sedgwickcountyclerk.douglascous.top Open in urlscan Pro
2606:4700:3035::6815:d66 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://docsend.com/view/44v95uq7wngs3w6t
Effective URL:
https://sedgwickcountyclerk.douglascous.top/
Submission: On October 25 via manual (October 25th 2024, 12:55:52 pm UTC) from US — Scanned from CA

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::6815:d66, located in United States and belongs to CLOUDFLARENET, US. The main domain is sedgwickcountyclerk.douglascous.top.
TLS certificate: Issued by WE1 on October 24th 2024. Valid for: 3 months.

This is the only time sedgwickcountyclerk.douglascous.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.168.102.108 3.168.102.108	16509 (AMAZON-02) (AMAZON-02)
1 10	2606:4700:303... 2606:4700:3035::6815:d66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:5f29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:5e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	4

1 3.168.102.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-108.jfk52.r.cloudfront.net

docsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::6815:d66 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sedgwickcountyclerk.douglascous.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	douglascous.top 1 redirects sedgwickcountyclerk.douglascous.top	76 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3443	16 KB
1	docsend.com 1 redirects docsend.com — Cisco Umbrella Rank: 94377	6 KB
13	3

	Domain	Requested by
10	sedgwickcountyclerk.douglascous.top	1 redirects sedgwickcountyclerk.douglascous.top
2	challenges.cloudflare.com	sedgwickcountyclerk.douglascous.top challenges.cloudflare.com
1	docsend.com	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
douglascous.top WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://sedgwickcountyclerk.douglascous.top/
Frame ID: 0B1D99728C4E5FDD61E89AC93FCD000A
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t30n1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 15A1D625645E8FB5CC18F501497BBBD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://docsend.com/view/44v95uq7wngs3w6t HTTP 307
https://docsend.com/view/44v95uq7wngs3w6t HTTP 302
https://sedgwickcountyclerk.douglascous.top/ Page URL
https://sedgwickcountyclerk.douglascous.top/cdn-cgi/phish-bypass?atok=.mBBO4kKl7dikXZ.F_1rxSFNyYTw9rLvFv0GyGc.3qU-172986... HTTP 301
https://sedgwickcountyclerk.douglascous.top/ Page URL

Page Statistics

13
Requests

85 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

92 kB
Transfer

216 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://docsend.com/view/44v95uq7wngs3w6t HTTP 307
https://docsend.com/view/44v95uq7wngs3w6t HTTP 302
https://sedgwickcountyclerk.douglascous.top/ Page URL
https://sedgwickcountyclerk.douglascous.top/cdn-cgi/phish-bypass?atok=.mBBO4kKl7dikXZ.F_1rxSFNyYTw9rLvFv0GyGc.3qU-1729860943-0.0.1.1-%2F HTTP 301
https://sedgwickcountyclerk.douglascous.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://docsend.com/view/44v95uq7wngs3w6t HTTP 307
https://docsend.com/view/44v95uq7wngs3w6t HTTP 302
https://sedgwickcountyclerk.douglascous.top/

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

/ Show response
sedgwickcountyclerk.douglascous.top/
Redirect Chain

http://docsend.com/view/44v95uq7wngs3w6t
https://docsend.com/view/44v95uq7wngs3w6t
https://sedgwickcountyclerk.douglascous.top/

