wayzons.top Open in urlscan Pro
185.238.1.70 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wayzons.top/kj.html
Submission: On September 30 via api (September 30th 2020, 11:12:56 pm UTC) from CH

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 185.238.1.70, located in Netherlands and belongs to INTERNET-IT, NL. The main domain is wayzons.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 28th 2020. Valid for: 3 months.

This is the only time wayzons.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commonwealth Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	185.238.1.70 185.238.1.70	200313 (INTERNET-IT) (INTERNET-IT)
4	24.244.156.42 24.244.156.42	15146 (CABLEBAHAMAS) (CABLEBAHAMAS)
11	2

7 185.238.1.70 (Netherlands)

ASN200313 (INTERNET-IT, NL)
PTR: server2.privatebullet.com

wayzons.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 24.244.156.42 (Nassau, Bahamas)

ASN15146 (CABLEBAHAMAS, BS)
PTR: cbleib.combankltd.com

cbleib.combankltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	wayzons.top wayzons.top	832 KB
4	combankltd.com cbleib.combankltd.com	13 KB
11	2

	Domain	Requested by
7	wayzons.top	wayzons.top
4	cbleib.combankltd.com	wayzons.top
11	2

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
wayzons.top Let's Encrypt Authority X3	`2020-09-28` - `2020-12-27`	3 months	crt.sh
cbleib.combankltd.com DigiCert SHA2 Extended Validation Server CA	`2020-06-05` - `2022-06-29`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://wayzons.top/kj.html
Frame ID: A1839063F68727A2E9C308C2FFEEA3EB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

