verif1cardatos.zya.me Open in urlscan Pro
185.27.134.123 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://verif1cardatos.zya.me/?i_1&i=2
Effective URL:
http://verif1cardatos.zya.me/?i_1&i=3
Submission: On August 31 via automatic, source phishtank (August 31st 2024, 2:10:44 am UTC) — Scanned from GB

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 185.27.134.123, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is verif1cardatos.zya.me.

This is the only time verif1cardatos.zya.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
7	185.27.134.123 185.27.134.123		34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
17	2

7 185.27.134.123 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

verif1cardatos.zya.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	zya.me verif1cardatos.zya.me	222 KB
0	sociomantic.com Failed us-sonar.sociomantic.com Failed
0	aeonfree.com Failed aeonfree.com Failed
17	3

	Domain	Requested by
7	verif1cardatos.zya.me	verif1cardatos.zya.me
0	us-sonar.sociomantic.com Failed	verif1cardatos.zya.me
0	aeonfree.com Failed	verif1cardatos.zya.me
17	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://verif1cardatos.zya.me/?i_1&i=3
Frame ID: 15D177E05EB06208ADE04AA9F81B7007
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live

Page URL History Show full URLs

http://verif1cardatos.zya.me/?i_1&i=2 HTTP 307
https://verif1cardatos.zya.me/?i_1&i=2 HTTP 307
http://verif1cardatos.zya.me/?i_1&i=2 Page URL
http://verif1cardatos.zya.me/?i_1&i=3 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

222 kB
Transfer

220 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://verif1cardatos.zya.me/?i_1&i=2 HTTP 307
https://verif1cardatos.zya.me/?i_1&i=2 HTTP 307
http://verif1cardatos.zya.me/?i_1&i=2 Page URL
http://verif1cardatos.zya.me/?i_1&i=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://verif1cardatos.zya.me/?i_1&i=2 HTTP 307
https://verif1cardatos.zya.me/?i_1&i=2 HTTP 307
http://verif1cardatos.zya.me/?i_1&i=2

Request Chain 4

http://verif1cardatos.zya.me/Scripts/jquery-1.11.3.min.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 5

http://verif1cardatos.zya.me/Scripts/jquery.blockUI.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 6

http://verif1cardatos.zya.me/Scripts/_UtilidadesSitio.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 7

http://verif1cardatos.zya.me/Scripts/Indicador.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 8

http://verif1cardatos.zya.me/ScriptResource031e.html?d=4ejzBeCma20vHaNBi-aw0NblYCfCDh44zfCmtkgmX-yBzIqXKbfMlEW_EjiaJjEjhqgYuioyJ1BvTkvHoVBvzW62zskUJSAPVLQz2q6IFwy7deq3VKjEQE8AYwhLxBJ1gP5wkX3lrw9Mg6OT9XROgQfZt5aanpi8jNEJMX_TNFA1&t=ffffffffaa493ab8 HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 10

http://verif1cardatos.zya.me/js/bk-coretag.html HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 11

http://verif1cardatos.zya.me/_Incapsula_Resourcef8dd.html?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=6&cb=108360433 HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 13

http://verif1cardatos.zya.me/Scripts/_UtilidadesSitio.js HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

Request Chain 15

http://verif1cardatos.zya.me/favicon.ico HTTP 302
https://aeonfree.com/error/404/ HTTP 301
https://aeonfree.com/error/404

