hssco5.com Open in urlscan Pro
162.0.209.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bjournal.com/?ads_click=1&data=5857-5850-5854-5856-1&nonce=0cdf98d30e&redir=https%253A%252F%252Fhssco5.com%25...
Effective URL:
https://hssco5.com/mzlaoq/22cd162fc562b2c/
Submission: On January 21 via manual (January 21st 2023, 12:24:02 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 162.0.209.226, located in United States and belongs to NAMECHEAP-NET, US. The main domain is hssco5.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 14th 2022. Valid for: a year.

This is the only time hssco5.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.138.69.25 34.138.69.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 13	162.0.209.226 162.0.209.226	22612 (NAMECHEAP...) (NAMECHEAP-NET)
11	1

1 34.138.69.25 (North Charleston, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.69.138.34.bc.googleusercontent.com

bjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 162.0.209.226 (United States) 2 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: business97-3.web-hosting.com

hssco5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	hssco5.com 2 redirects hssco5.com	178 KB
1	bjournal.com 1 redirects bjournal.com	206 B
11	2

	Domain	Requested by
13	hssco5.com	2 redirects hssco5.com
1	bjournal.com	1 redirects
11	2

This site contains no links.

Subject Issuer	Validity	Valid
hssco5.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-14` - `2023-02-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://hssco5.com/mzlaoq/22cd162fc562b2c/
Frame ID: 46E3945D5CFE2AC26BB16F3DA05B51D0
Requests: 10 HTTP requests in this frame

Frame: https://hssco5.com/mzlaoq/assets/prefetch.html
Frame ID: 6F794AEC7D92542DB1372A9DC6B8C8B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://bjournal.com/?ads_click=1&data=5857-5850-5854-5856-1&nonce=0cdf98d30e&redir=https%253A%25... HTTP 302
https://hssco5.com/mzlaoq HTTP 301
https://hssco5.com/mzlaoq/ HTTP 302
https://hssco5.com/mzlaoq/22cd162fc562b2c/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

177 kB
Transfer

211 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bjournal.com/?ads_click=1&data=5857-5850-5854-5856-1&nonce=0cdf98d30e&redir=https%253A%252F%252Fhssco5.com%252Fmzlaoq HTTP 302
https://hssco5.com/mzlaoq HTTP 301
https://hssco5.com/mzlaoq/ HTTP 302
https://hssco5.com/mzlaoq/22cd162fc562b2c/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hssco5.com/mzlaoq/22cd162fc562b2c/
Redirect Chain

https://bjournal.com/?ads_click=1&data=5857-5850-5854-5856-1&nonce=0cdf98d30e&redir=https%253A%252F%252Fhssco5.com%252Fmzlaoq
https://hssco5.com/mzlaoq
https://hssco5.com/mzlaoq/
https://hssco5.com/mzlaoq/22cd162fc562b2c/

203 KB
51 KB

456ms
456ms

Document
text/html

162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov / PHP/7.4.33

Resource Hash

f68d1762e067c25b07eceed2203661ea4998bd3867ab50e0be054a1ce12633df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 00:23:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host: www.fbi.gov
origin: https://www.fbi.gov
pragma: no-cache
referer: https://www.fbi.gov
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
server: www.fbi.gov
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type: nosniff
x-content-type-options: nosniff
x-forwarded-host: www.fbi.gov
x-forwarded-proto: https
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
x_forwarded_for: 104.16.77.187

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
content-length: 8
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 00:23:56 GMT
host: www.fbi.gov
location: 22cd162fc562b2c/
origin: https://www.fbi.gov
referer: https://www.fbi.gov
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
server: www.fbi.gov
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type: nosniff
x-content-type-options: nosniff
x-forwarded-host: www.fbi.gov
x-forwarded-proto: https
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
x_forwarded_for: 104.16.77.187

GET
H2 200 /
hssco5.com/mzlaoq/22cd162fc562b2c/ 0
51 KB 339ms
338ms Other
text/html 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/22cd162fc562b2c/

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:23:57 GMT
content-encoding: br
origin: https://www.fbi.gov
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
x-forwarded-proto: https
x-xss-protection: 1; mode=block
x-content-type: nosniff
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
server: www.fbi.gov
x_forwarded_for: 104.16.77.187
host: www.fbi.gov
x-forwarded-host: www.fbi.gov
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
referer: https://www.fbi.gov
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 404 ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
hssco5.com/mzlaoq/assets/ 0
0 353ms
353ms Script
text/html 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
Origin: https://hssco5.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 00:23:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
content-length: 1238
x-xss-protection: 1; mode=block

GET
H2 200 logos.svg
hssco5.com/mzlaoq/assets/img/ 4 KB
2 KB 183ms
183ms Image
image/svg+xml 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hssco5.com/mzlaoq/assets/img/logos.svg

