com-uhjsf8s.us Open in urlscan Pro
198.54.114.221 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Submission: On August 18 via manual (August 18th 2017, 7:12:23 am UTC) from LK

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 26 HTTP transactions. The main IP is 198.54.114.221, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is com-uhjsf8s.us.

This is the only time com-uhjsf8s.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.114.221 198.54.114.221	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
1	69.16.219.23 69.16.219.23	32244 (LIQUID-WE...) (LIQUID-WEB-INC - Liquid Web)
1	94.31.29.54 94.31.29.54	54104 (AS-NETDNA) (AS-NETDNA - netDNA)
1	151.101.128.194 151.101.128.194	54113 (FASTLY) (FASTLY - Fastly)
1	201.157.40.69 201.157.40.69	22566 (Maxcom Te...) (Maxcom Telecomunicaciones)
2	52.218.192.3 52.218.192.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY - Fastly)
11	2400:cb00:204... 2400:cb00:2048:1::681f:5a7e	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:400... 2a00:1450:4001:81d::2014	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	208.43.241.178 208.43.241.178	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	69.4.231.31 69.4.231.31	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
26	14

1 198.54.114.221 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server213-1.web-hosting.com

com-uhjsf8s.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.219.23 (Lansing, United States)

ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US)

gd.geobytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.54 (United Kingdom)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 94.31.29.54.IPYX-077437-ZYO.above.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.194 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

vignette2.wikia.nocookie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 201.157.40.69 (Mexico, Mexico)

ASN22566 (Maxcom Telecomunicaciones, S.A.B. de C.V., MX)
PTR: 201-157-40-69.internetmax.maxcom.net.mx

www.tsys-tools.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.192.3 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-website-us-west-2.amazonaws.com

www.marlboro-prizes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2400:cb00:2048:1::681f:5a7e (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

randomuser.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2014 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

geoapi123.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.43.241.178 (Chantilly, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b2.f1.2bd0.ip4.static.sl-reverse.com

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.4.231.31 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	randomuser.me randomuser.me	70 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	imgur.com i.imgur.com	1 KB
2	marlboro-prizes.com www.marlboro-prizes.com	11 KB
1	dtscout.com e.dtscout.com t.dtscout.com Failed	4 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	appspot.com geoapi123.appspot.com	156 B
1	tsys-tools.com.mx www.tsys-tools.com.mx	5 KB
1	nocookie.net vignette2.wikia.nocookie.net	11 KB
1	jquery.com code.jquery.com	34 KB
1	geobytes.com gd.geobytes.com	99 B
1	com-uhjsf8s.us com-uhjsf8s.us	7 KB
26	12

	Domain	Requested by
11	randomuser.me	com-uhjsf8s.us
2	i.imgur.com	com-uhjsf8s.us
2	www.marlboro-prizes.com	com-uhjsf8s.us
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	com-uhjsf8s.us
1	ajax.googleapis.com	com-uhjsf8s.us
1	geoapi123.appspot.com	com-uhjsf8s.us
1	www.tsys-tools.com.mx	com-uhjsf8s.us
1	vignette2.wikia.nocookie.net	com-uhjsf8s.us
1	code.jquery.com	com-uhjsf8s.us
1	gd.geobytes.com	com-uhjsf8s.us
1	com-uhjsf8s.us
0	t.dtscout.com Failed	e.dtscout.com
26	14

This site contains no links.

Subject Issuer	Validity	Valid
www.tsys-tools.com.mx Symantec Class 3 Secure Server CA - G4	`2017-01-18` - `2019-02-17`	2 years	crt.sh
sni39465.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-05-23` - `2017-11-29`	6 months	crt.sh

This page contains 2 frames:

Primary Page: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Frame ID: 17167.1
Requests: 25 HTTP requests in this frame

Frame: http://t.dtscout.com/idg/
Frame ID: 17167.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

26
Requests

46 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

180 kB
Transfer

313 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 7

http://i.imgur.com/CEc1W3y.jpg
http://i.imgur.com/removed.png

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
com-uhjsf8s.us/Pizzahut/ 23 KB
7 KB 434ms
168ms Document
text/html 198.54.114.221
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 198.54.114.221 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server213-1.web-hosting.com
Software: Apache /
Resource Hash: c2f32c68cd719087bf832481863dcda3ace7c987c309f3709b6758ae9406604e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Aug 2017 18:20:29 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 7072

