebsites360.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 16:22:09 GMT
server: None
etag: W/"75ed-1796162b368"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-request-id: 7744b910e18311eba044dfed5adaa998

GET
H2 200 Y8ANrvgdMIaYfdCUtVbHkHLaiAgJqWdgqdip7DoFn8qfeGGgfO_HJsJ1FQ93wRMhWhjtZe9kwhmKjAZyFDb3Fcwt5QMujQMawcmyZA4RwQjueRiDZeiDSD9hOcuoihmKSh8XZWwDFRM0jhNlOYiaikoDZeiDSD9hOcuoihmKSh8XZWwDFRM0jhNlJyg3ScNt-Auyd... Show response
use.typekit.net/ik/ 16 KB
7 KB 25ms
12ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/Y8ANrvgdMIaYfdCUtVbHkHLaiAgJqWdgqdip7DoFn8qfeGGgfO_HJsJ1FQ93wRMhWhjtZe9kwhmKjAZyFDb3Fcwt5QMujQMawcmyZA4RwQjueRiDZeiDSD9hOcuoihmKSh8XZWwDFRM0jhNlOYiaikoDZeiDSD9hOcuoihmKSh8XZWwDFRM0jhNlJyg3ScNt-AuydcNhjAUTZhyXH6qJtKGbMg62JMebM-VC1JSe.js

Requested by

Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4058a1c85b695f5b9a2252d6f54acf317c7c823e03b1960a13dde0086e6d5123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 10 Jul 2021 13:33:52 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6732

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d571279a14aac61ae4c4b15629a72964846d1c7b362c3f6b07aa7877703c25cb

Request headers

Origin: https://sdgss56.mywebsites360.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ 74 KB
74 KB 22ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=1&fvd=n3&v=3
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 269d365b296b0e26e890128f285526bae98dfcaeeefbdebe93defaa1559ec0c0

Request headers

Origin: https://sdgss56.mywebsites360.com
Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
server: nginx
etag: "cf68936935693ff1a8d6236be8ccd80b913807a1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75452

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 19ms
7ms Image
image/gif 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=550206_f8de23ebafa7406c8905a072eaebc165&ht=tk&h=sdgss56.mywebsites360.com&f=5474&a=550206&js=1.20.0&app=typekit&e=js&_=1625924032573
Requested by: Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:52 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2

200

/ Show response
a793gkgil4.xyz/location/
Redirect Chain

https://a793gkgil4.xyz/location
https://a793gkgil4.xyz/location/

1 KB
658 B

207ms
207ms

Script
application/javascript

198.54.125.151
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://a793gkgil4.xyz/location/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.125.151 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium101-5.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 28b7b590c7acf1089c3f7b4ddf67302f938ef3fccf36ff72af44c778a7601a6c

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:54 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 428
expires: Sat, 17 Jul 2021 13:33:54 GMT

Redirect headers

location: https://a793gkgil4.xyz/location/
date: Sat, 10 Jul 2021 13:33:54 GMT
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 313 B
930 B 59ms
34ms XHR
application/json 2606:4700:20::ac43:46e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: sdgss56.mywebsites360.com
URL: https://sdgss56.mywebsites360.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8382f17fbfff4eff66194a12b81951bcbd2b723cb48d68a18802f6e209848e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: 1418ca66e973712f3a84d6f6ccc4f4fa-AMS
x-geojs-location: AMS
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wDONo89rR5HZTtsNB2t0ZqweP2qZZ8%2B8DAX6yc2pT8miB5QIq4TAR%2BrNAxKvDA%2ByGMVjsRDD13k%2B4ac0Thzo%2BzxCdn4yfYpvzFaMFjrN%2FkmaPQ40xABmxkAWXvvpbpLoE1wYIuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 66ca2aa00a35dfd3-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

6.png
widgets.amung.us/classic/00/
Redirect Chain

https://whos.amung.us/widget/teamgemelos
https://widgets.amung.us/classic/00/6.png

1 KB
2 KB

36ms
18ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/classic/00/6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a534024e9cc41a762cf27f44303b696f56cd20dcc9947126bd6192d4c3226e

Request headers

Referer: https://sdgss56.mywebsites360.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:33:55 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
server: cloudflare
age: 25093
etag: "4c149ecd-582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 66ca2aa2c97d2484-FRA
content-length: 1410
expires: Sun, 11 Jul 2021 06:35:42 GMT

Redirect headers

location: https://widgets.amung.us/classic/00/6.png
date: Sat, 10 Jul 2021 13:33:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 51 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sdgss56.mywebsites360.com/	1970-01-20 04:24:20	Name: devicePixelRatio Value: 1
			sdgss56.mywebsites360.com/	1970-01-20 04:24:20	Name: deviceType Value: desktop

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]
console-api	log	URL: https://a793gkgil4.xyz/?api=1&lan=fb2020&ht=2(Line 71) Message: [object HTMLScriptElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a793gkgil4.xyz
code.jquery.com
get.geojs.io
p.typekit.net
sdgss56.mywebsites360.com
use.typekit.net
whos.amung.us
widgets.amung.us
198.54.125.151
2001:4de0:ac18::1:a:1a
2606:4700:10::6816:4bab
2606:4700:20::ac43:46e9
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
34.95.85.224
67.202.94.86
013d6f0beeb99f4a8db656629da9612d1b7f8d6034c64168d397dff5b39cfbc7
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
24ef69a04e1712e7c573612144f80ca1147f4242828977a92713cf031db104d1
24f4017082465f7e92307e0ef8da7df7fa8ab1dd4ae3e18e091a38c01f018657
269d365b296b0e26e890128f285526bae98dfcaeeefbdebe93defaa1559ec0c0
28b7b590c7acf1089c3f7b4ddf67302f938ef3fccf36ff72af44c778a7601a6c
4058a1c85b695f5b9a2252d6f54acf317c7c823e03b1960a13dde0086e6d5123
4ab4ad452ebbfff009df0f1186c6d847de52891265a450b160fd98a8db156d58
4dd1aeeaa2802498854045e23a7c1efab6b626bf9d7da3ac13b7fa7a4cd52795
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66ea15675cda29186279e6cc52f287d1f313d65752dbd9280fc5b547f28af2d5
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
8382f17fbfff4eff66194a12b81951bcbd2b723cb48d68a18802f6e209848e6a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
c8a534024e9cc41a762cf27f44303b696f56cd20dcc9947126bd6192d4c3226e
d571279a14aac61ae4c4b15629a72964846d1c7b362c3f6b07aa7877703c25cb
f71e7f086748ec0bcd7fefd95799c5eb435f2e775449d23c7bdf0718c09a9e07
f839d19b125f9870cf926055c3ed4659faec2aaad2118d21216554b0fd1d49d8

sdgss56.mywebsites360.com Open in urlscan Pro 34.95.85.224 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

63 %IPv6

6 Domains

8 Subdomains

8 IPs

3 Countries

749 kBTransfer

1395 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

2 Cookies

8 Console Messages

Indicators

sdgss56.mywebsites360.com Open in urlscan Pro
34.95.85.224 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

749 kB
Transfer

1395 kB
Size

2
Cookies

15 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!