hendersonlawfirmnj.com Open in urlscan Pro
62.3.51.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hendersonlawfirmnj.com/
Effective URL:
https://hendersonlawfirmnj.com/
Submission: On April 29 via manual (April 29th 2024, 12:27:04 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 62.3.51.131, located in St Louis, United States and belongs to CYBERCON, US. The main domain is hendersonlawfirmnj.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 29th 2024. Valid for: 3 months.

This is the only time hendersonlawfirmnj.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cox (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
17	62.3.51.131 62.3.51.131		7393 (CYBERCON) (CYBERCON)
19	2

17 62.3.51.131 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: server.dfiproductions.com

hendersonlawfirmnj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	hendersonlawfirmnj.com hendersonlawfirmnj.com	3 MB
0	cox.com Failed webcdn2.cox.com Failed
19	2

	Domain	Requested by
17	hendersonlawfirmnj.com	hendersonlawfirmnj.com
0	webcdn2.cox.com Failed	hendersonlawfirmnj.com
19	2

This site contains links to these domains. Also see Links.

Domain
www.cox.com

Subject Issuer	Validity	Valid
hendersonlawfirmnj.com cPanel, Inc. Certification Authority	`2024-03-29` - `2024-06-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hendersonlawfirmnj.com/
Frame ID: 914BBC63151416B1F6E709DF3D050F87
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cox Account Login

Page URL History Show full URLs

http://hendersonlawfirmnj.com/ HTTP 307
https://hendersonlawfirmnj.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3294 kB
Transfer

3290 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cox.com/myprofile/forgot-userid.html?finalview=
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://www.cox.com/myprofile/forgot-password.html?finalview=
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://www.cox.com/resaccount/home.html
Title: My Account

Search URL Search Domain Scan URL

URL: https://www.cox.com/residential/support/internet.html
Title: Email Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hendersonlawfirmnj.com/ HTTP 307
https://hendersonlawfirmnj.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hendersonlawfirmnj.com/ Redirect Chain http://hendersonlawfirmnj.com/ https://hendersonlawfirmnj.com/	23 KB 24 KB	421ms 212ms	Document text/html	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / PHP/5.6.40 Resource Hash `ae821b0938fc5382b266b1da745547462a2c11c0da4d0479dc604cb42d9e8086` Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Mon, 29 Apr 2024 12:26:57 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked X-Powered-By PHP/5.6.40 Redirect headers Location https://hendersonlawfirmnj.com/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	okta-sign-in.min.css hendersonlawfirmnj.com/img/	211 KB 211 KB	175ms 58ms	Stylesheet text/css	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/okta-sign-in.min.css Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `45ff73f2652c6160426a2c2f32c3f694c07826215a5a1f03138b1552752fc8fd` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 20:00:42 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 215931
GET H/1.1	200 OK	flex-presentation.css hendersonlawfirmnj.com/img/	169 KB 170 KB	175ms 58ms	Stylesheet text/css	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/flex-presentation.css Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `399402682485a68164f68cc1f78ca971927f47d7abafde0be55977362ee4bc1c` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 19:54:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 173434
GET H/1.1	200 OK	cox-residential-aemapp.css hendersonlawfirmnj.com/img/	410 KB 410 KB	178ms 60ms	Stylesheet text/css	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/cox-residential-aemapp.css Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `8e061557686949a092d33445f343c2fae9ec38c644c270cd5c2d77ef4fa8b201` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 19:46:50 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 419655
GET H/1.1	200 OK	flex2text-styles.min.css hendersonlawfirmnj.com/img/	5 KB 5 KB	175ms 57ms	Stylesheet text/css	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/flex2text-styles.min.css Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `369807935ebc9f96563ca6f59cdabd9e8c20d7b632f704a2718089b244d780c6` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 19:47:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5237
GET H/1.1	200 OK	overrides.min.css hendersonlawfirmnj.com/img/	49 KB 49 KB	176ms 58ms	Stylesheet text/css	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/overrides.min.css Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `37ef64ab427183eabe011ce96edeb6dcb0cf5757e7a7dd6b178414e3b3b15440` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 20:04:40 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 49746
GET H/1.1	200 OK	line.css hendersonlawfirmnj.com/img/	9 KB 10 KB	179ms 60ms	Stylesheet text/css	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/line.css Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `778914f327dfaf86c70fa8cccd70c138bdda3257a81de1d989f1851f4ea1eaf3` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 22:22:24 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9588
GET H/1.1	200 OK	jquery.js Show response hendersonlawfirmnj.com/img/	235 KB 235 KB	234ms 59ms	Script application/javascript	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/jquery.js Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `d1d05e599f94582eb6c8d853fc2e93118ae92f919a0df5c88b320e16e7b6ec9f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 18:50:42 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 240309
GET H/1.1	200 OK	okta-sign-in.min.js Show response hendersonlawfirmnj.com/img/	2 MB 2 MB	239ms 60ms	Script application/javascript	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/okta-sign-in.min.js Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `21f63978c90e1d95cd913babc7371b9a803616bab683db09d42e2b7194584f5e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 20:02:50 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2099118
GET H/1.1	200 OK	okta-login-mail.js Show response hendersonlawfirmnj.com/	23 KB 24 KB	381ms 91ms	Script text/html	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/okta-login-mail.js Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / PHP/5.6.40 Resource Hash `9b6b11750e611c317b9d3f2ca97ac15502c8230b43250b3169fb4f11ca8a4ce7` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.6.40 Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	shield-keyhole.svg hendersonlawfirmnj.com/img/	3 KB 3 KB	61ms 61ms	Image image/svg+xml	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Show image Full URL https://hendersonlawfirmnj.com/img/shield-keyhole.svg Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `94fef297efe599f43e614bb422c319590cdcd221422516d454a73a754d689d58` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:58 GMT Last-Modified Sun, 10 Oct 2021 18:58:36 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2797
GET H/1.1	200 OK	cox_logo.png hendersonlawfirmnj.com/img/	2 KB 2 KB	77ms 76ms	Image image/png	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Show image Full URL https://hendersonlawfirmnj.com/img/cox_logo.png Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/img/line.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/img/line.css Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:59 GMT Last-Modified Sun, 10 Oct 2021 18:50:04 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1865
GET		montserrat-light-webfont.woff webcdn2.cox.com/ui/presentation/tsw/font/	0 0