GET
H/1.1 200
OK gd Show response
gd.geobytes.com/ 99 B
99 B 240ms
120ms Script
application/javascript 69.16.219.23
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://gd.geobytes.com/gd?after=-1&variables=GeobytesInternet
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 69.16.219.23 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS
Software: /
Resource Hash: 81defacda5c2eed9007dfb88c059d1e0f78fff59d15c7bfb35e568b549f9c353

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Sat, 18 Aug 2017 07:12:12 GMT
Expires: 0
Content-Length: 99
Content-Type: application/javascript

GET
H/1.1 200
OK jquery-1.5.1.min.js Show response
code.jquery.com/ 83 KB
34 KB 14ms
8ms Script
application/javascript 94.31.29.54
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.5.1.min.js
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 94.31.29.54 , United Kingdom, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS: 94.31.29.54.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: NetDNA-cache/2.2
ETag: W/"54499a47-14d0c"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK latest
vignette2.wikia.nocookie.net/logopedia/images/b/b3/Pizza_Hut_Logo_2.png/revision/ 11 KB
11 KB 11ms
5ms Image
image/webp 151.101.128.194
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vignette2.wikia.nocookie.net/logopedia/images/b/b3/Pizza_Hut_Logo_2.png/revision/latest?cb=20161129133747
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 151.101.128.194 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 1a8eb1cc3cfeb0e2e5f36464e06b7bb44414310d9fecdc55c807e91daa35cf1b

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
X-Cacheable: YES
Age: 212407
X-Cache: ORIGIN, HIT, HIT
Content-Disposition: inline; filename="Pizza_Hut_Logo_2.webp"; filename*=UTF-8''Pizza_Hut_Logo_2.webp
Connection: keep-alive
X-Surrogate-Key: 973d723e5b1053b93be4e135619ff0500455ee34
Content-Length: 11716
X-Served-By: dfs-s4, cache-wk-sjc3161-WIKIA, cache-hhn1545-HHN
X-Thumbnailer: Vignette
X-Timer: S1503040332.205639,VS0,VE0
Fastly-Debug-Digest: 3d01547c53ea5e9ff30f44c1f4b0523d52a8a6d66318550782377f38c9b597fd
ETag: "ba61cb7553ed336e2fff9e6c35463876"
Vary: Accept
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: ORIGIN, 1, 2

GET
H/1.1 200
OK loading.gif
www.tsys-tools.com.mx/digital-data-delivery/resources/img/ 5 KB
5 KB 842ms
164ms Image
image/gif 201.157.40.69
Maxcom Telecomuni...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tsys-tools.com.mx/digital-data-delivery/resources/img/loading.gif

Requested by

Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

201.157.40.69 Mexico, Mexico, ASN22566 (Maxcom Telecomunicaciones, S.A.B. de C.V., MX),

Reverse DNS

201-157-40-69.internetmax.maxcom.net.mx

Software

Apache / Servlet/3.0 JSP/2.2

Resource Hash

a38c7997fe17f718915694f3e76ab9d0119d861886ac9869ee27b2428652b86e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2017 17:50:12 GMT
Server: Apache
X-FRAME-OPTIONS: SAMEORIGIN
X-Powered-By: Servlet/3.0 JSP/2.2
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK H5lqORR.png
www.marlboro-prizes.com/ 2 KB
2 KB 706ms
179ms Image
image/png 52.218.192.3
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.marlboro-prizes.com/H5lqORR.png
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 52.218.192.3 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-website-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7ac9690d5ebad97785c1c5c2a5f69e1cc6ea703b9e1c2674bb32b895247bf59b

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:13 GMT
Last-Modified: Mon, 14 Aug 2017 14:10:03 GMT
Server: AmazonS3
x-amz-request-id: A3D2CCC0A18ED600
ETag: "08e4308c8109a7c271bf99dab1af1121"
Content-Type: image/png
Content-Length: 1971
x-amz-id-2: G+hlWyMjvHTHXQEH4/3ETRHwdrMb98zf05CVl/fxZwt5AEr7GKLj308GrjxXnuU/NNLIeNpKe4o=

