URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Submission Tags: @phishunt_io
Submission: On December 15 via api from ES

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 209.59.137.124, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is sf13.temp-net.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 9th 2020. Valid for: 3 months.
This is the only time sf13.temp-net.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
7 209.59.137.124 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
8 2
Apex Domain
Subdomains
Transfer
7 temp-net.com
sf13.temp-net.com
426 KB
1 googleapis.com
fonts.googleapis.com
646 B
8 2
Domain Requested by
7 sf13.temp-net.com sf13.temp-net.com
1 fonts.googleapis.com sf13.temp-net.com
8 2

This site contains links to these domains. Also see Links.

Domain
www.clickandstor.com
Subject Issuer Validity Valid
sf13.temp-net.com
cPanel, Inc. Certification Authority
2020-12-09 -
2021-03-09
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Frame ID: 156C45E5C867EDEA20D6F8E274AE13D0
Requests: 8 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

426 kB
Transfer

1355 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wp-signup.php
sf13.temp-net.com/
87 KB
24 KB
Document
General
Full URL
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
93ccc8e15ad325f01fa3b219b98a9545069fb824d681b0c55f7974a043d50481

Request headers

:method
GET
:authority
sf13.temp-net.com
:scheme
https
:path
/wp-signup.php?new=www.applebrookrvparks.live
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:22 GMT
server
Apache
x-pingback
https://sf13.temp-net.com/xmlrpc.php
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/
2 KB
646 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 19:32:30 GMT
server
ESF
date
Tue, 15 Dec 2020 20:40:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Dec 2020 20:40:22 GMT
header-7656e7c43a19df52997877dbb69f74750d72c543.min.css
sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/
349 KB
63 KB
Stylesheet
General
Full URL
https://sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/header-7656e7c43a19df52997877dbb69f74750d72c543.min.css
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
a511e34cca9c24aef17ea0e6bafbc0fa72e34016ffc7af058cecc12244815488

Request headers

Referer
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 23:05:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 14 Jan 2021 20:40:22 GMT
header-2fabc4befd4a0f9580cb0ab15c42995df0c17a50.min.js
sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/
723 KB
223 KB
Script
General
Full URL
https://sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/header-2fabc4befd4a0f9580cb0ab15c42995df0c17a50.min.js
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
eea07ecc77ed2e8d35b2af866cada6fee6140a7db2bed33d0390e711d24d5cf6

Request headers

Referer
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 23:05:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 14 Jan 2021 20:40:22 GMT
acme-logo2.jpg
sf13.temp-net.com/wp-content/uploads/
8 KB
8 KB
Image
General
Full URL
https://sf13.temp-net.com/wp-content/uploads/acme-logo2.jpg
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
d3cd0a80228c5a3c5ae789647502c0fa19a5245a31285e7016c456e4aadc4c48

Request headers

Referer
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:23 GMT
last-modified
Fri, 04 Aug 2017 14:55:28 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8049
expires
Thu, 14 Jan 2021 20:40:23 GMT
accessibility-48.jpg
sf13.temp-net.com/wp-content/plugins/wp-accessibility-helper/assets/images/
2 KB
2 KB
Image
General
Full URL
https://sf13.temp-net.com/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
cbfbe8067fa989262a4cc96558f10686f87c40da2d1cd6f96b01770ac3d7d424

Request headers

Referer
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:23 GMT
last-modified
Mon, 14 Dec 2020 13:47:57 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1581
expires
Thu, 14 Jan 2021 20:40:23 GMT
footer-08e6c6b99ec3b4c922821e93e2c126e7c5d105da.min.js
sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/
109 KB
30 KB
Script
General
Full URL
https://sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/footer-08e6c6b99ec3b4c922821e93e2c126e7c5d105da.min.js
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
0fd4bdc6c134beb1455bb7cf50857d099bcbed6f509ec34285c6b991493c2faa

Request headers

Referer
https://sf13.temp-net.com/wp-signup.php?new=www.applebrookrvparks.live
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:23 GMT
content-encoding
gzip
last-modified
Mon, 14 Dec 2020 23:05:15 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30425
expires
Thu, 14 Jan 2021 20:40:23 GMT
fontawesome-webfont.woff2
sf13.temp-net.com/wp-content/plugins/better-font-awesome/vendor/mickey-kay/better-font-awesome-library/lib/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://sf13.temp-net.com/wp-content/plugins/better-font-awesome/vendor/mickey-kay/better-font-awesome-library/lib/font-awesome/fonts/fontawesome-webfont.woff2
Requested by
Host: sf13.temp-net.com
URL: https://sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/header-7656e7c43a19df52997877dbb69f74750d72c543.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.59.137.124 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
privatecloudvmlinux4.storagegroupinc.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://sf13.temp-net.com
Referer
https://sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/header-7656e7c43a19df52997877dbb69f74750d72c543.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 20:40:23 GMT
content-encoding
gzip
last-modified
Tue, 22 Sep 2020 17:54:08 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff2
cache-control
max-age=172800
accept-ranges
bytes
expires
Thu, 17 Dec 2020 20:40:23 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| fvmuag function| cQuery function| VectorCanvas function| ColorScale function| JQVMap object| SHARED object| EasyAutocomplete object| USERS object| LOGIN undefined| resizeMonitor object| CART object| MAP object| SUPPLIES object| FOOBOX function| numberpicker function| candeeCalendar function| doneResizing function| doFiltersButtonUpdate function| initExpanders function| quick_reserve function| openCity undefined| $ function| jQuery object| noUiSlider function| Noty function| Hammer function| moment object| FooBox string| ajaxurl string| ajaxnonce object| candee_js_variables function| docReady object| deferInteraction___ids function| deferInteraction object| wpcf7 object| paginationBottom object| pagination object| monkeyList function| setContrastCookie function| removeAllCookies function| wah_font_resizer function| List function| ListPagination function| Cookies object| wp object| $buoop

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://sf13.temp-net.com/wp-content/uploads/cache/fvm/1607986927/out/header-2fabc4befd4a0f9580cb0ab15c42995df0c17a50.min.js(Line 12)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2