kam.ysj.mybluehost.me Open in urlscan Pro
50.87.193.142 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ayzarinc.com/teaz.html
Effective URL:
https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7...
Submission: On June 03 via manual (June 3rd 2024, 2:39:44 am UTC) from IN — Scanned from AU

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 50.87.193.142, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is kam.ysj.mybluehost.me.
TLS certificate: Issued by R3 on April 10th 2024. Valid for: 3 months.

This is the only time kam.ysj.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commonwealth Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	104.199.112.194 104.199.112.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 13	50.87.193.142 50.87.193.142	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
13	2

2 104.199.112.194 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.112.199.104.bc.googleusercontent.com

ayzarinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 50.87.193.142 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2339.bluehost.com

kam.ysj.mybluehost.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mybluehost.me 2 redirects kam.ysj.mybluehost.me	299 KB
2	ayzarinc.com ayzarinc.com	518 B
13	2

	Domain	Requested by
13	kam.ysj.mybluehost.me	2 redirects kam.ysj.mybluehost.me
2	ayzarinc.com
13	2

This site contains no links.

Subject Issuer	Validity	Valid
ayzarinc.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
kam.ysj.mybluehost.me R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7
Frame ID: C2A8CE4CC229AF5D2A1E66A05E347BCB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NetBank

Page URL History Show full URLs

https://ayzarinc.com/teaz.html Page URL
https://kam.ysj.mybluehost.me/c HTTP 301
https://kam.ysj.mybluehost.me/c/ HTTP 302
https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

299 kB
Transfer

321 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ayzarinc.com/teaz.html Page URL
https://kam.ysj.mybluehost.me/c HTTP 301
https://kam.ysj.mybluehost.me/c/ HTTP 302
https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	teaz.html Show response ayzarinc.com/	79 B 326 B	605ms 318ms	Document text/html	104.199.112.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ayzarinc.com/teaz.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.112.194 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.112.199.104.bc.googleusercontent.com Software nginx / Resource Hash `412fc1f20f8e70a4707adcf658a93a309bea1828f8d643edba405003694c88f6` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html date Mon, 03 Jun 2024 02:39:13 GMT etag W/"665d083f-4f" last-modified Mon, 03 Jun 2024 00:03:11 GMT server nginx vary Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 3 x-cache-group normal x-cacheable SHORT
GET H2	406	Primary Request Logon.php Show response kam.ysj.mybluehost.me/c/ Redirect Chain https://kam.ysj.mybluehost.me/c https://kam.ysj.mybluehost.me/c/ https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7	17 KB 12 KB	366ms 366ms	Document text/html	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software nginx/1.21.6 / Resource Hash `93416d5dc0f1c9d04449985a6a78fe8d51f752552855f0be1291fdb72d3d16ae` Request headers Accept-Language en-AU,en;q=0.9;q=0.9 Referer https://ayzarinc.com/teaz.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-length 11859 content-type text/html; charset=UTF-8 date Mon, 03 Jun 2024 02:39:15 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6 vary Accept-Encoding Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Mon, 03 Jun 2024 02:39:15 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== location Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 server nginx/1.21.6 x-proxy-cache HIT x-server-cache true
GET H2	200	favicon.ico ayzarinc.com/	0 192 B	143ms 143ms	Other image/x-icon	104.199.112.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ayzarinc.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.199.112.194 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.112.199.104.bc.googleusercontent.com Software nginx / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://ayzarinc.com/teaz.html Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:14 GMT last-modified Thu, 23 May 2024 04:46:14 GMT server nginx etag "664eca16-0" vary Accept-Encoding content-type image/x-icon access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 0
GET H2	200	favicon.ico kam.ysj.mybluehost.me/	19 KB 2 KB	528ms 528ms	Other text/html	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://kam.ysj.mybluehost.me/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software nginx/1.21.6 / Resource Hash `cad9a0c5684e082632135bbea1214ab7e115662df56625be24b5ca37667f8650` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:15 GMT content-encoding gzip server nginx/1.21.6 x-server-cache true vary Accept-Encoding content-type text/html; charset=UTF-8 host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 2086 x-proxy-cache EXPIRED
GET H2	200	hard0.png kam.ysj.mybluehost.me/c/images/	38 KB 38 KB	588ms 586ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard0.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `86b1fd05440defdbb5bf717dc232a3af67086a2dcaa74c8a3fc9ebb2d079eb8c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:18:08 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 39188 content-type image/png
GET H2	200	hard1.png kam.ysj.mybluehost.me/c/images/	19 KB 19 KB	587ms 585ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard1.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `e766b0fce09939eec5a683cb2a47af5d7ec365b0c266a11dd431bd990c22bd1f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:23:56 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 19238 content-type image/png
GET H2	200	hard2.png kam.ysj.mybluehost.me/c/images/	24 KB 24 KB	395ms 393ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard2.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `cd64e830fefc10c485424410152382e8f6222750f78553a2a12ec79bb31ea7d9` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:44:06 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 24158 content-type image/png
GET H2	200	hard3.png kam.ysj.mybluehost.me/c/images/	76 KB 76 KB	587ms 585ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard3.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `3264d296c2f87aa755040b999b748a58e99b7d16a08d255aaa29dce476ee8f84` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:41:24 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 77990 content-type image/png
GET H2	200	hard03.png kam.ysj.mybluehost.me/c/images/	23 KB 23 KB	394ms 393ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard03.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `676f8f8186541525e556a51d26824f5e92b3b720069f8c6f527af459e6f1af4c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:56:14 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 23276 content-type image/png
GET H2	200	hard003.png kam.ysj.mybluehost.me/c/images/	53 KB 53 KB	201ms 199ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard003.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `6cee9bb4766da33b8cf27518a50520711671f39de1cb9f640904fd667bdd262b` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 23:06:38 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 54064 content-type image/png
GET H2	200	hard4.png kam.ysj.mybluehost.me/c/images/	19 KB 19 KB	587ms 586ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard4.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `94863c14f3dcb93ec64b692f36b3f38f2246a56ef0786c37c6fb6ac54fa05a78` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:48:24 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 19311 content-type image/png
GET H2	200	hard04.png kam.ysj.mybluehost.me/c/images/	16 KB 16 KB	587ms 586ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard04.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `f11e83b6b9777d140bd87a2ee8ab36c43805196e9f711b8e74113d2baaa1e30c` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 22:50:38 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 16566 content-type image/png
GET H2	200	hard_btn.png kam.ysj.mybluehost.me/c/images/	17 KB 17 KB	394ms 393ms	Image image/png	50.87.193.142 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://kam.ysj.mybluehost.me/c/images/hard_btn.png Requested by Host: kam.ysj.mybluehost.me URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.193.142 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2339.bluehost.com Software Apache / Resource Hash `9075b3dc372be368cd3dbf632bd4ddc740413b49011edb8a312890f1355efa33` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Accept-Language en-AU,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 02:39:16 GMT last-modified Sat, 25 Aug 2018 23:11:56 GMT server Apache accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 17634 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commonwealth Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Gvf object| Base64 object| Utf8 string| ctrTxt

