usweasemailuser.com Open in urlscan Pro
23.92.211.2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php
Effective URL:
http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm
Submission: On October 22 via automatic, source openphish (October 22nd 2020, 1:56:06 pm UTC)

Summary HTTP 10 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 10 HTTP transactions. The main IP is 23.92.211.2, located in Rochester, United States and belongs to DACEN-2, US. The main domain is usweasemailuser.com.

This is the only time usweasemailuser.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Naver (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	23.92.211.2 23.92.211.2	31863 (DACEN-2) (DACEN-2)
4	203.104.163.42 203.104.163.42	23576 (NHN-AS-KR...) (NHN-AS-KR NBP)
3	210.89.164.55 210.89.164.55	23576 (NHN-AS-KR...) (NHN-AS-KR NBP)
1	203.104.163.21 203.104.163.21	23576 (NHN-AS-KR...) (NHN-AS-KR NBP)
10	4

2 23.92.211.2 (Rochester, United States)

ASN31863 (DACEN-2, US)

domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usweasemailuser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.104.163.42 (Singapore)

ASN23576 (NHN-AS-KR NBP, KR)

nid.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.89.164.55 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NBP, KR)

static.nid.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.104.163.21 (Singapore)

ASN23576 (NHN-AS-KR NBP, KR)

lcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	naver.com nid.naver.com static.nid.naver.com lcs.naver.com	163 KB
2	usweasemailuser.com domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com usweasemailuser.com	8 KB
10	2

	Domain	Requested by
4	nid.naver.com	usweasemailuser.com
3	static.nid.naver.com	nid.naver.com
1	lcs.naver.com
1	usweasemailuser.com	domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com
1	domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com
10	5

This site contains links to these domains. Also see Links.

Domain
www.naver.com
help.naver.com
nid.naver.com
www.navercorp.com

Subject Issuer	Validity	Valid
nid.naver.com DigiCert ECC Extended Validation Server CA	`2019-08-19` - `2021-08-23`	2 years	crt.sh
static.nid.naver.com GeoTrust RSA CA 2018	`2019-01-30` - `2021-01-29`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm
Frame ID: B26DFC85F99E488D1C45FBDAA6E76676
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php Page URL
http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

4
IPs

3
Countries

171 kB
Transfer

375 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.naver.com/
Title: NAVER

Search URL Search Domain Scan URL

URL: https://help.naver.com/support/contents/contents.nhn?serviceNo=532&categoryNo=1523
Title: View help

Search URL Search Domain Scan URL

URL: https://nid.naver.com/user2/api/route.nhn?m=routeIdInquiry&lang=en_US
Title: Username

Search URL Search Domain Scan URL

URL: https://nid.naver.com/user2/api/route.nhn?m=routePwInquiry&lang=en_US
Title: Password?

Search URL Search Domain Scan URL

URL: https://nid.naver.com/user2/V2Join.nhn?m=agree&lang=en_US
Title: Sign up

Search URL Search Domain Scan URL

URL: https://nid.naver.com/oauth/global/initSNS.nhn?idp_cd=facebook&locale=en_US&svctype=1&postDataKey=&url=https%3A%2F%2Fwww.naver.com
Title: Facebook

Search URL Search Domain Scan URL

URL: https://nid.naver.com/oauth/global/initSNS.nhn?idp_cd=line&locale=en_US&svctype=1&postDataKey=&url=https%3A%2F%2Fwww.naver.com
Title: Line

