![](/screenshots/d8d2ab06-02d5-4cfb-9a51-4f2aa601ef6d.png)
yzzwsqf-emb-2.gq
Open in
urlscan Pro
162.240.35.239
Public Scan
Submission: On March 06 via api from US — Scanned from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 5th 2023. Valid for: 3 months.
This is the only time yzzwsqf-emb-2.gq was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.240.35.239 162.240.35.239 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
6 | 203.104.164.15 203.104.164.15 | 23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.) | |
1 | 203.104.164.18 203.104.164.18 | 23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.) | |
8 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 5914540.diamondoaksbeefarm.com
yzzwsqf-emb-2.gq |
ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)
auth.worksmobile.com | |
static.worksmobile.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
worksmobile.com
auth.worksmobile.com lcs.worksmobile.com |
62 KB |
3 |
worksmobile.net
static.worksmobile.net — Cisco Umbrella Rank: 438724 |
18 KB |
1 |
yzzwsqf-emb-2.gq
yzzwsqf-emb-2.gq |
82 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
3 | static.worksmobile.net |
yzzwsqf-emb-2.gq
|
3 | auth.worksmobile.com |
yzzwsqf-emb-2.gq
|
1 | lcs.worksmobile.com | |
1 | yzzwsqf-emb-2.gq | |
8 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
join.worksmobile.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
yzzwsqf-emb-2.gq cPanel, Inc. Certification Authority |
2023-03-05 - 2023-06-03 |
3 months | crt.sh |
*.worksmobile.com Sectigo RSA Organization Validation Secure Server CA |
2022-04-11 - 2023-05-12 |
a year | crt.sh |
alpha-lcs.worksmobile.com Sectigo RSA Organization Validation Secure Server CA |
2023-02-03 - 2024-03-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://yzzwsqf-emb-2.gq/anest.htm
Frame ID: A25D43FB3EDE348D874F5D2804D46420
Requests: 8 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Sign up
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
anest.htm
yzzwsqf-emb-2.gq/ |
82 KB 82 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
message_en_US.js
auth.worksmobile.com/js/message/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth_core.js
auth.worksmobile.com/js/service/ |
1 KB 931 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth_service.js
auth.worksmobile.com/js/service/ |
253 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_naverworks.svg
static.worksmobile.net/static/pwe/wm/common/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_login_line.png
static.worksmobile.net/static/pwe/wm/common/ |
109 B 363 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp_join_7ce6bce3.svg
static.worksmobile.net/static/pwe/wm/common/ |
42 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
lcs.worksmobile.com/ |
43 B 382 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| lcs_do function| lcs_do_gdid function| lcs_get_lpid function| lcs_update_lpid string| lcs_version string| eventType function| sendLcs function| setMobilePrefix function| setInstancePostfix object| Message undefined| callbackSnsLogin undefined| Base64 undefined| oNweCommonUtils function| isUserAgentUnderIE10 function| sendNelo function| GuestLogIn function| IdFind function| WebLogIn string| lcsSti undefined| oWebLogin undefined| oPhoneLogin string| lcs_SerName1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.worksmobile.com/ | Name: NNB Value: AEL2DGFRPUCWI |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.worksmobile.com
lcs.worksmobile.com
static.worksmobile.net
yzzwsqf-emb-2.gq
162.240.35.239
203.104.164.15
203.104.164.18
3d327f2d39fefc8f00d4f0f919d0fed7d3ebd64e982bf3cbb66e2977f5fab494
612901134b5aa571edb9b8661ebe4c5ddbb021fd631d0918a740b858dc4a72e4
64b2ca324dd3385f8c102024adf19500315870a1b589798ee39791aab3c90681
8c71b40eaef8dc785e6c733a94cb39436a68dc78ecb7ccb23eca4c902aa5c68a
afbc30e68ead69aa9f9c9a2d45036907ec263ff069c4432f51d943a503d9f00e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f401e4a8cd407bdeda636da31267cb9229c7fe9a4a0d5ae9cbe8064862961b98
fa5ad481736ca28226632f5051f05b8c1eea22e6d0642be3a76c5097c755743d