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kam.ysj.mybluehost.me/c/Logon.php?cmd=login_submit&id=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7&session=cc66bc306f7e29c063ccdb7e1deef4a7cc66bc306f7e29c063ccdb7e1deef4a7 Message: Failed to load resource: the server responded with a status of 406 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ayzarinc.com
kam.ysj.mybluehost.me
104.199.112.194
50.87.193.142
3264d296c2f87aa755040b999b748a58e99b7d16a08d255aaa29dce476ee8f84
412fc1f20f8e70a4707adcf658a93a309bea1828f8d643edba405003694c88f6
676f8f8186541525e556a51d26824f5e92b3b720069f8c6f527af459e6f1af4c
6cee9bb4766da33b8cf27518a50520711671f39de1cb9f640904fd667bdd262b
86b1fd05440defdbb5bf717dc232a3af67086a2dcaa74c8a3fc9ebb2d079eb8c
9075b3dc372be368cd3dbf632bd4ddc740413b49011edb8a312890f1355efa33
93416d5dc0f1c9d04449985a6a78fe8d51f752552855f0be1291fdb72d3d16ae
94863c14f3dcb93ec64b692f36b3f38f2246a56ef0786c37c6fb6ac54fa05a78
cad9a0c5684e082632135bbea1214ab7e115662df56625be24b5ca37667f8650
cd64e830fefc10c485424410152382e8f6222750f78553a2a12ec79bb31ea7d9
e766b0fce09939eec5a683cb2a47af5d7ec365b0c266a11dd431bd990c22bd1f
f11e83b6b9777d140bd87a2ee8ab36c43805196e9f711b8e74113d2baaa1e30c

kam.ysj.mybluehost.me Open in urlscan Pro 50.87.193.142 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

299 kBTransfer

321 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

kam.ysj.mybluehost.me Open in urlscan Pro
50.87.193.142 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

299 kB
Transfer

321 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!