nazory.com
Open in
urlscan Pro
166.62.93.93
Malicious Activity!
Public Scan
Effective URL: https://nazory.com/z21/2/49gzfjvw3ezu8wzbc5kziut8.php?2322DJ15912045686394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a...
Submission: On June 03 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 30th 2020. Valid for: 3 months.
This is the only time nazory.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AOL (Online) Office 365 (Online) Generic (Online) Google (Online) Dropbox (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.28.83.204 52.28.83.204 | 16509 (AMAZON-02) (AMAZON-02) | |
2 20 | 166.62.93.93 166.62.93.93 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
18 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-83-204.eu-central-1.compute.amazonaws.com
linkprotect.cudasvc.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-93-93.ip.secureserver.net
www.nazory.com | |
nazory.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
nazory.com
2 redirects
www.nazory.com nazory.com |
203 KB |
1 |
cudasvc.com
1 redirects
linkprotect.cudasvc.com |
663 B |
18 | 2 |
Domain | Requested by | |
---|---|---|
19 | nazory.com |
1 redirects
nazory.com
|
1 | www.nazory.com | 1 redirects |
1 | linkprotect.cudasvc.com | 1 redirects |
18 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nazory.com Let's Encrypt Authority X3 |
2020-04-30 - 2020-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nazory.com/z21/2/49gzfjvw3ezu8wzbc5kziut8.php?2322DJ15912045686394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed&Official=&Bilamsaeed
Frame ID: 78CBD704A3D027A084DAA671C9EC6EFB
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.nazory.com%2fz21%2f2%2fmncnme.php%3fid%3d91004002&c=...
HTTP 302
https://www.nazory.com/z21/2/mncnme.php?id=91004002 HTTP 301
https://nazory.com/z21/2/mncnme.php?id=91004002 HTTP 302
https://nazory.com/z21/2/49gzfjvw3ezu8wzbc5kziut8.php?2322DJ15912045686394b3c1fb59a4ed1324eee80... Page URL
Detected technologies
OpenSSL (Web Server Extensions) ExpandDetected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.nazory.com%2fz21%2f2%2fmncnme.php%3fid%3d91004002&c=E,1,nTRCqw5ovsLLtYNzf373ToHTdfR6lgHZt2_VsEzevKI4_f_GpYPmZGryhS9prMbOifcVg3MNAXkgsF8oY2-kwz402FsEZTo9TzvOLBiqKa3DGK3Q6tgP0vE,&typo=1
HTTP 302
https://www.nazory.com/z21/2/mncnme.php?id=91004002 HTTP 301
https://nazory.com/z21/2/mncnme.php?id=91004002 HTTP 302
https://nazory.com/z21/2/49gzfjvw3ezu8wzbc5kziut8.php?2322DJ15912045686394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed6394b3c1fb59a4ed1324eee805cb9aed&Official=&Bilamsaeed Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
49gzfjvw3ezu8wzbc5kziut8.php
nazory.com/z21/2/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
featuredcontentglider.js
nazory.com/z21/2/images/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
nazory.com/z21/2/images/ |
56 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
R3WinLive1033.css
nazory.com/z21/2/images/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
featuredcontentglider.css
nazory.com/z21/2/images/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yahoo.css
nazory.com/z21/2/images/ |
778 B 736 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aol.css
nazory.com/z21/2/images/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newcss.css
nazory.com/z21/2/images/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dropbox_logo.png
nazory.com/z21/2/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aol-logo.png
nazory.com/z21/2/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Office_365_logo.png
nazory.com/z21/2/images/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
outlook.png
nazory.com/z21/2/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yahoo.png
nazory.com/z21/2/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
universal_language_settings-21.png
nazory.com/z21/2/images/ |
199 B 577 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in-boulder-vfl2oGV4v.png
nazory.com/z21/2/images/ |
67 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aol-canvas1.jpg
nazory.com/z21/2/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imagesnew.png
nazory.com/z21/2/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yahoo-login-sprite-1.4.png
nazory.com/z21/2/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AOL (Online) Office 365 (Online) Generic (Online) Google (Online) Dropbox (Consumer)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| featuredcontentglider undefined| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nazory.com/ | Name: PHPSESSID Value: 6c079940df936f8307530df54b7a6de1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
linkprotect.cudasvc.com
nazory.com
www.nazory.com
166.62.93.93
52.28.83.204
0e35ffa93d4263582b836622228ff23d4fce6a60a8f68c67c4702d7681152e54
28e75d0a7b89c9b4f233e0d9f967541531c17ca7bbcb5cc4b7b31cfd47859cef
4b7a11a97b985fd15ee8ff724f889bf51ba2356664c8723264c26b54cb8ea534
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
604e1558dc4a80e08e4f41d230afed5ec9afcfef024847ae792dd958750c7b32
6b1af85883b2ab64690488468bf9fb0699b82e0b8c3239129847e726bcd79c1b
73c37bdf590324de38f67e4790d6b420c131631bdda14aafa7cf468926ea63fa
7813ef3984ab4a9e109a86c664abe3f249cae313baaf7922c00761050d3fab28
8ae79a4d18eea420af0fd562d43879b569bbd2c622da6deba79f6c202e385361
9266c6f7b1df08abb0c91bf2d28bff1e5e4b1e1a43e396ec8254c8f861395701
9c7f280a857ff6f1ad8cd70df8dc7b71cdb45fc7d60c774b57ff5375bc325d11
9f86cef4ad68fff9302ceddc1d9d084637731ba2a4e5bfa453e036a0e4195d9a
c504da63cf64dcc978add87ad775fee670e5856d2dbe055a1d543f3a45068010
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cd1b493e6a71fabd543b6df3c2522eb83aadc71ecefda20192a164685ab73972
d49244af36ecd6b754f24d86aa2827ade9d6ddcba336d654ddd9a213b73af572
f3e22262b472ee52e51e9f053856daf9a3f7ce59dd66d51f201f1ee7faaf5690
f486dd244f3bae8a006758b411a1b19799d4b23aff2c360ec7b7b72c187deaa3