URL: https://atosascoes.link/
Submission: On December 09 via manual from AU — Scanned from AU

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 172.67.132.248, located in United States and belongs to CLOUDFLARENET, US. The main domain is atosascoes.link.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time atosascoes.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

IP Address AS Autonomous System
8 172.67.132.248 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
2 207.174.28.16 400509 (ASIPFB)
11 3
Apex Domain
Subdomains
Transfer
8 atosascoes.link
atosascoes.link
246 KB
2 services-verify.cc
api1.services-verify.cc
361 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
11 3
Domain Requested by
8 atosascoes.link atosascoes.link
2 api1.services-verify.cc atosascoes.link
1 code.jquery.com atosascoes.link
11 3

This site contains links to these domains. Also see Links.

Domain
my.gov.au
Subject Issuer Validity Valid
atosascoes.link
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
api1.services-verify.cc
R10
2024-11-24 -
2025-02-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://atosascoes.link/
Frame ID: EC944E3B29FC48D1EFFBF2B13F727725
Requests: 10 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*aem-Grid

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

277 kB
Transfer

1557 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
atosascoes.link/
718 B
1 KB
Document
General
Full URL
https://atosascoes.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae3fc6822e00f9f45cb344444e0a07acd55991b7edea2caf940c79efcbe66cdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ef1734b5dd78661-PER
content-encoding
zstd
content-type
text/html
date
Mon, 09 Dec 2024 02:08:58 GMT
last-modified
Sun, 24 Nov 2024 21:28:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGJCJNbXMdUSF1PjxstC5E7tkYA57Y2o5ESFLF2aDOvQfoNUh3ix9voYpriUxBjf%2BwI8iLM9CZsCOMClcbUUKPrBG%2Bh72umrQwV3zDEuo8a2TGvufsw62mYh62%2FhVhBd4qo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=50787&min_rtt=47657&rtt_var=13741&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4133&recv_bytes=4486&delivery_rate=386&cwnd=12000&unsent_bytes=0&cid=74778a514c430160&ts=464&x=1" cfExtPri cfHdrFlush;dur=0
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://atosascoes.link/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
4727025
x-cache
HIT, HIT
date
Mon, 09 Dec 2024 02:08:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
69, 340844
x-served-by
cache-lga21931-LGA, cache-adl2040023-ADL
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1733710139.662192,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
index-827f5542.js
atosascoes.link/assets/
107 KB
47 KB
Script
General
Full URL
https://atosascoes.link/assets/index-827f5542.js
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
701d457ba1c6aaca45aa960246003f15254442c4fb6bf087286735d4456bd1c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://atosascoes.link
Referer
https://atosascoes.link/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"67439a8f-1ad73"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zCc9BPE6D3RU4dFMoqMyJ%2FTTpveGfYuX6lKKWRJz%2BdbYd4TphYgLp4XR%2F05PQFMVdO0yZT%2Fi8gnKVu7Xy9uk3X9UJfgeyQ6M8xa3jhSahSlVw7NLNvdo3nEoRbchIJ1ItM%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 14:08:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50401&min_rtt=47657&rtt_var=11078&sent=13&recv=12&lost=0&retrans=0&sent_bytes=5265&recv_bytes=5116&delivery_rate=16529&cwnd=12000&unsent_bytes=0&cid=74778a514c430160&ts=940&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 02:08:59 GMT
content-type
application/javascript
last-modified
Sun, 24 Nov 2024 21:28:47 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ef1734e48018661-PER
server
cloudflare
index-41c40ef1.css
atosascoes.link/assets/
192 KB
38 KB
Stylesheet
General
Full URL
https://atosascoes.link/assets/index-41c40ef1.css
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c40ef17991346416d0153700f2662be7c6836097dda8ff6e7204f9b38830b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://atosascoes.link/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"67439a8e-2ffb7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3aMW2Hu0fyujiEyHKxxp0Id57CrxQ5pSieCvTPCH09yzdWy%2B7JpMC%2FdmER5fuYYZsFEFGpJCSwApmLBzGjc10wZla0aQefAwF%2FJW2sUJGoi3cK6eYykHzgfeFvwUaFmhYg%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 14:08:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50401&min_rtt=47657&rtt_var=11078&sent=23&recv=12&lost=0&retrans=0&sent_bytes=17265&recv_bytes=5116&delivery_rate=16529&cwnd=12000&unsent_bytes=0&cid=74778a514c430160&ts=940&x=1", cfExtPri, cfHdrFlush;dur=49
date
Mon, 09 Dec 2024 02:08:59 GMT
content-type
text/css
last-modified
Sun, 24 Nov 2024 21:28:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ef1734e48028661-PER
server
cloudflare
token
api1.services-verify.cc/api/v2/
0
0
Preflight
General
Full URL
https://api1.services-verify.cc/api/v2/token
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.28.16 Atlanta, United States, ASN400509 (ASIPFB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://atosascoes.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
*
access-control-allow-origin
https://atosascoes.link
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Mon, 09 Dec 2024 02:09:00 GMT
server
nginx
strict-transport-security
max-age=31536000
token
api1.services-verify.cc/api/v2/
49 B
361 B
XHR
General
Full URL
https://api1.services-verify.cc/api/v2/token
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/assets/index-827f5542.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.28.16 Atlanta, United States, ASN400509 (ASIPFB, US),
Reverse DNS
Software
nginx /
Resource Hash
dac85647667ad56a3cef86202fec5b47633fd8d5cb2602e194bee0a171ba9392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://atosascoes.link/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
3600
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
*
access-control-allow-origin
https://atosascoes.link
date
Mon, 09 Dec 2024 02:09:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx
logo-black.svg
atosascoes.link/assets/
63 KB
23 KB
Image
General
Full URL
https://atosascoes.link/assets/logo-black.svg
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://atosascoes.link/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"67439a91-fa8f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyFXwqoLVQkkTeLqvZy05sHUgv0b4sf6UInrT6U9nuIgs2HVEu7x2qRZqEzV%2FSJXSq6UAObF1o6tDFOVGdZAq9J3tqBWqsy5Gs6uJ%2FRG4P2tW8Fe0Soj0V%2FTJ9P2Bs1to9s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ef173522af08661-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48379&min_rtt=47554&rtt_var=720&sent=93&recv=54&lost=0&retrans=0&sent_bytes=96368&recv_bytes=8069&delivery_rate=563094&cwnd=55200&unsent_bytes=0&cid=74778a514c430160&ts=1564&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 02:08:59 GMT
content-type
image/svg+xml
last-modified
Sun, 24 Nov 2024 21:28:49 GMT
vary
Accept-Encoding
priority
u=3,i
logo-white.svg
atosascoes.link/assets/
63 KB
23 KB
Image
General
Full URL
https://atosascoes.link/assets/logo-white.svg
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://atosascoes.link/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67439a91-fa8c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4drvdto6vfLc7rJD97EKI%2BINL4aKx5Xjv%2B9nsxjTNYFBprrWP%2BEbSCQ4KedxeZKSB9H8R7GH6fDOEO3oHGDaAiIkz1SnSRPrbolM3kHl0MDb%2FeEyw5M%2B82O7aWVnGx7X%2B50%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ef173522af18661-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50525&min_rtt=47554&rtt_var=1191&sent=205&recv=72&lost=0&retrans=0&sent_bytes=229017&recv_bytes=8869&delivery_rate=182395&cwnd=105600&unsent_bytes=0&cid=74778a514c430160&ts=1759&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 02:08:59 GMT
content-type
image/svg+xml
last-modified
Sun, 24 Nov 2024 21:28:49 GMT
vary
Accept-Encoding
priority
u=3,i
Index-89185d8b.js
atosascoes.link/assets/
5 KB
2 KB
Script
General
Full URL
https://atosascoes.link/assets/Index-89185d8b.js
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/assets/index-827f5542.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d9a8524aeab90a4addc8358fcb5f9f1af1071e35328cc4cae558da34eb466f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://atosascoes.link
Referer

