myservermailnb.getform.com
Open in
urlscan Pro
54.243.41.63
Public Scan
Submission Tags: phishing
Submission: On October 06 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on April 24th 2023. Valid for: a year.
This is the only time myservermailnb.getform.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 54.243.41.63 54.243.41.63 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2400:52e0:1e0... 2400:52e0:1e00::1080:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
1 | 54.86.4.133 54.86.4.133 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2400:52e0:1e0... 2400:52e0:1e00::1082:1 | 200325 (BUNNYCDN) (BUNNYCDN) | |
3 | 2a00:1450:400... 2a00:1450:4001:82f::2003 | 15169 (GOOGLE) (GOOGLE) | |
9 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-41-63.compute-1.amazonaws.com
myservermailnb.getform.com | |
app.getform.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-4-133.compute-1.amazonaws.com
app.getform.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
getform.com
myservermailnb.getform.com s.getform.com app.getform.com m.getform.com |
82 KB |
3 |
gstatic.com
fonts.gstatic.com |
74 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 |
562 B |
9 | 3 |
Domain | Requested by | |
---|---|---|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | app.getform.com |
s.getform.com
|
1 | m.getform.com | |
1 | fonts.googleapis.com |
s.getform.com
|
1 | s.getform.com |
myservermailnb.getform.com
|
1 | myservermailnb.getform.com | |
9 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
we.getform.com |
getform.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.getform.com Amazon RSA 2048 M01 |
2023-04-24 - 2024-05-22 |
a year | crt.sh |
s.getform.com R3 |
2023-09-06 - 2023-12-05 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
m.getform.com R3 |
2023-09-06 - 2023-12-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://myservermailnb.getform.com/l52dk
Frame ID: E84D2CCE3FE16D776ECEBE181BBAA4AC
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Sign in to access AT&T Mail and Currently.comDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Report abuse
Search URL Search Domain Scan URL
Title: Getform.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
l52dk
myservermailnb.getform.com/ |
27 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.53fced1.js
s.getform.com/widgets/es6/ |
150 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events
app.getform.com/api/v1/ |
600 B 848 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
668 B 562 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
91449b9b82b0b5bc25ec89e3c697e46c_276384090.png
m.getform.com/images/118486/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l52_wFZWMf_.ttf
fonts.gstatic.com/s/merriweather/v30/ |
40 KB 25 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-440qyriQwlOrhSvowK_l5-fCZJ.ttf
fonts.gstatic.com/s/merriweather/v30/ |
41 KB 25 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l52xwNZWMf_.ttf
fonts.gstatic.com/s/merriweather/v30/ |
40 KB 24 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
app.getform.com/api/v1/ |
0 211 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gsc object| widget object| runtime function| showWidget object| u object| colorMode function| eventProxy0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.getform.com
fonts.googleapis.com
fonts.gstatic.com
m.getform.com
myservermailnb.getform.com
s.getform.com
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
54.243.41.63
54.86.4.133
32beb14be40998143cc23f17ff7771a95bf156e658b1472206f001cd36bd854e
413ff10784e7c28f0cd11128e80602a73da358434cb491009f11e67c08e7e9f2
5a00046f36d42d1765bbafe0dd06c58f2f481c792df2f17ead8c7cbedbe3a2d4
7c09b000f8f72d06cc08f49f2b8bceb201c5534ab747870320855d1042f54d1e
7d7741f04f6aadf9277c61244f0b8b72fff88b0268441e44b9ac7d0785f8efe9
b7335c0f6493263c76d6fd9e6492a0d8f7d6800d20009943abfacb0c8454718a
dec1097fab20801430f93e77b1559e7258041ee57150faf8a827c6df3358c918
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f40befddb2207f2c6bfc3a2ac4081b0ba49231b08964ea0ed142a63bb88f4bb4