zz2.dns-cloud.net Open in urlscan Pro
104.42.57.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3a3S0Gv
Effective URL:
https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646...
Submission: On February 26 via manual (February 26th 2020, 6:42:04 pm UTC) from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 104.42.57.240, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is zz2.dns-cloud.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 22nd 2020. Valid for: 3 months.

This is the only time zz2.dns-cloud.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: US Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 10	104.42.57.240 104.42.57.240	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	1

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.42.57.240 (San Jose, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

zz2.dns-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	dns-cloud.net 1 redirects zz2.dns-cloud.net	74 KB
1	bit.ly 1 redirects bit.ly	343 B
9	2

	Domain	Requested by
10	zz2.dns-cloud.net	1 redirects zz2.dns-cloud.net
1	bit.ly	1 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid
zz2.dns-cloud.net cPanel, Inc. Certification Authority	`2020-02-22` - `2020-05-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574
Frame ID: 9EA4F34D73EF771B4614D87E390842F7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/3a3S0Gv HTTP 301
https://zz2.dns-cloud.net/us/ HTTP 302
https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f7564... Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:div|html)[^>]+ng-app=/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

73 kB
Transfer

71 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3a3S0Gv HTTP 301
https://zz2.dns-cloud.net/us/ HTTP 302
https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.htm Show response zz2.dns-cloud.net/us/1/ Redirect Chain http://bit.ly/3a3S0Gv https://zz2.dns-cloud.net/us/ https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d63...	9 KB 9 KB	171ms 169ms	Document text/html	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `d563aab3809dd3b40aeb445c647a582345d7eef2e7666f8c731bb7f72e51ebf7` Request headers Host zz2.dns-cloud.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Server Apache Last-Modified Sat, 22 Feb 2020 17:33:24 GMT Accept-Ranges bytes Content-Length 8864 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html Redirect headers Date Wed, 26 Feb 2020 18:41:46 GMT Server Apache location 1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	log.css zz2.dns-cloud.net/us/1/index%5D_files/	16 KB 16 KB	170ms 169ms	Stylesheet text/css	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/log.css Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `c9753959d2a236ad5667a527f8cc3b306f418d33c8d3fd6cb4435e83e526f60d` Request headers Referer https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Fri, 19 Jul 2019 12:25:38 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 16415
GET H/1.1	200 OK	gen_validatorv4.js Show response zz2.dns-cloud.net/us/1/index%5D_files/	31 KB 32 KB	345ms 170ms	Script application/javascript	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/gen_validatorv4.js Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `bce0eb8ff92c52b5c06cbb9e7d18c138feeafbcea80c1e2fdb2578414a634107` Request headers Referer https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 32073
GET H/1.1	200 OK	16.png zz2.dns-cloud.net/us/1/index%5D_files/	1 KB 1 KB	511ms 171ms	Image image/png	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/16.png Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `f6084fe63608f8b86e8607fea14735e38f91289126f8858c2dfc96c599dad30d` Request headers Referer https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1257
GET H/1.1	200 OK	2.png zz2.dns-cloud.net/us/1/index%5D_files/	4 KB 4 KB	171ms 169ms	Image image/png	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/2.png Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `2fb10240ee76a6df4311725cf04f41a967617686ec0c13f76370ef95351ea1fd` Request headers Referer https://zz2.dns-cloud.net/us/1/index%5D_files/log.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 3612
GET H/1.1	200 OK	20.png zz2.dns-cloud.net/us/1/index%5D_files/	7 KB 7 KB	174ms 172ms	Image image/png	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/20.png Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `16ff0803d87cff8cf0ceecbbdbbf864d7f1feecf039dea87f69752cc734785ec` Request headers Referer https://zz2.dns-cloud.net/us/1/index%5D_files/log.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6726
GET H/1.1	200 OK	23.png zz2.dns-cloud.net/us/1/index%5D_files/	2 KB 2 KB	309ms 170ms	Image image/png	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/23.png Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `423c2b31552be9b70cf6cc29e4638caff4f18ec30b716ac2b9476c04022e4e87` Request headers Referer https://zz2.dns-cloud.net/us/1/index%5D_files/log.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1744
GET H/1.1	200 OK	15.png zz2.dns-cloud.net/us/1/index%5D_files/	1 KB 1 KB	338ms 169ms	Image image/png	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/15.png Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `f0525e6a7d02b13cc368df16ebc0a62aaed205b669772b2202aedf07fbb7c5b1` Request headers Referer https://zz2.dns-cloud.net/us/1/index%5D_files/log.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 1114
GET H/1.1	200 OK	17.png zz2.dns-cloud.net/us/1/index%5D_files/	772 B 1013 B	324ms 171ms	Image image/png	104.42.57.240 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://zz2.dns-cloud.net/us/1/index%5D_files/17.png Requested by Host: zz2.dns-cloud.net URL: https://zz2.dns-cloud.net/us/1/index.htm?7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e6574-7a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e65747a7a322e646e732d636c6f75642e6e6574 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.42.57.240 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Apache / Resource Hash `8296bd0ba61632f8f427f475c05e33481996d60914a36f7235ebdf0e76e9a256` Request headers Referer https://zz2.dns-cloud.net/us/1/index%5D_files/log.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Wed, 26 Feb 2020 18:41:47 GMT Last-Modified Sun, 20 Aug 2017 18:21:50 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 772

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Bank (Banking)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
zz2.dns-cloud.net
104.42.57.240
67.199.248.10
16ff0803d87cff8cf0ceecbbdbbf864d7f1feecf039dea87f69752cc734785ec
2fb10240ee76a6df4311725cf04f41a967617686ec0c13f76370ef95351ea1fd
423c2b31552be9b70cf6cc29e4638caff4f18ec30b716ac2b9476c04022e4e87
8296bd0ba61632f8f427f475c05e33481996d60914a36f7235ebdf0e76e9a256
bce0eb8ff92c52b5c06cbb9e7d18c138feeafbcea80c1e2fdb2578414a634107
c9753959d2a236ad5667a527f8cc3b306f418d33c8d3fd6cb4435e83e526f60d
d563aab3809dd3b40aeb445c647a582345d7eef2e7666f8c731bb7f72e51ebf7
f0525e6a7d02b13cc368df16ebc0a62aaed205b669772b2202aedf07fbb7c5b1
f6084fe63608f8b86e8607fea14735e38f91289126f8858c2dfc96c599dad30d

zz2.dns-cloud.net Open in urlscan Pro 104.42.57.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

73 kBTransfer

71 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

66 JavaScript Global Variables

0 Cookies

Indicators

zz2.dns-cloud.net Open in urlscan Pro
104.42.57.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

73 kB
Transfer

71 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!