GET H/1.1	200 OK	OpenSans-Semibold-webfont.woff hendersonlawfirmnj.com/img/fonts/	23 KB 24 KB	152ms 152ms	Font text/html	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/fonts/OpenSans-Semibold-webfont.woff Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/img/flex-presentation.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / PHP/5.6.40 Resource Hash `33953e6d6e0f5fb266060c143536b679b6c2f0a6e095eca4751bf7d77ec2fc2c` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/img/flex-presentation.css Origin https://hendersonlawfirmnj.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:59 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.6.40 Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	OpenSans-Regular-webfont.woff hendersonlawfirmnj.com/img/fonts/	23 KB 24 KB	151ms 150ms	Font text/html	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/fonts/OpenSans-Regular-webfont.woff Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/img/flex-presentation.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / PHP/5.6.40 Resource Hash `5b74e89d9e5eff3b0e5f75a4855c390677059cf01374ddf67900f0edfb640440` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/img/flex-presentation.css Origin https://hendersonlawfirmnj.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:26:59 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.6.40 Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	OpenSans-Semibold-webfont.ttf hendersonlawfirmnj.com/img/fonts/	23 KB 24 KB	91ms 90ms	Font text/html	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/fonts/OpenSans-Semibold-webfont.ttf Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/img/flex-presentation.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / PHP/5.6.40 Resource Hash `9ce2abdf257772676a6d5980cf3d05b8af1d1319838b88fa05f4d8341182b701` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/img/flex-presentation.css Origin https://hendersonlawfirmnj.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:27:00 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.6.40 Keep-Alive timeout=5, max=97 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	OpenSans-Regular-webfont.ttf hendersonlawfirmnj.com/img/fonts/	23 KB 24 KB	87ms 87ms	Font text/html	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/fonts/OpenSans-Regular-webfont.ttf Requested by Host: hendersonlawfirmnj.com URL: https://hendersonlawfirmnj.com/img/flex-presentation.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / PHP/5.6.40 Resource Hash `61f4a6c1c413f2a7b4edf323b57c79cb0c22d940fbee7cfd6af7077217611f5d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/img/flex-presentation.css Origin https://hendersonlawfirmnj.com Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:27:00 GMT Server Apache Connection Keep-Alive X-Powered-By PHP/5.6.40 Keep-Alive timeout=5, max=97 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET		montserrat-light-webfont.ttf webcdn2.cox.com/ui/presentation/tsw/font/	0 0

GET H/1.1	200 OK	faviconrebrand.ico hendersonlawfirmnj.com/img/	8 KB 8 KB	59ms 58ms	Other image/x-icon	62.3.51.131 CYBERCON
General Check archive.org Show headers Download Go to Full URL https://hendersonlawfirmnj.com/img/faviconrebrand.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.3.51.131 St Louis, United States, ASN7393 (CYBERCON, US), Reverse DNS server.dfiproductions.com Software Apache / Resource Hash `7506b6707d00a8c8ecb5c5d56098452d885e0dde167ab9e77be7fd826a9b2c17` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://hendersonlawfirmnj.com/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 29 Apr 2024 12:27:00 GMT Last-Modified Sun, 10 Oct 2021 18:45:58 GMT Server Apache Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 8195