GET
H/1.1 200
OK Us1pvLP.png
www.marlboro-prizes.com/ 9 KB
9 KB 712ms
178ms Image
image/png 52.218.192.3
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.marlboro-prizes.com/Us1pvLP.png
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 52.218.192.3 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-website-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: cde29d218b496e372446b582db01150b1faa86fda0e724dbf0fb373bda6a6f30

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:13 GMT
Last-Modified: Mon, 14 Aug 2017 14:10:04 GMT
Server: AmazonS3
x-amz-request-id: 24FB89C93976C2D8
ETag: "5e58a6be6cc5675d22190a8e780317ab"
Content-Type: image/png
Content-Length: 9112
x-amz-id-2: 51EXInNUE1c7wLw50tQXSNqKHZZshCn3aMSwu2UyO7Nedso779BFsPX0sV+SFStd+pgl/mG+9sc=

GET
H/1.1 200
OK p2hZ58C.jpg
i.imgur.com/ 655 B
655 B 11ms
5ms Image
image/jpeg 151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/p2hZ58C.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: d41995de24d024734f01a1f3a66d705ab34eb86ee58a67137196a36af2d86930

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Age: 1837275
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 655
X-Served-By: cache-iad2150-IAD, cache-hhn1545-HHN
Last-Modified: Fri, 28 Jul 2017 00:50:54 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1503040332.269399,VS0,VE0
ETag: "942488b472246c9200a2ad259787a8ff"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 4a915dc3d228ec30a2dd867a4da6c94bb67bfd2dec921c54c0bb8e1dda7f3681
Accept-Ranges: bytes
X-Cache-Hits: 1, 7

GET
H/1.1

200
OK

removed.png
i.imgur.com/
Redirect Chain

http://i.imgur.com/CEc1W3y.jpg
http://i.imgur.com/removed.png

503 B
503 B

5ms
5ms

Image
image/png

151.101.112.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.imgur.com/removed.png
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Age: 7513975
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 503
X-Served-By: cache-iad2149-IAD, cache-hhn1530-HHN
Last-Modified: Wed, 14 May 2014 05:44:36 GMT
Server: cat factory 1.0
cache-control: public, max-age=31536000
X-Timer: S1503040332.280503,VS0,VE0
ETag: "d835884373f4d6c8f24742ceabe74946"
Vary: Accept, Accept
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: fe29cadb5c88e99f9d993f03a8d2720892bf45940d6129d3d703f6ce96907978
Accept-Ranges: bytes
X-Cache-Hits: 1, 47129

Redirect headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Age: 432
X-Cache: MISS, HIT
Connection: keep-alive
Content-Length: 0
X-Served-By: cache-iad2131-IAD, cache-hhn1530-HHN
Server: cat factory 1.0
X-Timer: S1503040332.263917,VS0,VE0
Location: http://i.imgur.com/removed.png
Vary: Accept
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Fastly-Debug-Digest: 480a786874fbe1eb42cb315724dd59916cfde9130a446a37e05b0ea2aa66493d
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0, 5

GET
S 200 54.jpg
randomuser.me/api/portraits/men/ 5 KB
5 KB 78ms
37ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/men/54.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: d1a3e08d4e37d6ee2b7de1db8df87c1dc7acd8ffb004caaf980917de518a60c9

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-149c"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cdd86278c-FRA
content-length: 5276
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 32.jpg
randomuser.me/api/portraits/men/ 5 KB
5 KB 1207ms
1166ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/men/32.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a634d4f02fe5b77804943c1d74b8d70e35ffe26454e0e9af9717432a2c72bfde

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:13 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-147a"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cdd88278c-FRA
content-length: 5242
expires: Sun, 17 Sep 2017 07:12:13 GMT

GET
S 200 24.jpg
randomuser.me/api/portraits/men/ 18 KB
18 KB 66ms
24ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/men/24.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: aa71ceacc335c50de5d72536473637050da921b5439ea9b4fb289b8f76c5720e

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-469a"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cdd8a278c-FRA
content-length: 18074
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 21.jpg
randomuser.me/api/portraits/women/ 3 KB
3 KB 60ms
19ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/21.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 11d956f8b1bf14c55157948c614aab760383cc7685163ed43e25609c7c050266