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"67439a8f-12f8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HF8oBn%2BT0gthMNDH4c0p%2BhR0CfDRw5N9sYplVmwQovbF%2BW7gUIbFhgpx4DStacW9cS4X2D81QVaxgTQUw%2BmezIPsFM%2FqQhSfMqWf8kQagl%2BJgKN9MX%2BhzyndlG4XBBG%2F074%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 14:08:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48379&min_rtt=47554&rtt_var=720&sent=91&recv=54&lost=0&retrans=0&sent_bytes=94293&recv_bytes=8069&delivery_rate=563094&cwnd=55200&unsent_bytes=0&cid=74778a514c430160&ts=1563&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 02:08:59 GMT
content-type
application/javascript
last-modified
Sun, 24 Nov 2024 21:28:47 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ef173522af38661-PER
server
cloudflare
Index-325d7db9.css
atosascoes.link/assets/
1006 KB
104 KB
Stylesheet
General
Full URL
https://atosascoes.link/assets/Index-325d7db9.css
Requested by
Host: atosascoes.link
URL: https://atosascoes.link/assets/index-827f5542.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325d7db9ab4c59b480e407d18ca2bbabd7b777133632ed3b85427c47b3018470

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://atosascoes.link/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"67439a8d-fb8c8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4IAk1MqC0vasdyGxJlnlmfeNDlX3lXqVy5rrkxdeMQV%2BcayVOHqMGReBT5uOOXiX76V4LFClBSh4O292XKejb2%2FnsPrFQrDjNqmhx6I%2BUmyQ5fVB6MOl75MahT0T7deGI8%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 14:08:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48379&min_rtt=47554&rtt_var=720&sent=114&recv=54&lost=0&retrans=0&sent_bytes=120677&recv_bytes=8069&delivery_rate=563094&cwnd=55200&unsent_bytes=0&cid=74778a514c430160&ts=1567&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 02:08:59 GMT
content-type
text/css
last-modified
Sun, 24 Nov 2024 21:28:45 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ef173522af48661-PER
server
cloudflare
favicon.ico
atosascoes.link/
34 KB
8 KB
Other
General
Full URL
https://atosascoes.link/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.132.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87ab957e61db22ee722cd0b1747ec8288b8088c2e6c057ca87926b0713c981b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://atosascoes.link/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"67439a89-86be"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PpwzWTteVJiw52BD1HZQcfI1xnKLaNSewLYb9o52mmx5dbXv7ZX8tifkmPMyuCM9UsD3%2BRpUP1cU95qAtKL1fCKlryFbXJvvyjo3zYhpg6WYS2XPdWLP0V1ZBH7rihxqgo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ef173565e068661-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49678&min_rtt=47554&rtt_var=1762&sent=228&recv=76&lost=0&retrans=0&sent_bytes=253374&recv_bytes=9353&delivery_rate=507761&cwnd=105600&unsent_bytes=0&cid=74778a514c430160&ts=2231&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 02:09:00 GMT
content-type
image/x-icon
last-modified
Sun, 24 Nov 2024 21:28:41 GMT
vary
Accept-Encoding
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

0 Cookies