4 KB
2 KB

526ms
93ms

Document
text/html

2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sedgwickcountyclerk.douglascous.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0de56b4edb08446a1ea8bf4d6722d482727caee8173f025af42a21be742be5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8d825ccf9a4e4310-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Oct 2024 12:55:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Y%2Bw40utlbTbpTj3j8ZJ5w77TlYZORq4L7rmJmOCCwHhtwtUZSqb0Hg1DWzUTpOsFTSIRy13vRmqzqG9P%2BUZlgPcvE6Ph%2F1elnOm4j9b2FC%2FaBcGTd%2BxFS116MgPExAz4kC6b1va24A3AE7iw1f2PCu%2Bu2%2BWjoE1fMkSnQGuVDTCnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: connect-src 'self' blob: https://assets.docsend.com https://d1ng9lshxk6v9w.cloudfront.net https://*.previews.dropboxusercontent.com/*/p.m3u8 https://*.dropboxusercontent.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://*.intercomcdn.com https://uploads.intercomusercontent.com https://sessions.bugsnag.com https://notify.bugsnag.com https://featuregates.org https://events.statsigapi.net https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://*.kissmetrics.com https://*.kissmetrics.io https://api.segment.io https://cdn.segment.com https://events.statsigapi.net/v1/rgstr https://statsigapi.net/v1/sdk_exception https://*.id.opendns.com https://www.google-analytics.com https://analytics.google.com https://*.g.doubleclick.net https://www.facebook.com https://api.autopilothq.com https://*.filestackapi.com https://cdn.filestackcontent.com https://s3.amazonaws.com https://*.dropbox.com https://*.dropboxapi.com https://*.dropboxstatic.com https://browser.pipe.aria.microsoft.com https://checkout.stripe.com https://forms.hubspot.com https://*.pubnub.com https://docsend-prod.s3.amazonaws.com; frame-src 'self' https://assets.docsend.com https://*.previews.dropboxusercontent.com/ https://marketing.docsend.com https://js.stripe.com https://checkout.stripe.com https://www.youtube.com https://player.vimeo.com https://td.doubleclick.net/ https://*.g.doubleclick.net https://tpc.googlesyndication.com https://www.facebook.com https://telemetryservice.firstpartyapps.oaspapps.com https://www.dropbox.com https://ifttt.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https://assets.docsend.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://*.google-analytics.com https://cdn.segment.com https://scripts.kissmetrics.com https://*.id.opendns.com https://www.youtube.com https://*.ytimg.com https://vimeo.com https://www.vimeo.com https://www.googletagmanager.com https://www.googleadservices.com https://tagmanager.google.com https://connect.facebook.net https://*.quora.com https://*.bing.com https://api.autopilothq.com https://*.capterra.com https://*.g.doubleclick.net https://js.hs-analytics.net https://js.hs-scripts.com https://js-na1.hs-scripts.com https://js.hscollectedforms.net https://js.hsleadflows.net https://js.stripe.com https://checkout.stripe.com https://ajax.aspnetcdn.com https://appsforoffice.microsoft.com https://maps.googleapis.com https://static.filestackapi.com https://zapier.com https://d2wy8f7a9ursnm.cloudfront.net 'nonce-xKgWfmiTX8zPkneuzEbXFQ=='; report-uri https://www.dropbox.com/csp_log?policy_name=docsend; default-src 'self'; base-uri 'self'; child-src 'self' blob:; font-src 'self' https: data: chrome-extension:; form-action 'self' https://docsend.com https://*.docsend.com https://intercom.help https://api-iam.intercom.io https://accounts.google.com https://www.linkedin.com https://*.salesforce.com https://www.dropbox.com https://accounts.logme.in https://secure.join.me https://*.okta.com https://*.oktapreview.com https://*.jumpcloud.com https://*.onelogin.com https://zapier.com https://ifttt.com https://www.facebook.com; img-src 'self' https: data: blob: chrome-extension:; media-src 'self' blob: data: https://d1ng9lshxk6v9w.cloudfront.net https://js.intercomcdn.com https://*.dropboxusercontent.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://assets.docsend.com https://fonts.googleapis.com https://tagmanager.google.com https://static.filestackapi.com https://use.fontawesome.com https://vjs.zencdn.net; worker-src 'self' blob:
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Oct 2024 12:55:42 GMT
Location: https://SedgwickCountyClerk.douglascous.top/
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729860942&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=%2BnwdjXw5eiID7jlHRbplnbqiXv0%2BUvrP2k6FGrWukxA%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1729860942&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=%2BnwdjXw5eiID7jlHRbplnbqiXv0%2BUvrP2k6FGrWukxA%3D
Server: Cowboy
Strict-Transport-Security: max-age=31556952; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Via: 1.1 vegur, 1.1 2bf519c66f9627d3e8acc9f581122706.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NaEjE3wmqbfduw5gCX6kdDUpl0YKaA-Kn2_fkDx4jNPx0yLW2AV1ow==
X-Amz-Cf-Pop: JFK52-P6
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Request-Id: cf16e0bf-2052-404f-80bf-2e2a56277eda
X-Runtime: 0.087676

