https://uas2.scots-connect.com/aos/sco/login/scologin.bns
209.99.184.105 · HostRoyale Technologies
Zurich, Switzerland
0 days ⚠
200 · 15.0s
Valid· YR2, Let's Encrypt, US
COMPLETED
Registered-domain escalation
Submit scots-connect.com as the primary IOC, enriched with evidence from hostile subdomains like uas2.scots-connect.com.
No KB/IOK detections were recorded for this scan.
technology | finance | ecommerce | other · 7/19/2026
The page at https://uas2.scots-connect.com/aos/sco/login/scologin.bns presents a generic message stating the site is under development. The HTML shows no login form or credential fields, and the screenshot indicates no recognizable branding from a known service. SSL certificate is valid from Let’s Encrypt for a new domain, and the domain age is 0 days. Network requests are minimal and do not reveal credential collection endpoints. Given the lack of first-party brand signals and the presence of a development notice, there is insufficient evidence of credential phishing or abuse from the page content alone, though the fresh domain and abuse-prevalent registrar raise risk concerns.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 1
Hosts: 1
Domains: 1
The scan shows a newly created domain under a subdomain structure not obviously tied to a known brand. The page content is a generic development notice with no login or data entry surfaces, and no explicit impersonation signals in the visible HTML. However, the combination of a brand-agnostic placeholder page, a brand-new domain, and a Let’s Encrypt certificate on a likely non-brand domain warrants caution and monitoring. If later pages attempt credential collection or clone a recognizable brand, it would constitute phishing. At present, the evidence does not confirm credential theft or impersonation, but the risk indicators (new domain age, potential abuse-prevalent registrar) justify continued vigilance.
Monitor