surfer20.ddnsgeek.com Open in urlscan Pro
52.90.69.194 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==...
Submission: On July 31 via automatic, source openphish (July 31st 2017, 4:35:59 pm UTC)

Summary HTTP 11 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 52.90.69.194, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is surfer20.ddnsgeek.com.

This is the only time surfer20.ddnsgeek.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	52.90.69.194 52.90.69.194	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
7	204.236.211.26 204.236.211.26	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
11	4

1 52.90.69.194 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-90-69-194.compute-1.amazonaws.com

surfer20.ddnsgeek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 204.236.211.26 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-204-236-211-26.compute-1.amazonaws.com

sst-hub550.rhcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	rhcloud.com sst-hub550.rhcloud.com	71 KB
2	googleapis.com fonts.googleapis.com	390 B
1	gstatic.com fonts.gstatic.com	19 KB
1	ddnsgeek.com surfer20.ddnsgeek.com	2 KB
11	4

	Domain	Requested by
7	sst-hub550.rhcloud.com	surfer20.ddnsgeek.com
2	fonts.googleapis.com	surfer20.ddnsgeek.com
1	fonts.gstatic.com	surfer20.ddnsgeek.com
1	surfer20.ddnsgeek.com
11	4

This site contains links to these domains. Also see Links.

Domain
signup.live.com
account.live.com
login.live.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Frame ID: 13213.1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

11
Requests

0 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

92 kB
Transfer

338 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.live.com/?wa=wsignin1.0&rpsnv=12&ct=1459716348&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&id=64855&cbcxt=mai&bk=1459717664&uiflavor=web&uaid=9bdf363b661840fcb401fcf95c9605d1&mkt=EN-US&lc=1033
Title: Create One!

Search URL Search Domain Scan URL

URL: https://account.live.com/ResetPassword.aspx?wreply=https://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d12%26ct%3d1459716348%26rver%3d6.4.6456.0%26wp%3dMBI_SSL_SHARED%26wreply%3dhttps:%252F%252Fmail.live.com%252Fdefault.aspx%253Frru%253Dinbox%26lc%3d1033%26id%3d64855%26mkt%3den-us%26cbcxt%3dmai%26bk%3d1459717664&id=64855&uiflavor=web&uaid=9bdf363b661840fcb401fcf95c9605d1&mkt=EN-US&lc=1033&bk=1459717664
Title: Forgot my password

Search URL Search Domain Scan URL

URL: https://login.live.com/pp1600/
Title: Sign in with a single-use code

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t Show response
surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/ 6 KB
2 KB 419ms
235ms Document
text/html 52.90.69.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 52.90.69.194 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-90-69-194.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: f2842ce5e85c84cc49d4a1d5217737252c0c91d3c950e97bf45770360480a00d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (Red Hat)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 2293

GET
H/1.1 200
OK normalize.css
sst-hub550.rhcloud.com/hhts/ 8 KB
3 KB 223ms
100ms Stylesheet
text/css 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sst-hub550.rhcloud.com/hhts/normalize.css
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "281651b0-1e76-55149e8380080"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2596

GET
H/1.1 200
OK foundation.css
sst-hub550.rhcloud.com/hhts/ 183 KB
22 KB 229ms
107ms Stylesheet
text/css 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sst-hub550.rhcloud.com/hhts/foundation.css
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 383092b23d8ac142552cc4d56ea71719a2e80e21e72e66aff02f861757a28c3f

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "28002dfa-2db82-55149e8380080"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 22211

GET
H/1.1 200
OK css.css
sst-hub550.rhcloud.com/hhts/ 243 B
183 B 225ms
101ms Stylesheet
text/css 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sst-hub550.rhcloud.com/hhts/css.css
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 1463d517f86a5027f0ebe745d551757e76e20e075578d1b23f84c73e8f9954e2

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "28002df8-f3-55149e8380080"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 183

GET
H/1.1 200
OK css
fonts.googleapis.com/ 246 B
203 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:300

Requested by

Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

a2f1fa09f059aef2de3b0536415104d5cf3551634260b770e32f2558f9adc35d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Mon, 31 Jul 2017 16:35:49 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 223 B
187 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:100

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

23e29817b32015c679270502360a8c8f464af683d92d6a4b5135a34b26f39975

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Mon, 31 Jul 2017 16:35:49 GMT

GET
H/1.1 200
OK jquery.js Show response
sst-hub550.rhcloud.com/hhts/ 83 KB
29 KB 231ms
107ms Script
text/javascript 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sst-hub550.rhcloud.com/hhts/jquery.js
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "281651a7-14a8d-55149e8380080"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 29952

GET
H/1.1 200
OK uiexchange.js Show response
sst-hub550.rhcloud.com/ 13 KB
5 KB 333ms
205ms Script
text/javascript 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sst-hub550.rhcloud.com/uiexchange.js
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "290022b7-3430-55149e8380080"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 4912

GET
H/1.1 200
OK ms.svg
sst-hub550.rhcloud.com/hhts/ 7 KB
7 KB 100ms
100ms Image
image/svg+xml 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sst-hub550.rhcloud.com/hhts/ms.svg
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: bde5e27f76f371121f1955806f1b662f323f3793b079455f5bfe83365a393625