GET
H3 200 cf.errors.css
sedgwickcountyclerk.douglascous.top/cdn-cgi/styles/ 23 KB
5 KB 69ms
68ms Stylesheet
text/css 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sedgwickcountyclerk.douglascous.top/cdn-cgi/styles/cf.errors.css

Requested by

Host: sedgwickcountyclerk.douglascous.top
URL: https://sedgwickcountyclerk.douglascous.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sedgwickcountyclerk.douglascous.top/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"67180f5f-5df3"
x-content-type-options: nosniff
cf-ray: 8d825cd04b0c4310-EWR
expires: Fri, 25 Oct 2024 14:55:43 GMT
date: Fri, 25 Oct 2024 12:55:43 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 20:47:27 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
sedgwickcountyclerk.douglascous.top/cdn-cgi/images/ 452 B
634 B 97ms
97ms Image
image/png 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sedgwickcountyclerk.douglascous.top/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: sedgwickcountyclerk.douglascous.top
URL: https://sedgwickcountyclerk.douglascous.top/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sedgwickcountyclerk.douglascous.top/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "67180f5f-1c4"
x-content-type-options: nosniff
cf-ray: 8d825cd0cb864310-EWR
expires: Fri, 25 Oct 2024 14:55:43 GMT
accept-ranges: bytes
content-length: 452
date: Fri, 25 Oct 2024 12:55:43 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 20:47:27 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 403 favicon.ico
sedgwickcountyclerk.douglascous.top/ 4 KB
2 KB 68ms
68ms Other
text/html 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sedgwickcountyclerk.douglascous.top/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01dd1f87e7f1311e81b357a31c75843f36075becdf97368e6ffe810d747affe2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sedgwickcountyclerk.douglascous.top/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzKFCs1gbE4p8GRMpk5LMOQAJDKiQwp8VCTgEy2PycN2VXvZwGkKe7EuPxNvsFIQidDfMAe4AqOh%2BdDPemDB7E7AGdnVcr46aKQxC3QcJoykk6WuiQENFewNYdkboxUUJ0tI0%2F7gsoOj3xwWiXNt%2FEFm56HzkVISEMijsfcOPG9KFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d825cd16c534310-EWR
date: Fri, 25 Oct 2024 12:55:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

403

Primary Request / Show response
sedgwickcountyclerk.douglascous.top/
Redirect Chain

https://sedgwickcountyclerk.douglascous.top/cdn-cgi/phish-bypass?atok=.mBBO4kKl7dikXZ.F_1rxSFNyYTw9rLvFv0GyGc.3qU-1729860943-0.0.1.1-%2F
https://sedgwickcountyclerk.douglascous.top/

8 KB
7 KB

126ms
126ms

Document
text/html

2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sedgwickcountyclerk.douglascous.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f1fee02c8d1d6ca403b63dd29ee1e3233dae167341029f145221b0177a34ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sedgwickcountyclerk.douglascous.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: b86EEEP+8yAuzK31WsT1c4cauCr2KUKqB2D7XFlQwO4mBZhDxMl9KWocjfSi7pxxksEh9cD1eex8cjxA5ue7SY2I8vFXniRVqMkYCCHSePJhVlUs2oPREmdhEYeKcTHlO3N4OU6HBOYzYL/XcBey/A==$orZTSwY45YYf9Yj1UTU0+w==
cf-mitigated: challenge
cf-ray: 8d825ce968fc4310-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 25 Oct 2024 12:55:47 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVtlEQ6cfs0nxGsJg%2Faxv5GTh1s0lD5%2BfoWvKKudHf4jKotVhT2baiEGL4JI7S37WP2rSzvjYDxyEYoN6vBthqbyZTC0Hp22cz%2B1wPhYlqcK7wA4kL%2Fsv398dtt%2FUYlEdfJ0AZjB%2BbhUo9aEk5hMffaAJxODnHfZ%2FbkfJ%2BsZRi%2FVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=104513&sent=30&recv=21&lost=0&retrans=0&sent_bytes=14851&recv_bytes=8002&delivery_rate=6032&cwnd=12000&unsent_bytes=0&cid=8e8433f6447a5140&ts=4283&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, no-cache
cf-ray: 8d825ce8e8404310-EWR
content-length: 167
content-type: text/html
date: Fri, 25 Oct 2024 12:55:47 GMT
location: https://sedgwickcountyclerk.douglascous.top/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 v1 Show response
sedgwickcountyclerk.douglascous.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 104 KB
40 KB 81ms
80ms Script
application/javascript 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sedgwickcountyclerk.douglascous.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d825ce968fc4310
Requested by: Host: sedgwickcountyclerk.douglascous.top
URL: https://sedgwickcountyclerk.douglascous.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0433021220d36a3d2648716867990d24c7e5f69f10787b369c3a4c6d0638542

