urlscan.io logo urlscan.io
SecurityTrails logo

yzzwsqf-emb-2.gq Open in urlscan Pro
162.240.35.239  Public Scan

Go To Rescan Add Verdict Report
URL: https://yzzwsqf-emb-2.gq/anest.htm
Submission: On March 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 162.240.35.239, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is yzzwsqf-emb-2.gq.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 5th 2023. Valid for: 3 months.
This is the only time yzzwsqf-emb-2.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.240.35.239 46606 (UNIFIEDLA...)
6 203.104.164.15 23576 (NHN-AS-KR...)
1 203.104.164.18 23576 (NHN-AS-KR...)
8 3
Apex Domain
Subdomains		 Transfer
4 worksmobile.com
auth.worksmobile.com
lcs.worksmobile.com
62 KB
3 worksmobile.net
static.worksmobile.net — Cisco Umbrella Rank: 438724
18 KB
1 yzzwsqf-emb-2.gq
yzzwsqf-emb-2.gq
82 KB
8 3
Domain Requested by
3 static.worksmobile.net yzzwsqf-emb-2.gq
3 auth.worksmobile.com yzzwsqf-emb-2.gq
1 lcs.worksmobile.com
1 yzzwsqf-emb-2.gq
8 4

This site contains links to these domains. Also see Links.

Domain
join.worksmobile.com
Subject Issuer Validity Valid
yzzwsqf-emb-2.gq
cPanel, Inc. Certification Authority		 2023-03-05 -
2023-06-03		 3 months crt.sh
*.worksmobile.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-11 -
2023-05-12		 a year crt.sh
alpha-lcs.worksmobile.com
Sectigo RSA Organization Validation Secure Server CA		 2023-02-03 -
2024-03-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://yzzwsqf-emb-2.gq/anest.htm
Frame ID: A25D43FB3EDE348D874F5D2804D46420
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

162 kB
Transfer

389 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request anest.htm
yzzwsqf-emb-2.gq/ 		82 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.240.35.239 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
5914540.diamondoaksbeefarm.com
Software
Apache /
Resource Hash
fa5ad481736ca28226632f5051f05b8c1eea22e6d0642be3a76c5097c755743d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
84254
content-type
text/html
date
Mon, 06 Mar 2023 05:44:14 GMT
last-modified
Mon, 06 Mar 2023 02:09:53 GMT
server
Apache
message_en_US.js
auth.worksmobile.com/js/message/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.worksmobile.com/js/message/message_en_US.js?20210223
Requested by
Host: yzzwsqf-emb-2.gq
URL: https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.15 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
nginx /
Resource Hash
612901134b5aa571edb9b8661ebe4c5ddbb021fd631d0918a740b858dc4a72e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Fri, 21 Jul 2023 06:03:05 GMT
date
Mon, 06 Mar 2023 05:44:16 GMT
content-encoding
gzip
last-modified
Tue, 03 Jan 2023 02:52:59 GMT
server
nginx
etag
W/"63b3988b-201d"
content-type
application/javascript
cache-control
max-age=15552000
x-proxy-cache
HIT
auth_core.js
auth.worksmobile.com/js/service/ 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.worksmobile.com/js/service/auth_core.js?20210223
Requested by
Host: yzzwsqf-emb-2.gq
URL: https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.15 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
nginx /
Resource Hash
64b2ca324dd3385f8c102024adf19500315870a1b589798ee39791aab3c90681

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Tue, 23 May 2023 06:09:03 GMT
date
Mon, 06 Mar 2023 05:44:16 GMT
content-encoding
gzip
last-modified
Tue, 08 Nov 2022 10:37:43 GMT
server
nginx
etag
W/"636a3177-509"
content-type
application/javascript
cache-control
max-age=15552000
x-proxy-cache
HIT
auth_service.js
auth.worksmobile.com/js/service/ 		253 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.worksmobile.com/js/service/auth_service.js?20210223
Requested by
Host: yzzwsqf-emb-2.gq
URL: https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.15 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
nginx /
Resource Hash
3d327f2d39fefc8f00d4f0f919d0fed7d3ebd64e982bf3cbb66e2977f5fab494

