dcm2.eim.ae.iwc.static.shawwebhosting.com Open in urlscan Pro
198.187.31.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
Submission: On September 06 via api (September 6th 2023, 3:06:58 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 198.187.31.68, located in Biddeford, United States and belongs to NAMECHEAP-NET, US. The main domain is dcm2.eim.ae.iwc.static.shawwebhosting.com.

This is the only time dcm2.eim.ae.iwc.static.shawwebhosting.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Etisalat (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
13	198.187.31.68 198.187.31.68		22612 (NAMECHEAP...) (NAMECHEAP-NET)
13	1

13 198.187.31.68 (Biddeford, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business64-1.web-hosting.com

dcm2.eim.ae.iwc.static.shawwebhosting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	shawwebhosting.com dcm2.eim.ae.iwc.static.shawwebhosting.com	232 KB
13	1

	Domain	Requested by
13	dcm2.eim.ae.iwc.static.shawwebhosting.com	dcm2.eim.ae.iwc.static.shawwebhosting.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
Frame ID: 84B027CF8049099E37D8CFDBA492CCBC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

my email - Etisalat Internet Mail

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

232 kB
Transfer

274 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dcm2.eim.ae.iwc.static.shawwebhosting.com/ 6 KB
3 KB 399ms
225ms Document
text/html 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

d08ae1a5e9879201fdfc6127c48a5a6cdf5950a61323d199a7d2a8a75d6e89b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 2119
content-type: text/html; charset=UTF-8
date: Wed, 06 Sep 2023 15:06:53 GMT
keep-alive: timeout=5, max=100
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK login.css
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 6 KB
3 KB 159ms
159ms Stylesheet
text/css 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/login.css

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

4da0187be603e3f0384bc24a966f191d1b45c2dbbf775b4f2c7cddd049b4dc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2019
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK dojo.css
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 5 KB
3 KB 323ms
162ms Stylesheet
text/css 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/dojo.css

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

1aa40741103cc2ceb4542fbc06dbb3f1222600e85366e4f4efb4370af7878d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2151
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK dijit.css
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 33 KB
11 KB 324ms
163ms Stylesheet
text/css 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/dijit.css

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

ecf7d9502f427f28b04679a69a895fa3eb20201784286d3406d9ab5363bfe2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 10786
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK dijit_rtl.css
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 2 KB
1 KB 324ms
163ms Stylesheet
text/css 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/dijit_rtl.css

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

390d21b471d2a4cd63ca6d0434b42939a473732debf4ce5adbacac52af5a4e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 662
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK Button.css
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 4 KB
2 KB 324ms
162ms Stylesheet
text/css 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/Button.css

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

59a41a13f36ad2a9ccd2351e63165078e51bdf08823672dbf907c4b8124b2cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1414
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK DropDownSelect.css
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 8 KB
2 KB 324ms
163ms Stylesheet
text/css 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/DropDownSelect.css

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

56fa40d5dda9fc6e7c3dcbf0f6f07752a0ae297dacfe0afeb7b8a3233a1c930a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1604
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK dojo.js Show response
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/ 6 KB
3 KB 363ms
177ms Script
text/html 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/dojo.js

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

d08ae1a5e9879201fdfc6127c48a5a6cdf5950a61323d199a7d2a8a75d6e89b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
keep-alive: timeout=5, max=100
content-length: 2119
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK background.png
dcm2.eim.ae.iwc.static.shawwebhosting.com/images/ 194 KB
195 KB 174ms
174ms Image
image/png 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/images/background.png

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

e4574f72bcc0faf097629446e330891af258fa805dd5fff4e893e8676fb4b190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 198822
x-xss-protection: 1; mode=block
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK mail.jpg
dcm2.eim.ae.iwc.static.shawwebhosting.com/images/ 2 KB
2 KB 159ms
159ms Image
image/jpeg 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/images/mail.jpg

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

b26e0b522fcb9c25f854e4717d6021dd3701b3718a098c0bd2597b159b13a370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 1935
x-xss-protection: 1; mode=block
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK info.png
dcm2.eim.ae.iwc.static.shawwebhosting.com/images/ 6 KB
6 KB 166ms
165ms Image
text/html 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/images/info.png?3.0.0.0.1_015148

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/login.css

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
keep-alive: timeout=5, max=100
content-length: 2119
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK buttonEnabled.png
dcm2.eim.ae.iwc.static.shawwebhosting.com/css/images/ 120 B
665 B 161ms
160ms Image
image/png 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/images/buttonEnabled.png

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/Button.css

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

64f1cbe67c89a17b9eea56bc7f3152ea647d0e7ad86ae87f458ad64b447aede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/Button.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 120
x-xss-protection: 1; mode=block
expires: Wed, 13 Sep 2023 15:06:53 GMT

GET
H/1.1 200
OK greyband.jpg
dcm2.eim.ae.iwc.static.shawwebhosting.com/images/ 458 B
1004 B 163ms
163ms Image
image/jpeg 198.187.31.68
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://dcm2.eim.ae.iwc.static.shawwebhosting.com/images/greyband.jpg

Requested by

Host: dcm2.eim.ae.iwc.static.shawwebhosting.com
URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/

Protocol

HTTP/1.1

Server

198.187.31.68 Biddeford, United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business64-1.web-hosting.com

Software

LiteSpeed /

Resource Hash

032d7b335e262e88896a199e92afeb10330cdb4296b6aa2027a68218de500444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 15:06:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 10:20:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 458
x-xss-protection: 1; mode=block
expires: Wed, 13 Sep 2023 15:06:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Etisalat (Telecommunication)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://dcm2.eim.ae.iwc.static.shawwebhosting.com/ Message: Refused to execute script from 'http://dcm2.eim.ae.iwc.static.shawwebhosting.com/css/dojo.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dcm2.eim.ae.iwc.static.shawwebhosting.com
198.187.31.68
032d7b335e262e88896a199e92afeb10330cdb4296b6aa2027a68218de500444
1aa40741103cc2ceb4542fbc06dbb3f1222600e85366e4f4efb4370af7878d68
390d21b471d2a4cd63ca6d0434b42939a473732debf4ce5adbacac52af5a4e9f
4da0187be603e3f0384bc24a966f191d1b45c2dbbf775b4f2c7cddd049b4dc8a
56fa40d5dda9fc6e7c3dcbf0f6f07752a0ae297dacfe0afeb7b8a3233a1c930a
59a41a13f36ad2a9ccd2351e63165078e51bdf08823672dbf907c4b8124b2cd5
64f1cbe67c89a17b9eea56bc7f3152ea647d0e7ad86ae87f458ad64b447aede2
b26e0b522fcb9c25f854e4717d6021dd3701b3718a098c0bd2597b159b13a370
d08ae1a5e9879201fdfc6127c48a5a6cdf5950a61323d199a7d2a8a75d6e89b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4574f72bcc0faf097629446e330891af258fa805dd5fff4e893e8676fb4b190
ecf7d9502f427f28b04679a69a895fa3eb20201784286d3406d9ab5363bfe2bb

dcm2.eim.ae.iwc.static.shawwebhosting.com Open in urlscan Pro 198.187.31.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

232 kBTransfer

274 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

dcm2.eim.ae.iwc.static.shawwebhosting.com Open in urlscan Pro
198.187.31.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

232 kB
Transfer

274 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!