abtrex.ziflow.io - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 54.227.60.158, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is abtrex.ziflow.io.
TLS certificate: Issued by Amazon on July 5th 2022. Valid for: a year.

This is the only time abtrex.ziflow.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	54.227.60.158 54.227.60.158		14618 (AMAZON-AES) (AMAZON-AES)
3	2

3 54.227.60.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-60-158.compute-1.amazonaws.com

abtrex.ziflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ziflow.io abtrex.ziflow.io	96 KB
3	1

	Domain	Requested by
3	abtrex.ziflow.io	abtrex.ziflow.io
3	1

This site contains no links.

Subject Issuer	Validity	Valid
ziflow.io Amazon	`2022-07-05` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md"
Frame ID: F077F6EF9D46F73F941EC2E389661B3A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading Page

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

96 kB
Transfer

152 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request gpmnovo8ri2krpqoh8ceg3a3md" Show response
abtrex.ziflow.io/proof/ 59 KB
44 KB 333ms
107ms Document
text/html 54.227.60.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md"

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.227.60.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-227-60-158.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1bf2831e6dcb6a2789f8c9195d8a1c096eb3f12b47ed97fe0a4e4e9aa8cf9206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
access-control-allow-origin: *
access-control-max-age: 3600
content-encoding: gzip
content-language: de-DE
content-type: text/html
date: Wed, 08 Feb 2023 11:52:10 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding

GET
H2 200 proximanova-reg-webfont.woff
abtrex.ziflow.io/error/fonts/proximanova/ 26 KB
26 KB 186ms
185ms Font
application/font-woff 54.227.60.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://abtrex.ziflow.io/error/fonts/proximanova/proximanova-reg-webfont.woff

Requested by

Host: abtrex.ziflow.io
URL: https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md"

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.227.60.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-227-60-158.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f0a74f8a1450fc3340bbf84be3be7ffd029359759619df103777ec26290a111a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md"
Origin: https://abtrex.ziflow.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 30 Jan 2023 16:37:20 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 26336

GET
DATA 200
OK truncated
/ 42 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e383ca3e695245371571772ce53ff839ec1d23b427297c6f5cb955a57b7e75e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 proximanova-sbold-webfont.woff
abtrex.ziflow.io/error/fonts/proximanova/ 25 KB
26 KB 107ms
106ms Font
application/font-woff 54.227.60.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://abtrex.ziflow.io/error/fonts/proximanova/proximanova-sbold-webfont.woff

Requested by

Host: abtrex.ziflow.io
URL: https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md"

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.227.60.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-227-60-158.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a78efc3b41254071732432148b8353c05a1267ce6cedf134397b54bfc1a89d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md"
Origin: https://abtrex.ziflow.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:52:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 30 Jan 2023 16:37:20 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: application/font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Authorization, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 26100

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://abtrex.ziflow.io/proof/gpmnovo8ri2krpqoh8ceg3a3md" Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abtrex.ziflow.io
54.227.60.158
1bf2831e6dcb6a2789f8c9195d8a1c096eb3f12b47ed97fe0a4e4e9aa8cf9206
4e383ca3e695245371571772ce53ff839ec1d23b427297c6f5cb955a57b7e75e
a78efc3b41254071732432148b8353c05a1267ce6cedf134397b54bfc1a89d5f
f0a74f8a1450fc3340bbf84be3be7ffd029359759619df103777ec26290a111a

abtrex.ziflow.io Open in urlscan Pro 54.227.60.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

96 kBTransfer

152 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

abtrex.ziflow.io Open in urlscan Pro
54.227.60.158 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

96 kB
Transfer

152 kB
Size

0
Cookies

3 HTTP transactions
1 data transactions