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sedgwickcountyclerk.douglascous.top/?__cf_chl_rt_tk=bnVve9uQ._6wEzm7fSH6mLa7gL2tLYdUo8sLiI4Eykg-1729860947-1.0.1.1-168b9Mt9f8cFRKmJt2r2njj0ItjKtf_5CPbLx2LbHtk

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96nILD2g6XV8cjgoma2B24K6lwcZE5UvVfjhVnsd3lSPhSWJS1QagreTnBBDs8bDabrKKbhz2Ninpzpm3MaCmmtbWOH4ATDdEhQNC6c9LNuvF9xElTBbJqJ5Yn6O0daB1FFC%2B39ouJZZC1Z6L2bibRtLPV7FkSwx0C6Rm%2BlB67bHpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d825cea6a324310-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=112076&sent=38&recv=26&lost=0&retrans=0&sent_bytes=22392&recv_bytes=8666&delivery_rate=37092&cwnd=12000&unsent_bytes=0&cid=8e8433f6447a5140&ts=4456&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 25 Oct 2024 12:55:47 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare
priority: u=3,i=?0

GET de459f47-94d4-41cd-887a-89b39fab302d
https://sedgwickcountyclerk.douglascous.top/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/ 47 KB
16 KB 246ms
76ms Script
application/javascript 2606:4700::6812:5f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Requested by: Host: sedgwickcountyclerk.douglascous.top
URL: https://sedgwickcountyclerk.douglascous.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d825ce968fc4310
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://sedgwickcountyclerk.douglascous.top
Referer

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8d825ced1b6d72c2-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Oct 2024 12:55:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 23 Oct 2024 21:21:17 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 403 favicon.ico
sedgwickcountyclerk.douglascous.top/ 3 KB
3 KB 77ms
76ms Image
text/html 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sedgwickcountyclerk.douglascous.top/favicon.ico

Requested by

Host: sedgwickcountyclerk.douglascous.top
URL: https://sedgwickcountyclerk.douglascous.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0931650ad9c66af5aed0a2992ff13247980a3f8f8dd498b068c6810180c5b839

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sedgwickcountyclerk.douglascous.top/