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:23:58 GMT
content-encoding: br
origin: https://www.fbi.gov
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-forwarded-proto: https
content-length: 1369
x-xss-protection: 1; mode=block
x-content-type: nosniff
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
last-modified: Tue, 09 Mar 2021 03:33:34 GMT
server: www.fbi.gov
x_forwarded_for: 104.16.77.187
host: www.fbi.gov
x-forwarded-host: www.fbi.gov
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
referer: https://www.fbi.gov
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 Jan 2023 00:23:58 GMT

GET
H2 200 sec.svg
hssco5.com/mzlaoq/assets/img/ 2 KB
1 KB 182ms
182ms Image
image/svg+xml 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hssco5.com/mzlaoq/assets/img/sec.svg

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov /

Resource Hash

8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:23:58 GMT
content-encoding: br
origin: https://www.fbi.gov
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-forwarded-proto: https
content-length: 561
x-xss-protection: 1; mode=block
x-content-type: nosniff
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
last-modified: Tue, 09 Mar 2021 05:30:42 GMT
server: www.fbi.gov
x_forwarded_for: 104.16.77.187
host: www.fbi.gov
x-forwarded-host: www.fbi.gov
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
referer: https://www.fbi.gov
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 Jan 2023 00:23:58 GMT

GET
H2 404 ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
hssco5.com/mzlaoq/assets/ 0
0 183ms
183ms Script
text/html 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
Origin: https://hssco5.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 00:23:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
content-length: 1238
x-xss-protection: 1; mode=block

GET
H2 200 css.css
hssco5.com/mzlaoq/assets/css/ 0
17 KB 185ms
184ms Other
text/css 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/assets/css/css.css

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:23:58 GMT
content-encoding: br
origin: https://www.fbi.gov
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-forwarded-proto: https
content-length: 17075
x-xss-protection: 1; mode=block
x-content-type: nosniff
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
last-modified: Tue, 09 Mar 2021 03:33:32 GMT
server: www.fbi.gov
x_forwarded_for: 104.16.77.187
host: www.fbi.gov
x-forwarded-host: www.fbi.gov
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
referer: https://www.fbi.gov
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 Jan 2023 00:23:58 GMT

GET
H2 200 bk.svg
hssco5.com/mzlaoq/assets/img/ 2 KB
1 KB 183ms
183ms Image
image/svg+xml 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hssco5.com/mzlaoq/assets/img/bk.svg

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov /

Resource Hash

0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:23:58 GMT
content-encoding: br
origin: https://www.fbi.gov
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-forwarded-proto: https
content-length: 626
x-xss-protection: 1; mode=block
x-content-type: nosniff
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
last-modified: Tue, 09 Mar 2021 04:50:00 GMT
server: www.fbi.gov
x_forwarded_for: 104.16.77.187
host: www.fbi.gov
x-forwarded-host: www.fbi.gov
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
referer: https://www.fbi.gov
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 28 Jan 2023 00:23:58 GMT

GET
H2 404 prefetch.html Show response
hssco5.com/mzlaoq/assets/ Frame 6F79 1 KB
2 KB 183ms
182ms Document
text/html 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/assets/prefetch.html

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238
content-type: text/html
date: Sat, 21 Jan 2023 00:23:58 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 404 ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download
hssco5.com/mzlaoq/assets/ 0
0 183ms
182ms Script
text/html 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
Origin: https://hssco5.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 00:23:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
content-length: 1238
x-xss-protection: 1; mode=block

GET
H2 200 /
hssco5.com/mzlaoq/22cd162fc562b2c/ 0
51 KB 266ms
266ms Other
text/html 162.0.209.226
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://hssco5.com/mzlaoq/22cd162fc562b2c/

Requested by

Host: hssco5.com
URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.0.209.226 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business97-3.web-hosting.com

Software

www.fbi.gov / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hssco5.com/mzlaoq/22cd162fc562b2c/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:23:58 GMT
content-encoding: br
origin: https://www.fbi.gov
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-powered-by: PHP/7.4.33
x-forwarded-proto: https
x-xss-protection: 1; mode=block
x-content-type: nosniff
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
remote_addr: 104.16.77.187
server: www.fbi.gov
x_forwarded_for: 104.16.77.187
host: www.fbi.gov
x-forwarded-host: www.fbi.gov
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
referer: https://www.fbi.gov
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hssco5.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1952b5ce35d6501d0e4fa5074618d049

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/ Message: Refused to execute script from 'https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/ Message: Refused to execute script from 'https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://hssco5.com/mzlaoq/assets/prefetch.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://hssco5.com/mzlaoq/22cd162fc562b2c/ Message: Refused to execute script from 'https://hssco5.com/mzlaoq/assets/ConvergedLogin_PCore_FZ20atAlhirHa_737xNftg2.js.download' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bjournal.com
hssco5.com
162.0.209.226
34.138.69.25
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f68d1762e067c25b07eceed2203661ea4998bd3867ab50e0be054a1ce12633df

hssco5.com Open in urlscan Pro 162.0.209.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

177 kBTransfer

211 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

7 Console Messages

Security Headers

Indicators

hssco5.com Open in urlscan Pro
162.0.209.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

177 kB
Transfer

211 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!