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-d91"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cdd87278c-FRA
content-length: 3473
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 73.jpg
randomuser.me/api/portraits/women/ 6 KB
6 KB 70ms
29ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/73.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 88445d944fdf0bc52a4f79ddf5cffde16e42eec01bdd3e32ab6234cef44411b3

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-164d"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cdd8b278c-FRA
content-length: 5709
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 2.jpg
randomuser.me/api/portraits/men/ 5 KB
5 KB 50ms
20ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/men/2.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 716cfb40836039a4e9e34d89320b6398ba7871ea7882e32b7397029586f6dda7

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-125d"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cdd89278c-FRA
content-length: 4701
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 99.jpg
randomuser.me/api/portraits/men/ 5 KB
5 KB 11ms
11ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/men/99.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: eb0d14c51d571b63ba1aa4050367d192f71c8e9d5c1aa15cd6de9aacae05b2a1

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-1460"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cfd9b278c-FRA
content-length: 5216
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 53.jpg
randomuser.me/api/portraits/women/ 6 KB
6 KB 7ms
7ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/53.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: f8f2ddc445b6b2318430260bdebb665c9415865827230565aa42f57c9c794baf

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-18d9"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103cfd9f278c-FRA
content-length: 6361
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 46.jpg
randomuser.me/api/portraits/women/ 6 KB
6 KB 12ms
11ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/46.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: efdb6ee589c3b1c29cbed18fe546fe8d9e2764f92cfa9a27bcb2d95b4f402e13

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-1696"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103d0da2278c-FRA
content-length: 5782
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 89.jpg
randomuser.me/api/portraits/women/ 4 KB
4 KB 9ms
8ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/89.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8d0417f0910586650f889adf5f72fb8ad336f07247cbfd9da9dd6db02546dd00

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-1158"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103d0da3278c-FRA
content-length: 4440
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
S 200 61.jpg
randomuser.me/api/portraits/women/ 7 KB
7 KB 8ms
8ms Image
image/jpeg 2400:cb00:2048:1::681f:5a7e
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/61.jpg
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:5a7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4aecd2756ae2ed682f204b0f81ca0f478d5a870f3dfa771e8cb30b567715fcfd

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Fri, 18 Aug 2017 07:12:12 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2016 02:26:17 GMT
server: cloudflare-nginx
etag: "570716c9-1bc9"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3903103d0da4278c-FRA
content-length: 7113
expires: Sun, 17 Sep 2017 07:12:12 GMT

GET
H/1.1 200
OK / Show response
geoapi123.appspot.com/ 400 B
156 B 139ms
133ms Script
text/html 2a00:1450:4001:81d::2014
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://geoapi123.appspot.com/
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2014 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8eb553da27ed9787f002bb2577105a6609e724de5a27096ee22203aaf1f13cdc

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Content-Encoding: gzip
Server: Google Frontend
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Cloud-Trace-Context: 9b7b06c92e1b47e5cbc82a59ba50a5c2
Cache-Control: private
Content-Length: 156

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:818::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 04 Aug 2017 22:48:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1153399
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33434
X-XSS-Protection: 1; mode=block
Expires: Sat, 04 Aug 2018 22:48:53 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 10 KB
4 KB 17ms
8ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: com-uhjsf8s.us
URL: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:07:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 15:26:33 GMT
X-CDN-Pop-IP: 137.74.120.32/27
ETag: W/"1262556565"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 4746
Content-Type: application/javascript; charset=UTF-8
X-CDN-Pop: sbg
Accept-Ranges: bytes
Content-Length: 4243

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 381 B
381 B 181ms
90ms Script
text/html 208.43.241.178
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?3877226&@f16&@g1&@h1&@i1&@j1503040332315&@k0&@l1&@mPIzza%20hut%202017&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@vhttp%3A%2F%2Fcom-uhjsf8s.us%2FPizzahut%2F%3FPQ0UP68&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Server: 208.43.241.178 Chantilly, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b2.f1.2bd0.ip4.static.sl-reverse.com
Software: /
Resource Hash: 8338e8dc05c454b0fc0fde241ddb5284bf61e82ace912b71c9167c712e4ab96b

