urlscan.io logo urlscan.io
SecurityTrails logo

msoft_docusign_verification_secured-doc_office.zatrdg.com Open in urlscan Pro
208.91.198.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-...
Effective URL: https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
Submission: On August 02 via manual from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 208.91.198.96, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is msoft_docusign_verification_secured-doc_office.zatrdg.com.
TLS certificate: Issued by R11 on July 23rd 2024. Valid for: 3 months.
This is the only time msoft_docusign_verification_secured-doc_office.zatrdg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.236.52.150 15456 (INTERNETX-AS)
2 208.91.198.96 46606 (UNIFIEDLA...)
1 172.67.187.19 13335 (CLOUDFLAR...)
1 23.48.23.154 20940 (AKAMAI-ASN1)
4 3
Apex Domain
Subdomains		 Transfer
2 zatrdg.com
msoft_docusign_verification_secured-doc_office.zatrdg.com
2 KB
1 freepik.com
img.freepik.com — Cisco Umbrella Rank: 32680
4 KB
1 mailmeteor.com
mailmeteor.com — Cisco Umbrella Rank: 840091
64 KB
1 link.at
link.at
365 B
4 4
Domain Requested by
2 msoft_docusign_verification_secured-doc_office.zatrdg.com
1 img.freepik.com msoft_docusign_verification_secured-doc_office.zatrdg.com
1 mailmeteor.com msoft_docusign_verification_secured-doc_office.zatrdg.com
1 link.at 1 redirects
4 4

This site contains no links.

Subject Issuer Validity Valid
zatrdg.com
R11		 2024-07-23 -
2024-10-21		 3 months crt.sh
mailmeteor.com
E5		 2024-07-09 -
2024-10-07		 3 months crt.sh
*.freepik.com
E5		 2024-06-13 -
2024-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
Frame ID: A212A6CBBED7AFE050A22102895BC24C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm Your Email

Page URL History Show full URLs

  1. http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_V... HTTP 307
    https://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_V... HTTP 307
    http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_V... HTTP 302
    https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

71 kB
Transfer

74 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico HTTP 307
    https://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico HTTP 307
    http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico HTTP 302
    https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lrico
msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/
Redirect Chain
  • http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpm...
  • https://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxp...
  • http://link.at/phpnew/adclick.php?bannerid=1&zoneid=0&source=&dest=https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpm...
  • https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.91.198.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
bh-1.webhostbox.net
Software
Apache /
Resource Hash
16122d29e89d305169eebed766b7a5bfa300490a91ea0b8e4fcf6dfb65927524

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
content-encoding
gzip
content-length
1848
content-type
text/html
date
Fri, 02 Aug 2024 17:49:19 GMT
expires
Sun, 01 Sep 2024 17:49:19 GMT
last-modified
Fri, 02 Aug 2024 09:25:05 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html
Date
Fri, 02 Aug 2024 17:49:17 GMT
Keep-Alive
timeout=15, max=100
Location
https://MSOFT_DOCUSIGN_VERIFICATION_SECURED-DOC_OFFICE.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
Server
Apache
X-Powered-By
PHP/5.2.12-pl0-gentoo
Microsoft_Office_Teams_Logo_512px.png
mailmeteor.com/logos/assets/PNG/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mailmeteor.com/logos/assets/PNG/Microsoft_Office_Teams_Logo_512px.png
Requested by
Host: msoft_docusign_verification_secured-doc_office.zatrdg.com
URL: https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2eba449921f564d11a225f0b4aba09fb91c4e178a269503f9bafdeffa8651e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mailmeteor.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://msoft_docusign_verification_secured-doc_office.zatrdg.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 17:49:19 GMT
content-security-policy
frame-ancestors 'self' *.mailmeteor.com
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=2592000
age
6255
alt-svc
h3=":443"; ma=86400
content-length
65321
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"a828c88c16285576ea57dafa5bb46034"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToMjM9nlT4pjjPe62H3rXgDEWkn031zRXbMoTqDp6Ggr7jtG%2FTyQtLsI89AF2B1Mj%2BkKg%2BYWKFuZWqTkSrPDeQyqgM500PhnWMUHq5majuJP9%2B1kKgIh0P5sX%2BbrvXFYWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8acfe764b93a5b5b-VIE
dark-blue-wall-empty-room-with-concrete-floor_53876-74938.jpg
img.freepik.com/free-photo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.freepik.com/free-photo/dark-blue-wall-empty-room-with-concrete-floor_53876-74938.jpg
Requested by
Host: msoft_docusign_verification_secured-doc_office.zatrdg.com
URL: https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6c7cb702c4917972a6aa0bf3ac6cbae3fac0a24b25a29d1088e27f86abd786f

Request headers

Referer
https://msoft_docusign_verification_secured-doc_office.zatrdg.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 17:49:19 GMT
last-modified
Thu, 13 Jun 2024 09:26:31 GMT
etag
"95e31069ba23c658153511722e372350"
content-type
image/avif
cache-control
private, no-transform, max-age=604800
x-robots-tag
noimageai
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
4067
expires
Fri, 09 Aug 2024 17:49:19 GMT
favicon.ico
msoft_docusign_verification_secured-doc_office.zatrdg.com/ 		583 B
410 B 		Other
General
Check archive.org
Download Go to
Full URL
https://msoft_docusign_verification_secured-doc_office.zatrdg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.91.198.96 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
bh-1.webhostbox.net
Software
Apache /
Resource Hash
50e0767f2731da7ddb56d719dc85a7f830c4a860d8f09d0f25401d3dc7097d7d

Request headers

Referer
https://msoft_docusign_verification_secured-doc_office.zatrdg.com/teams-voicemail11/nbzmutccrhxxdqrbfahhcgjerqqmjvdmbzuqnfktkvpxpmqjgn/lrico
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 17:49:19 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 22:07:05 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
355

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getEmailList function| proceed function| isValidEmail function| getRandomWiki

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://msoft_docusign_verification_secured-doc_office.zatrdg.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()