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "281651ab-1c06-55149e8380080"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 7174

GET
H/1.1 200
OK ms_log.svg
sst-hub550.rhcloud.com/hhts/ 5 KB
5 KB 104ms
104ms Image
image/svg+xml 204.236.211.26
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sst-hub550.rhcloud.com/hhts/ms_log.svg
Requested by: Host: surfer20.ddnsgeek.com
URL: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
Protocol: HTTP/1.1
Server: 204.236.211.26 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-204-236-211-26.compute-1.amazonaws.com
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f

Request headers

Referer: http://surfer20.ddnsgeek.com/sect/adeyj1zzuk592cb4e22a7a8/597eead26f43c/cmhzaXVyZWtAdmFpbHJlc29ydHMuY29t?forced=1&tg=bm9uZQ==&s=ZXlKcGRpSTZJa2hqWkRFM1luVkNUV2sxZVVGMlJVNU9NeXN3VjNjOVBTSXNJblpoYkhWbElqb2lTbU53V1dKcFQwRndlRVY1ZVhsNWRtMXFkVlUwWWs5VFUwZFBVRTFKWWx3dlVsZ3laamg0UlZsNVNraFZTbEJDYlhrM1VrVlZTM281TlZKa1MzTTJWbUZMYlZ3dlRHTk1ObXgxYzBWR2VVMWhNV2hJVEhJMFdXVndhbTVGVEhWM1ptZFlXREUwVlZJMWNGVTBLMFpqTlZWY0wySjBlVlkyV0UxTmVuWmxaSHBDYTNSVGVWd3ZORWxoWTBaaGJXVktSMkk1YTJwV1VFOXlkejA5SWl3aWJXRmpJam9pTURBMk9ESTVNV1kzWXpBMFlXRTRORE5qWVdNd1lqSTRZelV4TURoaVlUTTFabVExT1RJd016UTFaamszTnpBME5UQmpNVEUxTUdFNE1UYzNNbVJtTmlKOQ==
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 31 Jul 2017 16:35:49 GMT
Last-Modified: Tue, 06 Jun 2017 12:39:14 GMT
Server: Apache/2.2.15 (Red Hat)
ETag: "281651ac-153b-55149e8380080"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 5435

GET
H/1.1 200
OK Hgo13k-tfSpn0qi1SFdUfaCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/roboto/v16/ 33 KB
19 KB 12ms
6ms Font
font/ttf 2a00:1450:4001:81c::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v16/Hgo13k-tfSpn0qi1SFdUfaCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

3c7e131eb393f829851955a1cd4b6cac3acc15ec35e237b6e24bf219d1e2e03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300
Origin: http://surfer20.ddnsgeek.com

Response headers

Date: Thu, 11 May 2017 02:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 17 Apr 2017 21:21:36 GMT
Server: sffe
Age: 7049385
Vary: Accept-Encoding
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 19435
X-XSS-Protection: 1; mode=block
Expires: Fri, 11 May 2018 02:26:04 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			surfer20.ddnsgeek.com/	2017-07-31 18:35:49	Name: laravel_session Value: eyJpdiI6IlZOWnJYcit5TnZLbG9oSkQ1S05PWnc9PSIsInZhbHVlIjoiWHE1eFFDUGtSOFhJbzVvajhObE8waUx3UTdTSmppSUtOSDdTVmE0R3Fodis0ZDhLYnI1ZjJkOHhaUUZvdHlyZGxmXC9FMElWRkxMWTFuSVNNT3NBQnNnPT0iLCJtYWMiOiI4YjVmM2E3OTFjN2MzYzQ0YWNhYjJmMDAyN2M3YjlhMjJlY2FlYzMwZmM2MTE1MmMwNjJlOTNhMzQyZTE1NmNjIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
sst-hub550.rhcloud.com
surfer20.ddnsgeek.com
204.236.211.26
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
52.90.69.194
0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf
1463d517f86a5027f0ebe745d551757e76e20e075578d1b23f84c73e8f9954e2
23e29817b32015c679270502360a8c8f464af683d92d6a4b5135a34b26f39975
356f7d1241f92c9de9c9cfd0bebb6c10d1b38508a3f37cebc26329c656bad19f
383092b23d8ac142552cc4d56ea71719a2e80e21e72e66aff02f861757a28c3f
3c7e131eb393f829851955a1cd4b6cac3acc15ec35e237b6e24bf219d1e2e03f
a294fb8bca0e3cd0eb2e1b0cb2c7dbb9c939098c8ef8ba572e16e6d7a6752814
a2f1fa09f059aef2de3b0536415104d5cf3551634260b770e32f2558f9adc35d
bde5e27f76f371121f1955806f1b662f323f3793b079455f5bfe83365a393625
f2842ce5e85c84cc49d4a1d5217737252c0c91d3c950e97bf45770360480a00d
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

surfer20.ddnsgeek.com Open in urlscan Pro 52.90.69.194 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

11 Requests

0 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

92 kBTransfer

338 kBSize

1 Cookies

3 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

surfer20.ddnsgeek.com Open in urlscan Pro
52.90.69.194 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

92 kB
Transfer

338 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!