reg.zinamitta.site
Open in
urlscan Pro
212.80.217.74
Malicious Activity!
Public Scan
Effective URL: http://reg.zinamitta.site/?utm_source=neQt6klHjy1iL
Submission: On June 16 via manual from CA
Summary
This is the only time reg.zinamitta.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 195.28.182.223 195.28.182.223 | 15626 (ITLAS) (ITLAS) | |
2 | 212.80.217.74 212.80.217.74 | 50673 (SERVERIUS-AS) (SERVERIUS-AS) | |
1 | 2606:4700::68... 2606:4700::6810:84e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE) | |
8 | 159.69.111.28 159.69.111.28 | 24940 (HETZNER-AS) (HETZNER-AS) | |
12 | 4 |
ASN50673 (SERVERIUS-AS, NL)
PTR: mr.astapovich1995.example.com
reg.zinamitta.site |
ASN24940 (HETZNER-AS, DE)
PTR: static.28.111.69.159.clients.your-server.de
cadaner.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cadaner.com
cadaner.com |
1 MB |
3 |
zinamitta.site
1 redirects
zinamitta.site reg.zinamitta.site |
7 KB |
1 |
googleapis.com
fonts.googleapis.com |
475 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
4 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
8 | cadaner.com |
reg.zinamitta.site
|
2 | reg.zinamitta.site |
reg.zinamitta.site
|
1 | fonts.googleapis.com |
reg.zinamitta.site
|
1 | cdnjs.cloudflare.com |
reg.zinamitta.site
|
1 | zinamitta.site | 1 redirects |
12 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://reg.zinamitta.site/?utm_source=neQt6klHjy1iL
Frame ID: 1D0DC6223D4B95BE0AAD228F806030FE
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://zinamitta.site/
HTTP 301
http://reg.zinamitta.site/?utm_source=neQt6klHjy1iL Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://zinamitta.site/
HTTP 301
http://reg.zinamitta.site/?utm_source=neQt6klHjy1iL Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
reg.zinamitta.site/ Redirect Chain
|
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ |
52 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
767 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/ |
252 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.js
reg.zinamitta.site/ |
405 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no.png
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yes.png
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
241 KB 242 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pattern.png
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
340 KB 340 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
355 KB 356 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.jpg
cadaner.com/assets/c0679ec89a59b20d9865614a28ee1bf0/images/ |
258 KB 258 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery string| u2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
reg.zinamitta.site/ | Name: k Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTU2ODUwbQAAAApLQVBQUE5xdm13bQAAAANoaWRtAAAAJEFnVWVzcnpQRUhnUkxmUkd1cnFlWHBtUGViV3lhRnZlVnVvbW0AAAACaGxhAW0AAAACcmR0AAAABGQACl9fc3RydWN0X19kABhFbGl4aXIuVGRleC5Sb3RhdGlvbkRhdGFkAA5jbGlja2VkX29mZmVyc3QAAAAAZAAIbGFuZGluZ3NsAAAAAWIAAARHamQAC3NlZW5fb2ZmZXJzbAAAAAFiAABnaGptAAAABXN1Yl8xZAADbmlsbQAAAAVzdWJfMmQAA25pbG0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxqT2hBQUFsWlhvaFY.bYl_oO0TR1w2X0NT5XfZ5mV4M2QmYSN27cRtbgS3NnA |
|
reg.zinamitta.site/ | Name: uord Value: acca25f8ca195f0c9a234b4f36d11bf7 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cadaner.com
cdnjs.cloudflare.com
fonts.googleapis.com
reg.zinamitta.site
zinamitta.site
159.69.111.28
195.28.182.223
212.80.217.74
2606:4700::6810:84e5
2a00:1450:4001:81a::200a
0b9edaf2d7a19cb4ce75b2707b7bae565019c39f679308074192369242502d55
1bf8f19f50419f5f102a7f451240eb855d83c8551498717afeb041f5bbf9fbf1
3e8c84efe8d80eb7ad39ff351035c5bafb7af2a471f63f3e6d6988c35dc61133
561b80f51336fd96e55e4eaf240bcadc4b21987d01551499dfdcffe85a5e0b36
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
5fb244f0dc0090409e9940f0cfa650920ce2c89d418c41cede27583411f9e7bf
66d9ef02c42230ea61895be2f4bdc340018eff35d9ee5006e042cd157751a9cd
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
6e08aff7e737ca8bcb5808cbf672edcb6cd55544f33b2b8861616c4c521971e5
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1