846 kB
Transfer

844 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.combankltd.direct
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/id1438207631
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request kj.html Show response wayzons.top/	18 KB 18 KB	202ms 36ms	Document text/html	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://wayzons.top/kj.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash `a3b060f50471b8d5141aa40f89b07c30986a985a47b403e511a9244753a1437e` Request headers Host wayzons.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:55 GMT Server Apache Last-Modified Wed, 07 Nov 2018 08:39:32 GMT Accept-Ranges bytes Content-Length 18014 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	vendor.css wayzons.top/files/	209 KB 209 KB	36ms 35ms	Stylesheet text/css	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://wayzons.top/files/vendor.css Requested by Host: wayzons.top URL: https://wayzons.top/kj.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash `6d2f45997b5a9cadc60c13beedbbf843d2b1718d47f813d915384e44f26a05ef` Request headers Referer https://wayzons.top/kj.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:55 GMT Last-Modified Wed, 07 Nov 2018 08:26:08 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 214065
GET H/1.1	200 OK	omnia.css wayzons.top/files/	550 KB 550 KB	113ms 38ms	Stylesheet text/css	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://wayzons.top/files/omnia.css Requested by Host: wayzons.top URL: https://wayzons.top/kj.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash `c24ed5aca62c867c12e5bab77658a7ffe58c3811c91fe63dc0da6eaa81c9bc00` Request headers Referer https://wayzons.top/kj.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:56 GMT Last-Modified Wed, 07 Nov 2018 08:42:08 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 562992
GET H/1.1	200 OK	logo.png wayzons.top/files/	55 KB 55 KB	120ms 40ms	Image image/png	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Show image Full URL https://wayzons.top/files/logo.png Requested by Host: wayzons.top URL: https://wayzons.top/kj.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash `8fb45fc08db7c6cf27900a5ef08eed4c03ec2a8362ccea2d818793a1e01765f8` Request headers Referer https://wayzons.top/kj.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:56 GMT Last-Modified Wed, 07 Nov 2018 08:26:08 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 56376
GET H/1.1	404 Not Found	RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff wayzons.top/files/fonts/	0 0	38ms 38ms	Font text/html	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://wayzons.top/files/fonts/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash Request headers Origin https://wayzons.top Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:56 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff wayzons.top/files/fonts/	0 0	39ms 39ms	Font text/html	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://wayzons.top/files/fonts/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash Request headers Origin https://wayzons.top Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:56 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	2UX7WLTfW3W8TclTUvlFyQ.woff wayzons.top/files/fonts/	0 0	35ms 35ms	Font text/html	185.238.1.70 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://wayzons.top/files/fonts/2UX7WLTfW3W8TclTUvlFyQ.woff Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.238.1.70 , Netherlands, ASN200313 (INTERNET-IT, NL), Reverse DNS server2.privatebullet.com Software Apache / Resource Hash Request headers Origin https://wayzons.top Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:10:56 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	available-in-googleplay.png cbleib.combankltd.com/img/	5 KB 6 KB	984ms 153ms	Image image/png	24.244.156.42 CABLEBAHAMAS
General Check archive.org Show headers Download Go to Show image Full URL https://cbleib.combankltd.com/img/available-in-googleplay.png?ver=e4f965f1a4de25197f63f52932f6871e36106872 Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS), Reverse DNS cbleib.combankltd.com Software Microsoft-IIS/8.5 / Resource Hash `af2e512f2c734d26e24589b243994f37791e43f8cc02c4f70b245c4b284c1fc0` Request headers Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:16:00 GMT Last-Modified Wed, 09 Sep 2020 20:59:02 GMT Server Microsoft-IIS/8.5 Accept-Ranges bytes ETag "06fa8bec86d61:0" Content-Length 5480 Content-Type image/png
GET H/1.1	200 OK	available-in-appstore.png cbleib.combankltd.com/img/	4 KB 5 KB	975ms 144ms	Image image/png	24.244.156.42 CABLEBAHAMAS
General Check archive.org Show headers Download Go to Show image Full URL https://cbleib.combankltd.com/img/available-in-appstore.png?ver=ecff978bb441ecc68a560a3ff7d0622a7ae9a6b4 Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS), Reverse DNS cbleib.combankltd.com Software Microsoft-IIS/8.5 / Resource Hash `c2e6a80ec2cff8a14941fed24062c4e0c15bec16c38b0d1b736922cc70c1062c` Request headers Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:15:19 GMT Last-Modified Wed, 09 Sep 2020 20:59:02 GMT Server Microsoft-IIS/8.5 Accept-Ranges bytes ETag "06fa8bec86d61:0" Content-Length 4331 Content-Type image/png
GET H/1.1	200 OK	phone@2x.png cbleib.combankltd.com/img/	1 KB 2 KB	981ms 150ms	Image image/png	24.244.156.42 CABLEBAHAMAS
General Check archive.org Show headers Download Go to Show image Full URL https://cbleib.combankltd.com/img/phone@2x.png?ver=121211ae89e11a622f97d0df572a4cbc3021bef5 Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS), Reverse DNS cbleib.combankltd.com Software Microsoft-IIS/8.5 / Resource Hash `3801fd9afb62498f75f381dbff951f3b4b9d3bfaeefaba68b93ca7ffce4b5ac9` Request headers Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:16:00 GMT Last-Modified Wed, 09 Sep 2020 20:59:02 GMT Server Microsoft-IIS/8.5 Accept-Ranges bytes ETag "06fa8bec86d61:0" Content-Length 1348 Content-Type image/png
GET H/1.1	200 OK	envelope@2x.png cbleib.combankltd.com/img/	1 KB 1 KB	978ms 144ms	Image image/png	24.244.156.42 CABLEBAHAMAS
General Check archive.org Show headers Download Go to Show image Full URL https://cbleib.combankltd.com/img/envelope@2x.png?ver=8b5a913129391ffc61e757a57ea63d737b829b3e Requested by Host: wayzons.top URL: https://wayzons.top/files/omnia.css Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 24.244.156.42 Nassau, Bahamas, ASN15146 (CABLEBAHAMAS, BS), Reverse DNS cbleib.combankltd.com Software Microsoft-IIS/8.5 / Resource Hash `4fb6515540e7585a6d7b1b70915981ad528bdccd4beef366d33785d61abaa7a2` Request headers Referer https://wayzons.top/files/omnia.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Sep 2020 23:15:19 GMT Last-Modified Wed, 09 Sep 2020 20:59:02 GMT Server Microsoft-IIS/8.5 Accept-Ranges bytes ETag "06fa8bec86d61:0" Content-Length 1212 Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commonwealth Bank (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbleib.combankltd.com
wayzons.top
185.238.1.70
24.244.156.42
3801fd9afb62498f75f381dbff951f3b4b9d3bfaeefaba68b93ca7ffce4b5ac9
4fb6515540e7585a6d7b1b70915981ad528bdccd4beef366d33785d61abaa7a2
6d2f45997b5a9cadc60c13beedbbf843d2b1718d47f813d915384e44f26a05ef
8fb45fc08db7c6cf27900a5ef08eed4c03ec2a8362ccea2d818793a1e01765f8
a3b060f50471b8d5141aa40f89b07c30986a985a47b403e511a9244753a1437e
af2e512f2c734d26e24589b243994f37791e43f8cc02c4f70b245c4b284c1fc0
c24ed5aca62c867c12e5bab77658a7ffe58c3811c91fe63dc0da6eaa81c9bc00
c2e6a80ec2cff8a14941fed24062c4e0c15bec16c38b0d1b736922cc70c1062c

wayzons.top Open in urlscan Pro 185.238.1.70 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

846 kBTransfer

844 kBSize

0 Cookies

2 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

wayzons.top Open in urlscan Pro
185.238.1.70 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

846 kB
Transfer

844 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!