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Tue, 23 May 2023 06:09:03 GMT
date
Mon, 06 Mar 2023 05:44:16 GMT
content-encoding
gzip
last-modified
Tue, 08 Nov 2022 10:37:43 GMT
server
nginx
etag
W/"636a3177-3f468"
content-type
application/javascript
cache-control
max-age=15552000
x-proxy-cache
HIT
logo_naverworks.svg
static.worksmobile.net/static/pwe/wm/common/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.worksmobile.net/static/pwe/wm/common/logo_naverworks.svg
Requested by
Host: yzzwsqf-emb-2.gq
URL: https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.15 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
8c71b40eaef8dc785e6c733a94cb39436a68dc78ecb7ccb23eca4c902aa5c68a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Tue, 05 Mar 2024 05:44:17 GMT
date
Mon, 06 Mar 2023 05:44:17 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Mon, 02 Nov 2020 05:39:43 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
HIT
bg_login_line.png
static.worksmobile.net/static/pwe/wm/common/ 		109 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.worksmobile.net/static/pwe/wm/common/bg_login_line.png
Requested by
Host: yzzwsqf-emb-2.gq
URL: https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.15 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
afbc30e68ead69aa9f9c9a2d45036907ec263ff069c4432f51d943a503d9f00e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Tue, 05 Mar 2024 05:44:17 GMT
date
Mon, 06 Mar 2023 05:44:17 GMT
referrer-policy
unsafe-url
last-modified
Thu, 05 Jul 2018 07:07:44 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
109
x-proxy-cache
HIT
sp_join_7ce6bce3.svg
static.worksmobile.net/static/pwe/wm/common/ 		42 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.worksmobile.net/static/pwe/wm/common/sp_join_7ce6bce3.svg
Requested by
Host: yzzwsqf-emb-2.gq
URL: https://yzzwsqf-emb-2.gq/anest.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.15 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
Apache /
Resource Hash
f401e4a8cd407bdeda636da31267cb9229c7fe9a4a0d5ae9cbe8064862961b98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Tue, 05 Mar 2024 05:44:17 GMT
date
Mon, 06 Mar 2023 05:44:17 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Fri, 16 Oct 2020 07:09:12 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
HIT
m
lcs.worksmobile.com/ 		43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lcs.worksmobile.com/m?u=https%3A%2F%2Fyzzwsqf-emb-2.gq%2Fanest.htm&e=&os=Win32&ln=en-US&sr=1600x1200&pr=1&bw=1600&bh=1200&c=24&j=N&k=Y&i=&ct=&navigationStart=1678081455325&fetchStart=1678081455325&domainLookupStart=1678081455327&domainLookupEnd=1678081455605&connectStart=1678081455605&connectEnd=1678081455754&secureConnectionStart=1678081455677&requestStart=1678081455754&responseStart=1678081455898&responseEnd=1678081456003&domLoading=1678081455905&domInteractive=1678081456722&domContentLoadedEventStart=1678081456722&domContentLoadedEventEnd=1678081456722&domComplete=1678081457086&loadEventStart=1678081457086&loadEventEnd=1678081457086&first-paint=1413.1000003814697&first-contentful-paint=1413.1000003814697&sti=worksmobile_admin_auth_loginstep1_kr&pid=e380c2144a05069d76b489a83c8809be&ts=1678081457089&EOU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.104.164.18 , Singapore, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://yzzwsqf-emb-2.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 05:44:17 GMT
server
nginx
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Tue, 01 Jan 1980 09:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| lcs_do function| lcs_do_gdid function| lcs_get_lpid function| lcs_update_lpid string| lcs_version string| eventType function| sendLcs function| setMobilePrefix function| setInstancePostfix object| Message undefined| callbackSnsLogin undefined| Base64 undefined| oNweCommonUtils function| isUserAgentUnderIE10 function| sendNelo function| GuestLogIn function| IdFind function| WebLogIn string| lcsSti undefined| oWebLogin undefined| oPhoneLogin string| lcs_SerName

1 Cookies

Domain/Path Name / Value
.worksmobile.com/ Name: NNB
Value: AEL2DGFRPUCWI