Search URL Search Domain Scan URL

URL: http://www.navercorp.com/
Title: naver

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php Page URL
http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	PleaseWait.Redir.php Show response domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/	153 B 360 B	356ms 230ms	Document text/html	23.92.211.2 DACEN-2
General Check archive.org Show headers Download Go to Full URL http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php Protocol HTTP/1.1 Server 23.92.211.2 Rochester, United States, ASN31863 (DACEN-2, US), Reverse DNS Software Apache / Resource Hash `dca689f4898cb1f2304a6c99a2de502d6fdd86154c38feec8c7db49bb62ec1d3` Request headers Host domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 22 Oct 2020 13:55:46 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request nid.login.htm Show response usweasemailuser.com/nid.naver.com/user.account_restore.message/	7 KB 8 KB	239ms 225ms	Document text/html	23.92.211.2 DACEN-2
General Check archive.org Show headers Download Go to Full URL http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Requested by Host: domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com URL: http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php Protocol HTTP/1.1 Server 23.92.211.2 Rochester, United States, ASN31863 (DACEN-2, US), Reverse DNS Software Apache / Resource Hash `580b775de70497d345ca4effaeb75a8284b5f6cf42875bac5b9edb9a658a3faa` Request headers Host usweasemailuser.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com/PleaseWait.Redir.php Response headers Date Thu, 22 Oct 2020 13:55:46 GMT Server Apache Last-Modified Tue, 20 Oct 2020 18:19:15 GMT Accept-Ranges bytes Content-Length 7571 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	w_20191231.css nid.naver.com/login/css/global/desktop/	96 KB 18 KB	672ms 305ms	Stylesheet text/css	203.104.163.42 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Full URL https://nid.naver.com/login/css/global/desktop/w_20191231.css Requested by Host: usweasemailuser.com URL: http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 203.104.163.42 , Singapore, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `f6b3492f2cd408b2e0e49bba324148a3e7f62d4634f09ea203b4122ff9953196` Request headers Referer http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 22 Oct 2020 13:55:47 GMT content-encoding gzip last-modified Tue, 20 Oct 2020 07:26:39 GMT server nginx etag W/"5f8e912f-18005" vary Accept-Encoding content-type text/css status 200
GET H2	200	bvsd.1.3.4.min.js Show response nid.naver.com/login/js/	94 KB 28 KB	679ms 312ms	Script application/javascript	203.104.163.42 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Full URL https://nid.naver.com/login/js/bvsd.1.3.4.min.js Requested by Host: usweasemailuser.com URL: http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 203.104.163.42 , Singapore, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `b273657638e8b7e43fd5d9b06ac27a4ef8a8ad9150ef6a3d1fb26afaa67167ca` Request headers Referer http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 22 Oct 2020 13:55:47 GMT content-encoding gzip last-modified Tue, 20 Oct 2020 07:26:39 GMT server nginx etag W/"5f8e912f-17748" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000, public expires Fri, 22 Oct 2021 13:55:47 GMT
GET H2	200	common.js Show response nid.naver.com/login/js/default/	85 KB 24 KB	658ms 292ms	Script application/javascript	203.104.163.42 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Full URL https://nid.naver.com/login/js/default/common.js Requested by Host: usweasemailuser.com URL: http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 203.104.163.42 , Singapore, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `30c6f7a0498e0ae7e9f7a46c13b18dc0220a561b5b5ef2da53b2dde92bcc2523` Request headers Referer http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 22 Oct 2020 13:55:47 GMT content-encoding gzip last-modified Tue, 20 Oct 2020 07:26:39 GMT server nginx etag W/"5f8e912f-15358" vary Accept-Encoding content-type application/javascript status 200
GET H2	200	default.js Show response nid.naver.com/login/js/default/	2 KB 1 KB	670ms 304ms	Script application/javascript	203.104.163.42 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Full URL https://nid.naver.com/login/js/default/default.js Requested by Host: usweasemailuser.com URL: http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 203.104.163.42 , Singapore, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `2028b7287b0a29fa946ed3c8faac1cd5db6c6bb0e6514380b9d7d61dbe3d351f` Request headers Referer http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 22 Oct 2020 13:55:47 GMT content-encoding gzip last-modified Tue, 20 Oct 2020 07:26:39 GMT server nginx etag W/"5f8e912f-945" vary Accept-Encoding content-type application/javascript status 200
GET H/1.1	200 OK	sp_u_skip.png static.nid.naver.com/images/web/user/	967 B 1 KB	810ms 269ms	Image image/png	210.89.164.55 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Show image Full URL https://static.nid.naver.com/images/web/user/sp_u_skip.png Requested by Host: nid.naver.com URL: https://nid.naver.com/login/css/global/desktop/w_20191231.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.89.164.55 , Korea, Republic Of, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `67bef5d26af42c5a7842ecd98bf3df205cf8de0270802b34a2380de4eb517d46` Request headers Referer https://nid.naver.com/login/css/global/desktop/w_20191231.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 22 Oct 2020 13:55:48 GMT Last-Modified Wed, 09 Sep 2020 07:45:05 GMT Server nginx ETag "5f588801-3c7" Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 967 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	pc_sp_login_190522.png static.nid.naver.com/images/ui/login/	88 KB 89 KB	1067ms 524ms	Image image/png	210.89.164.55 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Show image Full URL https://static.nid.naver.com/images/ui/login/pc_sp_login_190522.png Requested by Host: nid.naver.com URL: https://nid.naver.com/login/css/global/desktop/w_20191231.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.89.164.55 , Korea, Republic Of, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `b283bd73dfa96ff9bbae95734e91f369d1f825b83c37860a993eabb75ea99ebc` Request headers Referer https://nid.naver.com/login/css/global/desktop/w_20191231.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 22 Oct 2020 13:55:48 GMT Last-Modified Wed, 09 Sep 2020 07:45:02 GMT Server nginx ETag "5f5887fe-16124" Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 90404 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	sel_arr_2x.gif static.nid.naver.com/images/login/global/sns/desktop/	2 KB 2 KB	844ms 282ms	Image image/gif	210.89.164.55 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Show image Full URL https://static.nid.naver.com/images/login/global/sns/desktop/sel_arr_2x.gif Requested by Host: nid.naver.com URL: https://nid.naver.com/login/css/global/desktop/w_20191231.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.89.164.55 , Korea, Republic Of, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `21be6129d47f2ef87a6e867141936861e3dd063ae59903c668d360747b804d66` Request headers Referer https://nid.naver.com/login/css/global/desktop/w_20191231.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 22 Oct 2020 13:55:48 GMT Last-Modified Wed, 09 Sep 2020 07:45:01 GMT Server nginx ETag "5f5887fd-66a" Content-Type image/gif Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 1642 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	m lcs.naver.com/	43 B 415 B	71ms 33ms	Image image/gif	203.104.163.21 NHN-AS-KR NBP
General Check archive.org Show headers Download Go to Show image Full URL http://lcs.naver.com/m?u=http%3A%2F%2Fusweasemailuser.com%2Fnid.naver.com%2Fuser.account_restore.message%2Fnid.login.htm&e=http%3A%2F%2Fdomainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com%2FPleaseWait.Redir.php&os=Linux%20x86_64&ln=en-US&sr=1600x1200&pr=1&bw=1600&bh=1200&c=24&j=N&k=Y&i=&ct=&navigationStart=1603374946804&fetchStart=1603374946804&domainLookupStart=1603374946805&domainLookupEnd=1603374946806&connectStart=1603374946806&connectEnd=1603374946819&requestStart=1603374946819&responseStart=1603374947044&responseEnd=1603374947045&domLoading=1603374947048&domInteractive=1603374947981&domContentLoadedEventStart=1603374947981&domContentLoadedEventEnd=1603374947981&domComplete=1603374949090&loadEventStart=1603374949090&loadEventEnd=1603374949090&first-paint=1009.2499982565641&first-contentful-paint=1009.2499982565641&pid=f0bfd5e5bce544add0c2862c1193f3d8&ts=1603374949103&EOU Protocol HTTP/1.1 Server 203.104.163.21 , Singapore, ASN23576 (NHN-AS-KR NBP, KR), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://usweasemailuser.com/nid.naver.com/user.account_restore.message/nid.login.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 22 Oct 2020 13:55:49 GMT Server nginx P3P CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Cache-Control no-cache, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 01 Jan 1980 09:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Naver (Online)

