zq30.us.to Open in urlscan Pro
140.99.170.166 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://zq30.us.to/
Submission: On May 02 via manual (May 2nd 2023, 8:59:11 pm UTC) from JP — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 140.99.170.166, located in New York, United States and belongs to DEDIPATH-LLC, US. The main domain is zq30.us.to.

This is the only time zq30.us.to was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au ID (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
12	140.99.170.166 140.99.170.166		35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
12	1

12 140.99.170.166 (New York, United States)

ASN35913 (DEDIPATH-LLC, US)

zq30.us.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	us.to zq30.us.to	91 KB
12	1

	Domain	Requested by
12	zq30.us.to	zq30.us.to
12	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://zq30.us.to/
Frame ID: 37E101ACA58E7957EEC5267E9B42E0FA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Title

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

91 kB
Transfer

153 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response zq30.us.to/	8 KB 3 KB	508ms 324ms	Document text/html	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Full URL http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `3000f1fa59f9410114261a7ea43335916ccaf2764da2cc2244ed85e291fc7411` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Origin,Authorization,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type,X-Token,X-Requested-With,withCredentials Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Tue, 02 May 2023 20:59:06 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	new1.css zq30.us.to/static/au_order/	4 KB 2 KB	70ms 69ms	Stylesheet text/css	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Full URL http://zq30.us.to/static/au_order/new1.css Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `cc657be1fc1a243e946fefde3e07373928849e9f4a460a687bf6e2d9fc207c65` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Content-Encoding gzip Last-Modified Wed, 20 Jul 2022 08:12:58 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	new2.css zq30.us.to/static/au_order/	868 B 1 KB	138ms 69ms	Stylesheet text/css	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Full URL http://zq30.us.to/static/au_order/new2.css Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `52f3e631b5edd9dae88128fbb2fc443f08d298627f626adef79a9c7c4a555d06` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Wed, 20 Jul 2022 07:38:50 GMT Server nginx Content-Type text/css; charset=utf-8 Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 868 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response zq30.us.to/static/hau/	90 KB 36 KB	143ms 74ms	Script application/javascript	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Full URL http://zq30.us.to/static/hau/jquery-1.9.1.min.js Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Content-Encoding gzip Last-Modified Thu, 17 Mar 2022 06:45:22 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response zq30.us.to/static/hau/	3 KB 2 KB	139ms 71ms	Script application/javascript	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Full URL http://zq30.us.to/static/hau/jquery.cookie.js Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Content-Encoding gzip Last-Modified Thu, 17 Mar 2022 06:45:24 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	logo.png zq30.us.to/static/au_order/	4 KB 4 KB	71ms 70ms	Image image/png	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/logo.png Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `aa762bb5acf6f6e056379467995a0eb0fbc400ba2e3811469bde1055daf5260e` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Wed, 20 Jul 2022 06:10:58 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 4093 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	vcard.jpeg zq30.us.to/static/au_order/	32 KB 32 KB	70ms 69ms	Image image/jpeg	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/vcard.jpeg Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `30ac02f2f32bd6449033baedc40fe40ed9019dcebc63b514fdb6e32dfeba0758` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Thu, 17 Mar 2022 06:44:22 GMT Server nginx Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 32796 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	fig_cc-01.png zq30.us.to/static/au_order/	2 KB 2 KB	71ms 70ms	Image image/png	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/fig_cc-01.png Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `ca12241ddbe5e9e4c018782bfe45123e61348371e32f60d3a5abd2019e1197c9` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Wed, 20 Jul 2022 07:54:14 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 1741 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	icon_seven.png zq30.us.to/static/au_order/	2 KB 2 KB	70ms 69ms	Image image/png	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/icon_seven.png Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `f4c13cfc9310805af5435b0d5f04960dcae82109c7aa89389bd04d8fe5d26896` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Thu, 17 Mar 2022 06:44:18 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 2116 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	icon_lawson.png zq30.us.to/static/au_order/	1 KB 2 KB	71ms 70ms	Image image/png	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/icon_lawson.png Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `c1a87c4599f42a2cc86ec8e78d0f6ef3b02a1ecd41a6bff8f1d9050c9490a936` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Thu, 17 Mar 2022 06:44:18 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 1379 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	icon_ministop.png zq30.us.to/static/au_order/	1 KB 2 KB	126ms 69ms	Image image/png	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/icon_ministop.png Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `c46abe457820829f581a15b2b25baa925fc78d6aa7c1989503b47859d0569b6e` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Thu, 17 Mar 2022 06:44:18 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 1259 Expires Thu, 01 Jun 2023 20:59:06 GMT
GET H/1.1	200 OK	icon_seicomart.png zq30.us.to/static/au_order/	3 KB 4 KB	150ms 81ms	Image image/png	140.99.170.166 DEDIPATH-LLC
General Check archive.org Show headers Download Go to Show image Full URL http://zq30.us.to/static/au_order/icon_seicomart.png Requested by Host: zq30.us.to URL: http://zq30.us.to/ Protocol HTTP/1.1 Server 140.99.170.166 New York, United States, ASN35913 (DEDIPATH-LLC, US), Reverse DNS Software nginx / Resource Hash `b0baf30a5d52de6372685e6c3935205b7f38433ba114332de655de078c64d8d0` Request headers accept-language en-US,en;q=0.9 Referer http://zq30.us.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Tue, 02 May 2023 20:59:06 GMT Last-Modified Thu, 17 Mar 2022 06:44:18 GMT Server nginx Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 3525 Expires Thu, 01 Jun 2023 20:59:06 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au ID (Telecommunication)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zq30.us.to/	1969-12-31 23:59:59	Name: sessionid Value: 82f8939e0d12c3de40122b963f73b03c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

zq30.us.to
140.99.170.166
3000f1fa59f9410114261a7ea43335916ccaf2764da2cc2244ed85e291fc7411
30ac02f2f32bd6449033baedc40fe40ed9019dcebc63b514fdb6e32dfeba0758
52f3e631b5edd9dae88128fbb2fc443f08d298627f626adef79a9c7c4a555d06
aa762bb5acf6f6e056379467995a0eb0fbc400ba2e3811469bde1055daf5260e
b0baf30a5d52de6372685e6c3935205b7f38433ba114332de655de078c64d8d0
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1a87c4599f42a2cc86ec8e78d0f6ef3b02a1ecd41a6bff8f1d9050c9490a936
c46abe457820829f581a15b2b25baa925fc78d6aa7c1989503b47859d0569b6e
ca12241ddbe5e9e4c018782bfe45123e61348371e32f60d3a5abd2019e1197c9
cc657be1fc1a243e946fefde3e07373928849e9f4a460a687bf6e2d9fc207c65
f4c13cfc9310805af5435b0d5f04960dcae82109c7aa89389bd04d8fe5d26896

zq30.us.to Open in urlscan Pro 140.99.170.166 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

91 kBTransfer

153 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

Indicators

zq30.us.to Open in urlscan Pro
140.99.170.166 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

91 kB
Transfer

153 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!