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response verif1cardatos.zya.me/ Redirect Chain http://verif1cardatos.zya.me/?i_1&i=2 https://verif1cardatos.zya.me/?i_1&i=2 http://verif1cardatos.zya.me/?i_1&i=2	836 B 1 KB	43ms 43ms	Document text/html	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://verif1cardatos.zya.me/?i_1&i=2 Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `534cf57e797ab833c53bb6f262524051362f95d99677861ac0b80fdbfb930834` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Cache-Control no-cache Connection keep-alive Content-Length 836 Content-Type text/html Date Sat, 31 Aug 2024 02:10:37 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx Redirect headers Location http://verif1cardatos.zya.me/?i_1&i=2 Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	aes.js Show response verif1cardatos.zya.me/	13 KB 14 KB	44ms 37ms	Script application/javascript	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://verif1cardatos.zya.me/aes.js Requested by Host: verif1cardatos.zya.me URL: http://verif1cardatos.zya.me/?i_1&i=2 Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96` Request headers Referer http://verif1cardatos.zya.me/?i_1&i=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Sat, 31 Aug 2024 02:10:37 GMT Last-Modified Sun, 15 Oct 2023 16:32:21 GMT Server nginx ETag "652c1415-35a5" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 13733
GET H/1.1	200 OK	Primary Request / Show response verif1cardatos.zya.me/	17 KB 17 KB	58ms 57ms	Document text/html	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://verif1cardatos.zya.me/?i_1&i=3 Requested by Host: verif1cardatos.zya.me URL: http://verif1cardatos.zya.me/?i_1&i=2 Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `44801f0ca1a9f56e2553df66402ba80463ce6e2a90b7ffa8ddaabfad31b15e85` Request headers Referer http://verif1cardatos.zya.me/?i_1&i=2 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control max-age=2592000, public, proxy-revalidate Connection keep-alive Content-Length 17134 Content-Type text/html; charset=UTF-8 Date Sat, 31 Aug 2024 02:10:37 GMT ETag "42ee-61e1f25bf7620" Expires Mon, 30 Sep 2024 02:10:37 GMT Last-Modified Fri, 26 Jul 2024 04:43:06 GMT Server nginx
GET H/1.1	200 OK	styles.css verif1cardatos.zya.me/	25 KB 26 KB	46ms 45ms	Stylesheet text/css	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://verif1cardatos.zya.me/styles.css Requested by Host: verif1cardatos.zya.me URL: http://verif1cardatos.zya.me/?i_1&i=3 Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `c5a4c9c6389203ed9d770a1c52f119886ebc3c579215d12dcf1f6df8171564ce` Request headers Referer http://verif1cardatos.zya.me/?i_1&i=3 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Sat, 31 Aug 2024 02:10:37 GMT Last-Modified Fri, 26 Jul 2024 04:43:08 GMT Server nginx ETag "6559-61e1f25e09698" Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 25945 Expires Mon, 30 Sep 2024 02:10:37 GMT
GET H/1.1	200 OK	bootstrap.css verif1cardatos.zya.me/	158 KB 159 KB	86ms 44ms	Stylesheet text/css	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL http://verif1cardatos.zya.me/bootstrap.css Requested by Host: verif1cardatos.zya.me URL: http://verif1cardatos.zya.me/?i_1&i=3 Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06` Request headers Referer http://verif1cardatos.zya.me/?i_1&i=3 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Sat, 31 Aug 2024 02:10:37 GMT Last-Modified Fri, 26 Jul 2024 04:43:06 GMT Server nginx ETag "278e1-61e1f25bf7620" Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 162017 Expires Mon, 30 Sep 2024 02:10:37 GMT
GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/Scripts/jquery-1.11.3.min.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/Scripts/jquery.blockUI.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/Scripts/_UtilidadesSitio.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/Scripts/Indicador.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/ScriptResource031e.html?d=4ejzBeCma20vHaNBi-aw0NblYCfCDh44zfCmtkgmX-yBzIqXKbfMlEW_EjiaJjEjhqgYuioyJ1BvTkvHoVBvzW62zskUJSAPVLQz2q6IFwy7deq3VKjEQE8AYwhLxBJ1gP5wkX3lrw9Mg6... https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET H/1.1	200 OK	logo%20micro.svg verif1cardatos.zya.me/	4 KB 4 KB	45ms 44ms	Image image/svg+xml	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL http://verif1cardatos.zya.me/logo%20micro.svg Requested by Host: verif1cardatos.zya.me URL: http://verif1cardatos.zya.me/?i_1&i=3 Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers Referer http://verif1cardatos.zya.me/?i_1&i=3 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Sat, 31 Aug 2024 02:10:38 GMT Last-Modified Fri, 26 Jul 2024 04:43:07 GMT Server nginx ETag "e43-61e1f25c9e600" Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 3651 Expires Sat, 31 Aug 2024 02:10:38 GMT
GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/js/bk-coretag.html https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/_Incapsula_Resourcef8dd.html?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=6&cb=108360433 https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET H/1.1	200 OK	fondo%20outloook.svg verif1cardatos.zya.me/	2 KB 2 KB	51ms 51ms	Image image/svg+xml	185.27.134.123 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL http://verif1cardatos.zya.me/fondo%20outloook.svg Requested by Host: verif1cardatos.zya.me URL: http://verif1cardatos.zya.me/styles.css Protocol HTTP/1.1 Server 185.27.134.123 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68` Request headers Referer http://verif1cardatos.zya.me/styles.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Sat, 31 Aug 2024 02:10:39 GMT Last-Modified Fri, 26 Jul 2024 04:43:05 GMT Server nginx ETag "748-61e1f25b0a910" Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 1864 Expires Sat, 31 Aug 2024 02:10:39 GMT
GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/Scripts/_UtilidadesSitio.js https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

GET		tuya-co us-sonar.sociomantic.com/js/2010-07-01/adpan/	0 0

GET		404 aeonfree.com/error/ Redirect Chain http://verif1cardatos.zya.me/favicon.ico https://aeonfree.com/error/404/ https://aeonfree.com/error/404	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Domain: us-sonar.sociomantic.com
URL: http://us-sonar.sociomantic.com/js/2010-07-01/adpan/tuya-co

Domain: aeonfree.com
URL: https://aeonfree.com/error/404

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			verif1cardatos.zya.me/	1970-01-21 08:47:10	Name: __test Value: 855cc56ce6a22823d5da40abb53aa576

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://verif1cardatos.zya.me/?i_1&i=3 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: http://us-sonar.sociomantic.com/js/2010-07-01/adpan/tuya-co Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aeonfree.com
us-sonar.sociomantic.com
verif1cardatos.zya.me
aeonfree.com
us-sonar.sociomantic.com
185.27.134.123
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
44801f0ca1a9f56e2553df66402ba80463ce6e2a90b7ffa8ddaabfad31b15e85
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
534cf57e797ab833c53bb6f262524051362f95d99677861ac0b80fdbfb930834
c5a4c9c6389203ed9d770a1c52f119886ebc3c579215d12dcf1f6df8171564ce

verif1cardatos.zya.me Open in urlscan Pro 185.27.134.123 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

222 kBTransfer

220 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

verif1cardatos.zya.me Open in urlscan Pro
185.27.134.123 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

222 kB
Transfer

220 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!