![](/screenshots/dd4a1d50-7082-4446-8d27-e5b7dbc71529.png)
xn--aoutvrzn-gkb51a92lexfa.line.pm
Open in
urlscan Pro
Puny
aссoutvrįzōʼn.line.pm IDN
198.23.59.251
Malicious Activity!
Public Scan
Effective URL: https://xn--aoutvrzn-gkb51a92lexfa.line.pm/Activity
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On March 18 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on March 17th 2024. Valid for: 3 months.
This is the only time xn--aoutvrzn-gkb51a92lexfa.line.pm was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Verizon (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 15 | 198.23.59.251 198.23.59.251 | 32748 (STEADFAST) (STEADFAST) | |
4 | 68.232.35.163 68.232.35.163 | 15133 (EDGECAST) (EDGECAST) | |
17 | 3 |
ASN32748 (STEADFAST, US)
PTR: hosted.by.liquidnetlimited.com
mask6.xn--6frz82g | |
xn--aoutvrzn-gkb51a92lexfa.line.pm |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
line.pm
1 redirects
xn--aoutvrzn-gkb51a92lexfa.line.pm |
318 KB |
4 |
vzw.com
scache1.vzw.com — Cisco Umbrella Rank: 19365 scache2.vzw.com — Cisco Umbrella Rank: 21190 |
135 KB |
1 |
1 redirects
function sub() { [native code] }. |
153 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
14 | xn--aoutvrzn-gkb51a92lexfa.line.pm |
1 redirects
xn--aoutvrzn-gkb51a92lexfa.line.pm
|
2 | scache2.vzw.com |
xn--aoutvrzn-gkb51a92lexfa.line.pm
|
2 | scache1.vzw.com |
xn--aoutvrzn-gkb51a92lexfa.line.pm
|
1 | mask6.xn--6frz82g | 1 redirects |
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
xn--aoutvrzn-gkb51a92lexfa.line.pm R3 |
2024-03-17 - 2024-06-15 |
3 months | crt.sh |
www.vzw.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2023-11-14 - 2024-11-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://xn--aoutvrzn-gkb51a92lexfa.line.pm/Activity
Frame ID: B6A3143F8CEBC51753E1E0667AD7CD4D
Requests: 21 HTTP requests in this frame
Screenshot
![](/screenshots/dd4a1d50-7082-4446-8d27-e5b7dbc71529.png)
Page Title
My Verizon Log In, Sign in to your Verizon Wireless or Fios AccountPage URL History Show full URLs
-
https://mask6.xn--6frz82g/
HTTP 301
https://xn--aoutvrzn-gkb51a92lexfa.line.pm/?anu HTTP 302
https://xn--aoutvrzn-gkb51a92lexfa.line.pm/Activity Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://mask6.xn--6frz82g/
HTTP 301
https://xn--aoutvrzn-gkb51a92lexfa.line.pm/?anu HTTP 302
https://xn--aoutvrzn-gkb51a92lexfa.line.pm/Activity Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Activity
xn--aoutvrzn-gkb51a92lexfa.line.pm/ Redirect Chain
|
265 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.css
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/css/ |
20 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.css
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/css/ |
37 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.css
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/css/ |
172 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.css
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.css
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
202 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
377 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
322 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VerizonNHGeDS-Regular.woff2
scache1.vzw.com/globalnav/fonts/verizon-nhg/ |
35 KB 35 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VerizonNHGeTX-Bold.woff2
scache2.vzw.com/globalnav/fonts/verizon-nhg/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VerizonNHGeTX-Regular.woff2
scache1.vzw.com/globalnav/fonts/verizon-nhg/ |
31 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VerizonNHGeDS-Bold.woff2
scache2.vzw.com/globalnav/fonts/verizon-nhg/ |
37 KB 37 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Activity
xn--aoutvrzn-gkb51a92lexfa.line.pm/ |
225 KB 225 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NHaasGroteskDSW02-75Bd.woff2
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/content/fonts/ |
509 B 242 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NeueHaasGroteskText55Roman.woff
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/content/fonts/ |
509 B 265 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NeueHaasGroteskText55Roman.ttf
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/content/fonts/ |
509 B 242 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NHaasGroteskDSW02-75Bd.woff
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/content/fonts/ |
509 B 242 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NHaasGroteskDSW02-75Bd.ttf
xn--aoutvrzn-gkb51a92lexfa.line.pm/SEKYA/assets/content/fonts/ |
509 B 242 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Verizon (Telecommunication)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| submitZenkey function| linkZenkey1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
xn--aoutvrzn-gkb51a92lexfa.line.pm/ | Name: PHPSESSID Value: o0gfubg0ca6s5hbf6oh4p29iue |
20 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mask6.xn--6frz82g
scache1.vzw.com
scache2.vzw.com
xn--aoutvrzn-gkb51a92lexfa.line.pm
198.23.59.251
68.232.35.163
0c555d1db56f550d6ba2ba99a21e0b07d2e053b21b6a38fafb711671943232a1
219ed770209178cfae3830698ebae9fefd7fdd26f776fa140fdc335182f658e6
5188f392844b22b57851af1e3881bc0c56413c41b4313b6eb21e45ae6e93bf40
55dc0afe72b50a484bc7bdc26c189739271330223c545ce029986452bc0a7ebc
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
736d13700764ed0b75a04992b0edaa8b123283373efbd7e3e6642c9477af64cf
784cbd03f4bdf5bba044dc00a0617e5e181207a459eaf5e3cce202fb72630280
823e50049d1b8d1f6720d8e99c19fbd5e8725cc6a2857c4bee3fc9509026356e
9154e38d2f03ea261878ab71a512293902187ca3ed19ea58a1b7193d35390d76
9802765e3779edc07e95735d2a7bc238cf27b78e9d42f3fc74fb52e7a458aa8c
b16407419e649056805930aa9efe1bcfe7c3d5fabb7efc7b16e497339df4ecde
d25264e64c635679824e44fcbb8f8484c5b98881673415a2b88740b315f2851d
dfb080cb316479638930e2900773de0297258d37b5c273a22a7b0c8eaabf14f3
e07a6aec3407719bbdeab317b60da26117a8f1975018aa11ef56dc83eb99555e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5981ad1cbb29551ba04fd27b1931c2c80c594e2b1a248f1a91d2e6dae4bbfe0
f9a3e358c765e2e855a97d16fd79cc528781cb7eb9777f4fb20fe88edcc7de17