www.neofitnes.com Open in urlscan Pro
166.62.27.56 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://buursmaagency.com/wp-content/plugins/option-tree/includes/index.php
Effective URL:
https://www.neofitnes.com/(secured)/viewyourdocjes/viewyourdocjes/securefile/?mailtarget=
Submission: On May 02 via manual (May 2nd 2018, 11:30:26 am UTC) from US

Summary HTTP 30 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 30 HTTP transactions. The main IP is 166.62.27.56, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.neofitnes.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 28th 2017. Valid for: a year.

This is the only time www.neofitnes.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	97.86.70.229 97.86.70.229	20115 (CHARTER-N...) (CHARTER-NET-HKY-NC - Charter Communications)
17	166.62.27.56 166.62.27.56	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	216.58.207.40 216.58.207.40	15169 (GOOGLE) (GOOGLE - Google LLC)
11	89.46.106.22 89.46.106.22	31034 (ARUBA-ASN) (ARUBA-ASN)
30	4

1 97.86.70.229 (Ionia, United States)

ASN20115 (CHARTER-NET-HKY-NC - Charter Communications, US)
PTR: 97-86-70-229.static.klmz.mi.charter.com

buursmaagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 166.62.27.56 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-166-62-27-56.ip.secureserver.net

www.neofitnes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 89.46.106.22 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx1141.aruba.it

www.viewdocsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	neofitnes.com www.neofitnes.com	188 KB
11	viewdocsonline.com www.viewdocsonline.com	4 KB
1	google-analytics.com ssl.google-analytics.com	17 KB
1	buursmaagency.com buursmaagency.com	356 B
30	4

	Domain	Requested by
17	www.neofitnes.com	www.neofitnes.com
11	www.viewdocsonline.com	www.neofitnes.com
1	ssl.google-analytics.com	www.neofitnes.com
1	buursmaagency.com
30	4

This site contains links to these domains. Also see Links.

Domain
www.viewdocsonline.com

Subject Issuer	Validity	Valid
buursmaagency.com cPanel, Inc. Certification Authority	`2018-03-17` - `2018-06-15`	3 months	crt.sh
neofitnes.com Go Daddy Secure Certificate Authority - G2	`2017-05-28` - `2018-05-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.neofitnes.com/(secured)/viewyourdocjes/viewyourdocjes/securefile/?mailtarget=
Frame ID: D761D5F3BF86A7536F03643F44377C73
Requests: 28 HTTP requests in this frame

Frame: https://www.neofitnes.com/(secured)/viewyourdocjes/viewyourdocjes/securefile/View_files/LEdxGgtB9cN.htm
Frame ID: BA456DDDD0BC2C0184A22B7C2296011D
Requests: 1 HTTP requests in this frame

Frame: https://www.neofitnes.com/(secured)/viewyourdocjes/viewyourdocjes/securefile/View_files/LEdxGgtB9cN_002.htm
Frame ID: 295814F89FE7AEC6F0BB31C3AE14ED38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://buursmaagency.com/wp-content/plugins/option-tree/includes/index.php Page URL
https://www.neofitnes.com/(secured)/viewyourdocjes/viewyourdocjes/securefile/?mailtarget= Page URL