Response headers

content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sy9j%2FLklLXEbhZlOTLyo8EdCbiSUZgNyz6dDbMG5GCFp0DmDUwBE8001fuMX3tgXnzvD5dbi01QJgDF61km14dAzhicmLxdYh7HXa1I7WUaiUgRLObh6BppENfrfjBPLYj8iHUbXoTB9Zw0UwpLB7t1jIBiURyI%2BMnSIH2uJjRxtpg%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=76633&sent=74&recv=45&lost=0&retrans=0&sent_bytes=64283&recv_bytes=9869&delivery_rate=245280&cwnd=31200&unsent_bytes=0&cid=8e8433f6447a5140&ts=4723&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Fri, 25 Oct 2024 12:55:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: VHHh2DyFg13Merh06yO2SJxr9bbuXddDBL/tsLQ7QdJE+sJx0gkiVOK2O4SvCItrCXGh+3Ku0AbFjIXXq+q3ZGMXAtKzq3Y+Y4TT7YrypnYA5lDlkkwIiiKj3+LTQgbvhq0u1P6jXGBXctjlICKtuw==$tmjNaZzKxFUw58OvETl0RQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d825cec1c414310-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 9H.N0BWiDpghREJJFpCOBO0fCPXBsWFxAai4dszLGQk-1729860947-1.2.1.1-B98ZIf9uctSQDZW_orC62If8zpM34TTcj4UD4cbuN0x66uP0.oFvY_irGwzp7A0R Show response
sedgwickcountyclerk.douglascous.top/cdn-cgi/challenge-platform/h/b/flow/ov1/286239881:1729858258:Tt_K8qoj4RRu-_nkEljboaC9108TSgSo9FNmpGYQq6w/8d825ce968fc4310/ 13 KB
10 KB 88ms
86ms XHR
text/plain 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sedgwickcountyclerk.douglascous.top/cdn-cgi/challenge-platform/h/b/flow/ov1/286239881:1729858258:Tt_K8qoj4RRu-_nkEljboaC9108TSgSo9FNmpGYQq6w/8d825ce968fc4310/9H.N0BWiDpghREJJFpCOBO0fCPXBsWFxAai4dszLGQk-1729860947-1.2.1.1-B98ZIf9uctSQDZW_orC62If8zpM34TTcj4UD4cbuN0x66uP0.oFvY_irGwzp7A0R
Requested by: Host: sedgwickcountyclerk.douglascous.top
URL: https://sedgwickcountyclerk.douglascous.top/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d825ce968fc4310
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f02a1df61e5fb083e2d10595df5babf3395ba6749d8e223176f072e1e272bb

Request headers

Referer: https://sedgwickcountyclerk.douglascous.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9H.N0BWiDpghREJJFpCOBO0fCPXBsWFxAai4dszLGQk-1729860947-1.2.1.1-B98ZIf9uctSQDZW_orC62If8zpM34TTcj4UD4cbuN0x66uP0.oFvY_irGwzp7A0R

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TWO9AY482IE0rxrQ3bJc2k8qFm8ksefB%2BEcPWeFrkTxI7BTJfKWkqbrDXrZjCBru7h%2F%2BgncIgeEXevdX6r5jQcs69rVS1wcm%2FStoCco55O2weAO7TCSaLe1pUQeBc7%2FwDfpxS0hfB%2Bnub3bazjkgk2DtzYa1T3lH0lShOdKV0lYIDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d825cecdd294310-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=78443&sent=86&recv=54&lost=0&retrans=0&sent_bytes=71909&recv_bytes=15418&delivery_rate=103209&cwnd=31200&unsent_bytes=0&cid=8e8433f6447a5140&ts=4843&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 25 Oct 2024 12:55:47 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: k5GcUseXf6w4nPBkyluVXqAHGKBNupi9SlwK52KROtZeA8fKCVBv3CcZACJI6W4umuwsk62uwsg=$nBAknE3pt/mmgeLW
server: cloudflare
priority: u=1,i

GET 7a1ae566-3068-430c-9145-9a848dc411bf
https://sedgwickcountyclerk.douglascous.top/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t30n1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 15A1 0
0 314ms
89ms Document
text/html 2606:4700::6812:5e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t30n1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8d825cef7fae4393-EWR
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 25 Oct 2024 12:55:48 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 403 favicon.ico
sedgwickcountyclerk.douglascous.top/ 8 KB
7 KB 124ms
124ms Other
text/html 2606:4700:3035::6815:d66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sedgwickcountyclerk.douglascous.top/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:d66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ff712dd4a76dce842afeaa26b8412f0ae97520e2cc9a328ea75c35c7d25911

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sedgwickcountyclerk.douglascous.top/