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

domainslogin.nidnavers.com.mail.cssleurlsnaver.com-end.users.com.usweasemailuser.com
lcs.naver.com
nid.naver.com
static.nid.naver.com
usweasemailuser.com
203.104.163.21
203.104.163.42
210.89.164.55
23.92.211.2
2028b7287b0a29fa946ed3c8faac1cd5db6c6bb0e6514380b9d7d61dbe3d351f
21be6129d47f2ef87a6e867141936861e3dd063ae59903c668d360747b804d66
30c6f7a0498e0ae7e9f7a46c13b18dc0220a561b5b5ef2da53b2dde92bcc2523
580b775de70497d345ca4effaeb75a8284b5f6cf42875bac5b9edb9a658a3faa
67bef5d26af42c5a7842ecd98bf3df205cf8de0270802b34a2380de4eb517d46
b273657638e8b7e43fd5d9b06ac27a4ef8a8ad9150ef6a3d1fb26afaa67167ca
b283bd73dfa96ff9bbae95734e91f369d1f825b83c37860a993eabb75ea99ebc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dca689f4898cb1f2304a6c99a2de502d6fdd86154c38feec8c7db49bb62ec1d3
f6b3492f2cd408b2e0e49bba324148a3e7f62d4634f09ea203b4122ff9953196

usweasemailuser.com Open in urlscan Pro 23.92.211.2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

70 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

4 IPs

3 Countries

171 kBTransfer

375 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

224 JavaScript Global Variables

0 Cookies

Indicators

usweasemailuser.com Open in urlscan Pro
23.92.211.2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

4
IPs

3
Countries

171 kB
Transfer

375 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!