niyogioffset.com
Open in
urlscan Pro
103.50.161.164
Malicious Activity!
Public Scan
Submission: On December 05 via api from US
Summary
This is the only time niyogioffset.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GoDaddy (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 103.50.161.164 103.50.161.164 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY - PDR) | |
12 | 2.20.21.198 2.20.21.198 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 4 | 23.5.96.76 23.5.96.76 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
24 | 4 |
ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US)
PTR: vps.pointersoft.co.in
niyogioffset.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-21-198.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-96-76.deploy.static.akamaitechnologies.com
events.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
wsimg.com
img1.wsimg.com |
355 KB |
9 |
niyogioffset.com
niyogioffset.com |
1 MB |
4 |
secureserver.net
1 redirects
events.secureserver.net |
3 KB |
24 | 3 |
Domain | Requested by | |
---|---|---|
12 | img1.wsimg.com |
niyogioffset.com
|
9 | niyogioffset.com |
niyogioffset.com
|
4 | events.secureserver.net |
1 redirects
niyogioffset.com
|
24 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.godaddy.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2018-09-25 - 2020-09-25 |
2 years | crt.sh |
*.secureserver.net Starfield Secure Certificate Authority - G2 |
2019-10-22 - 2021-10-22 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://niyogioffset.com/daddy/index.php
Frame ID: 56C3635B5849473CEDA78CB7C4A27C47
Requests: 25 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://events.secureserver.net/image.aspx?timestamp=1575584652903&corrid=1860166374&event_type=page.request&page=%2Fdaddy%2Findex.php&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id=9061cbb2-3ab9-547f-a2d4-b62315b0fc1f&referrer=&vs=visible&rand=184623556&sitename=niyogioffset.com&visitor_guid=3ab9d125-d13e-59ea-be3b-a696f24eb9f5&page_url=http%3A%2F%2Fniyogioffset.com%2Fdaddy%2Findex.php&environment_name=prod HTTP 302
- https://events.secureserver.net/image.aspx?timestamp=1575584652903&corrid=1860166374&event_type=page.request&page=%2Fdaddy%2Findex.php&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=3.6.43&hit_id=9061cbb2-3ab9-547f-a2d4-b62315b0fc1f&referrer=&vs=visible&rand=184623556&sitename=niyogioffset.com&visitor_guid=3ab9d125-d13e-59ea-be3b-a696f24eb9f5&page_url=http%3A%2F%2Fniyogioffset.com%2Fdaddy%2Findex.php&environment_name=prod&CookieTest=1
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
niyogioffset.com/daddy/ |
98 KB 98 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uxfont.woff2
img1.wsimg.com/ux/fonts/uxfont/1.4/ |
13 KB 13 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uxfont-2.woff2
img1.wsimg.com/ux/fonts/uxfont/1.4/ |
28 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Boing-Bold.woff2
img1.wsimg.com/ux/fonts/boing/1.0/ |
28 KB 28 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdsherpa-bold.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdsherpa-regular.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uxcore2.css
niyogioffset.com/daddy/index_files/ |
245 KB 245 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utilityheader.css
niyogioffset.com/daddy/index_files/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tcc.js
niyogioffset.com/daddy/index_files/ |
89 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfill.js
niyogioffset.com/daddy/index_files/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js
niyogioffset.com/daddy/index_files/ |
208 KB 208 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uxcore2.js
niyogioffset.com/daddy/index_files/ |
234 KB 234 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utilityheader.js
niyogioffset.com/daddy/index_files/ |
164 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-panel.js
niyogioffset.com/daddy/index_files/ |
446 KB 446 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.aspx
events.secureserver.net/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gdsherpa-regular.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gdsherpa-bold.woff2
img1.wsimg.com/ux/fonts/sherpa/1.0/ |
25 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcc.min.js
img1.wsimg.com/wrhs-assets/ea64b4085c7bfad76b1465c699d51475/ |
89 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
img1.wsimg.com/poly/v2/ |
222 B 656 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min.js
img1.wsimg.com/wrhs-assets/07ff49f73fd6ce4ee12a346569fbf92e/ |
208 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uxcore2.min.js
img1.wsimg.com/wrhs-assets/60ba5f2afb5a6295fc83da1faa5da920/ |
234 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utilityheader.min.js
img1.wsimg.com/wrhs-assets/a441444ab751a5b4195d874cc29acbe1/ |
164 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pageEvents.aspx
events.secureserver.net/ |
43 B 636 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b.aspx
events.secureserver.net/ |
43 B 636 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GoDaddy (Online)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate boolean| _tccPageReqFired object| _tccInternal object| _analyticsDataLayer object| _expDataLayer object| _trfq object| tcc object| babelHelpers object| ux object| React object| ReactDOM object| PropTypes object| ReactTransitionGroup object| UtilityHeader object| _gaDataLayer function| fire_virtual_page function| fire_virtual_event object| sso object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| iFrameResize5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.niyogioffset.com/ | Name: traffic Value: |
|
.niyogioffset.com/ | Name: pathway Value: 3266ee99-a43f-5a9d-8056-0080cbc2cc40 |
|
.niyogioffset.com/ | Name: visitor Value: vid=3ab9d125-d13e-59ea-be3b-a696f24eb9f5 |
|
.niyogioffset.com/ | Name: fb_sessiontraffic Value: S_TOUCH=&pathway=3266ee99-a43f-5a9d-8056-0080cbc2cc40&V_DATE=&pc=0 |
|
.niyogioffset.com/ | Name: _policy Value: %7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
events.secureserver.net
img1.wsimg.com
niyogioffset.com
103.50.161.164
2.20.21.198
23.5.96.76
141bc659999926e2ab965ab65b08b14de5f719919ab1bd66ff8331a7c4c5b6e5
2c65342c70d6d4776f938b7c77b7c23bef48ca040a277714912a0701b6dc8849
2ed3bfbad14aa95968f7c0ab2e2ad07a7aeb6f090d9d3e71f7a71b715e7583ff
316798ddb9d835066f727ac3af8969a5ca00adfe3b0042c0d8076bc5ab05567e
3a4f81bed00fdc8805daa141c63e028afcf1cd7976d7cb770aeaa80bae1a7e07
49f6c1034e3661e29c5de12d1c97e489565c7d55fec513c2668a57329367e082
4e729cb03aae3843f08d49b187de566cce586da0b384787cc304dbe43a713b70
5b148777bbfc5e30eec3d576f97e98987959597cf51f86ac4ed641a0bf0e042b
692251be1f314fd8c913af0772d47c5882189aed7300f8bb40cc73a7f9af9768
a976c28db56ea7a1e01ccb2b67f9ad923a0cfae8e0be17d0037b29ebb0e6c270
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cad25a56214f7c5e2257ddde5d753a8bf670602c380f4aac96069b91d9ffeefa
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
e3202572b8f9401cb142f5a5390d46c555972877b2b5efb6125b0cd60f7e0524
ea220ee7bf407833a92b004c75f284f7313f8bff65a52128adf0ea8981421def
ee9581e902a1c713fb058cce745cad969c58e0e738bb8137952f694ebb875af2
ff2b18fa1e758d5d886fd13dba0187c707ac8c8c8cacbab8b8e80d2da6aa5782