Response headers

content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2BH9fZW9SJmyatQZBulOhopkR%2FoVs3eIZ7Jnc80oWVrcRY5kutH749TtOEMxdZbb2YvoNXDdVhqj%2FBm%2FH3dzvYEzs8vYiA6eDS6eFGGBL98I%2BGBmV0%2BuS4xI9dPJxCGvhKTzDzCYS2r40HjxzGD%2BLvE%2FaOMPW34HFHEcEYYBROsG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=82554&sent=96&recv=60&lost=0&retrans=0&sent_bytes=81973&recv_bytes=16074&delivery_rate=116929&cwnd=31200&unsent_bytes=0&cid=8e8433f6447a5140&ts=5741&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Fri, 25 Oct 2024 12:55:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: sr55gk+VlHtwpeNagEUT0waTtNF4GF1uyoFgYxz3hHgZFlzGchZTeavCfNv96RxLxfaYlGYCxTE4ABnn40xebqCp0cWU8mFf72F7OhZjYsOfLkQdfiQfD4M4w2+Anf05HtLAYY0SUHzQOyCXJXKmbg==$ld+tZitw6nVJugOaZb6WTg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8d825cf28c434310-EWR
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sedgwickcountyclerk.douglascous.top
URL: blob:https://sedgwickcountyclerk.douglascous.top/de459f47-94d4-41cd-887a-89b39fab302d

Domain: sedgwickcountyclerk.douglascous.top
URL: blob:https://sedgwickcountyclerk.douglascous.top/7a1ae566-3068-430c-9145-9a848dc411bf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.docsend.com/	1970-01-21 09:16:36	Name: _v_ Value: zoE4qiAlVlC4eM0E1Y0faec61CtzEsixQGt5RLi2Dr0d9BZlnMWamx2dFvhhFBStFycy0D5vsAcTD6BkECLfjfJvEsL7Xso0tdo4zA%2FmaMLhE0FwEA%3D%3D--ptYR9%2BnqdHuam5JW--4r1t55P10ZHFeQjIJ42JJw%3D%3D
.docsend.com/	1970-01-21 10:07:00	Name: _us_ Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJZzkyYVdWM1pXUWdaRzlqQmpvR1JWUT0iLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5fdXNfIn19--0a19c6dc51d459746e8b01d901655a78795a6225
.docsend.com/	1969-12-31 23:59:59	Name: _dss_ Value: b5483d1a2e7bb15f8252bd89b4e35643
.sedgwickcountyclerk.douglascous.top/	1970-01-21 00:32:27	Name: __cf_mw_byp Value: .mBBO4kKl7dikXZ.F_1rxSFNyYTw9rLvFv0GyGc.3qU-1729860943-0.0.1.1-/

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sedgwickcountyclerk.douglascous.top/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sedgwickcountyclerk.douglascous.top/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sedgwickcountyclerk.douglascous.top/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sedgwickcountyclerk.douglascous.top/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sedgwickcountyclerk.douglascous.top/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
docsend.com
sedgwickcountyclerk.douglascous.top
sedgwickcountyclerk.douglascous.top
2606:4700:3035::6815:d66
2606:4700::6812:5e29
2606:4700::6812:5f29
3.168.102.108
01dd1f87e7f1311e81b357a31c75843f36075becdf97368e6ffe810d747affe2
0931650ad9c66af5aed0a2992ff13247980a3f8f8dd498b068c6810180c5b839
10f02a1df61e5fb083e2d10595df5babf3395ba6749d8e223176f072e1e272bb
14ff712dd4a76dce842afeaa26b8412f0ae97520e2cc9a328ea75c35c7d25911
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8c0de56b4edb08446a1ea8bf4d6722d482727caee8173f025af42a21be742be5
b4f1fee02c8d1d6ca403b63dd29ee1e3233dae167341029f145221b0177a34ec
c0433021220d36a3d2648716867990d24c7e5f69f10787b369c3a4c6d0638542
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

sedgwickcountyclerk.douglascous.top Open in urlscan Pro 2606:4700:3035::6815:d66 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

85 %HTTPS

75 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

92 kBTransfer

216 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

4 Cookies

5 Console Messages

Security Headers

Indicators

sedgwickcountyclerk.douglascous.top Open in urlscan Pro
2606:4700:3035::6815:d66 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

92 kB
Transfer

216 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!