atosascoes.link
Open in
urlscan Pro
172.67.132.248
Malicious Activity!
Public Scan
Submission: On December 09 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time atosascoes.link was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 172.67.132.248 172.67.132.248 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
2 | 207.174.28.16 207.174.28.16 | 400509 (ASIPFB) (ASIPFB) | |
11 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
atosascoes.link
atosascoes.link |
246 KB |
2 |
services-verify.cc
api1.services-verify.cc |
361 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 847 |
31 KB |
11 | 3 |
Domain | Requested by | |
---|---|---|
8 | atosascoes.link |
atosascoes.link
|
2 | api1.services-verify.cc |
atosascoes.link
|
1 | code.jquery.com |
atosascoes.link
|
11 | 3 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
atosascoes.link WE1 |
2024-12-06 - 2025-03-06 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
api1.services-verify.cc R10 |
2024-11-24 - 2025-02-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://atosascoes.link/
Frame ID: EC944E3B29FC48D1EFFBF2B13F727725
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*aem-Grid
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy and security
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
atosascoes.link/ |
718 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-827f5542.js
atosascoes.link/assets/ |
107 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-41c40ef1.css
atosascoes.link/assets/ |
192 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
token
api1.services-verify.cc/api/v2/ |
0 0 |
Preflight
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
token
api1.services-verify.cc/api/v2/ |
49 B 361 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-black.svg
atosascoes.link/assets/ |
63 KB 23 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-white.svg
atosascoes.link/assets/ |
63 KB 23 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Index-89185d8b.js
atosascoes.link/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Index-325d7db9.css
atosascoes.link/assets/ |
1006 KB 104 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
atosascoes.link/ |
34 KB 8 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australian Government (Government)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api1.services-verify.cc
atosascoes.link
code.jquery.com
151.101.194.137
172.67.132.248
207.174.28.16
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
18d9a8524aeab90a4addc8358fcb5f9f1af1071e35328cc4cae558da34eb466f
325d7db9ab4c59b480e407d18ca2bbabd7b777133632ed3b85427c47b3018470
41c40ef17991346416d0153700f2662be7c6836097dda8ff6e7204f9b38830b5
701d457ba1c6aaca45aa960246003f15254442c4fb6bf087286735d4456bd1c4
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
ae3fc6822e00f9f45cb344444e0a07acd55991b7edea2caf940c79efcbe66cdd
b87ab957e61db22ee722cd0b1747ec8288b8088c2e6c057ca87926b0713c981b
dac85647667ad56a3cef86202fec5b47633fd8d5cb2602e194bee0a171ba9392
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e