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webcdn2.cox.com
URL: https://webcdn2.cox.com/ui/presentation/tsw/font/montserrat-light-webfont.woff

Domain: webcdn2.cox.com
URL: https://webcdn2.cox.com/ui/presentation/tsw/font/montserrat-light-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cox (Telecommunication)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hendersonlawfirmnj.com/ Message: Failed to decode downloaded font: https://hendersonlawfirmnj.com/img/fonts/OpenSans-Semibold-webfont.woff
other	warning	URL: https://hendersonlawfirmnj.com/ Message: OTS parsing error: invalid sfntVersion: -272908534
other	warning	URL: https://hendersonlawfirmnj.com/ Message: Failed to decode downloaded font: https://hendersonlawfirmnj.com/img/fonts/OpenSans-Regular-webfont.woff
other	warning	URL: https://hendersonlawfirmnj.com/ Message: OTS parsing error: invalid sfntVersion: -272908534
javascript	error	URL: https://hendersonlawfirmnj.com/ Message: Access to font at 'https://webcdn2.cox.com/ui/presentation/tsw/font/montserrat-light-webfont.woff' from origin 'https://hendersonlawfirmnj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://webcdn2.cox.com/ui/presentation/tsw/font/montserrat-light-webfont.woff Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hendersonlawfirmnj.com/ Message: Failed to decode downloaded font: https://hendersonlawfirmnj.com/img/fonts/OpenSans-Semibold-webfont.ttf
other	warning	URL: https://hendersonlawfirmnj.com/ Message: OTS parsing error: invalid sfntVersion: -272908534
javascript	error	URL: https://hendersonlawfirmnj.com/ Message: Access to font at 'https://webcdn2.cox.com/ui/presentation/tsw/font/montserrat-light-webfont.ttf' from origin 'https://hendersonlawfirmnj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://webcdn2.cox.com/ui/presentation/tsw/font/montserrat-light-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hendersonlawfirmnj.com/ Message: Failed to decode downloaded font: https://hendersonlawfirmnj.com/img/fonts/OpenSans-Regular-webfont.ttf
other	warning	URL: https://hendersonlawfirmnj.com/ Message: OTS parsing error: invalid sfntVersion: -272908534

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hendersonlawfirmnj.com
webcdn2.cox.com
webcdn2.cox.com
62.3.51.131
21f63978c90e1d95cd913babc7371b9a803616bab683db09d42e2b7194584f5e
33953e6d6e0f5fb266060c143536b679b6c2f0a6e095eca4751bf7d77ec2fc2c
369807935ebc9f96563ca6f59cdabd9e8c20d7b632f704a2718089b244d780c6
37ef64ab427183eabe011ce96edeb6dcb0cf5757e7a7dd6b178414e3b3b15440
399402682485a68164f68cc1f78ca971927f47d7abafde0be55977362ee4bc1c
45ff73f2652c6160426a2c2f32c3f694c07826215a5a1f03138b1552752fc8fd
5b74e89d9e5eff3b0e5f75a4855c390677059cf01374ddf67900f0edfb640440
61f4a6c1c413f2a7b4edf323b57c79cb0c22d940fbee7cfd6af7077217611f5d
7506b6707d00a8c8ecb5c5d56098452d885e0dde167ab9e77be7fd826a9b2c17
778914f327dfaf86c70fa8cccd70c138bdda3257a81de1d989f1851f4ea1eaf3
8e061557686949a092d33445f343c2fae9ec38c644c270cd5c2d77ef4fa8b201
94fef297efe599f43e614bb422c319590cdcd221422516d454a73a754d689d58
9b6b11750e611c317b9d3f2ca97ac15502c8230b43250b3169fb4f11ca8a4ce7
9ce2abdf257772676a6d5980cf3d05b8af1d1319838b88fa05f4d8341182b701
ae821b0938fc5382b266b1da745547462a2c11c0da4d0479dc604cb42d9e8086
d1d05e599f94582eb6c8d853fc2e93118ae92f919a0df5c88b320e16e7b6ec9f
d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175

hendersonlawfirmnj.com Open in urlscan Pro 62.3.51.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

3294 kBTransfer

3290 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

hendersonlawfirmnj.com Open in urlscan Pro
62.3.51.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3294 kB
Transfer

3290 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!