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Connection: close
Content-Length: 381
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 4 KB
4 KB 182ms
91ms Script
application/javascript 69.4.231.31
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fcom-uhjsf8s.us%2FPizzahut%2F%3FPQ0UP68&j=
Requested by: Host: s4.histats.com
URL: http://s4.histats.com/stats/0.php?3877226&@f16&@g1&@h1&@i1&@j1503040332315&@k0&@l1&@mPIzza%20hut%202017&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@vhttp%3A%2F%2Fcom-uhjsf8s.us%2FPizzahut%2F%3FPQ0UP68&@w
Protocol: HTTP/1.1
Server: 69.4.231.31 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: no-rdns.ord02.hostingservicesinc.net
Software: /
Resource Hash: a60398b6c3c17a3a0a4ae9688444c5f59a44ed05ec8e536aee8fd353d4156f57

Request headers

Referer: http://com-uhjsf8s.us/Pizzahut/?PQ0UP68
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Fri, 18 Aug 2017 07:12:12 GMT
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript
X-Z: E
Transfer-Encoding: chunked
Expires: Fri, 18 Aug 2017 07:12:11 GMT

GET /
t.dtscout.com/idg/ Frame 1716 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.dtscout.com
URL: http://t.dtscout.com/idg/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	2022-08-17 07:12:12	Name: d Value: null
.dtscout.com/	2019-08-18 07:12:12	Name: df Value: 1503040332
.dtscout.com/	2017-08-18 15:12:12	Name: es Value: 1
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstCla3877226 Value: 1503040332315
.dtscout.com/	2037-12-31 23:55:55	Name: l Value: RQTnH1mWk0ysjFxwMbeMAg==
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstCmu3877226 Value: 1503040332315
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstPn3877226 Value: 1
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstPt3877226 Value: 1
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstCnv3877226 Value: 1
.dtscout.com/	2017-08-19 07:12:12	Name: ah Value: 1
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstCfa3877226 Value: 1503040332315
.dtscout.com/	2017-08-18 07:42:12	Name: m Value: 1
.dtscout.com/	2017-08-18 15:12:12	Name: b Value: 1
com-uhjsf8s.us/	2018-08-18 07:12:12	Name: HstCns3877226 Value: 1
.dtscout.com/	2017-08-18 15:12:12	Name: ey Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
com-uhjsf8s.us
e.dtscout.com
gd.geobytes.com
geoapi123.appspot.com
i.imgur.com
randomuser.me
s10.histats.com
s4.histats.com
t.dtscout.com
vignette2.wikia.nocookie.net
www.marlboro-prizes.com
www.tsys-tools.com.mx
t.dtscout.com
151.101.112.193
151.101.128.194
198.54.114.221
201.157.40.69
208.43.241.178
2400:cb00:2048:1::681f:5a7e
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2014
46.105.201.240
52.218.192.3
69.16.219.23
69.4.231.31
94.31.29.54
11d956f8b1bf14c55157948c614aab760383cc7685163ed43e25609c7c050266
1a8eb1cc3cfeb0e2e5f36464e06b7bb44414310d9fecdc55c807e91daa35cf1b
4aecd2756ae2ed682f204b0f81ca0f478d5a870f3dfa771e8cb30b567715fcfd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
716cfb40836039a4e9e34d89320b6398ba7871ea7882e32b7397029586f6dda7
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
7ac9690d5ebad97785c1c5c2a5f69e1cc6ea703b9e1c2674bb32b895247bf59b
81defacda5c2eed9007dfb88c059d1e0f78fff59d15c7bfb35e568b549f9c353
8338e8dc05c454b0fc0fde241ddb5284bf61e82ace912b71c9167c712e4ab96b
88445d944fdf0bc52a4f79ddf5cffde16e42eec01bdd3e32ab6234cef44411b3
8d0417f0910586650f889adf5f72fb8ad336f07247cbfd9da9dd6db02546dd00
8eb553da27ed9787f002bb2577105a6609e724de5a27096ee22203aaf1f13cdc
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
a38c7997fe17f718915694f3e76ab9d0119d861886ac9869ee27b2428652b86e
a60398b6c3c17a3a0a4ae9688444c5f59a44ed05ec8e536aee8fd353d4156f57
a634d4f02fe5b77804943c1d74b8d70e35ffe26454e0e9af9717432a2c72bfde
aa71ceacc335c50de5d72536473637050da921b5439ea9b4fb289b8f76c5720e
c2f32c68cd719087bf832481863dcda3ace7c987c309f3709b6758ae9406604e
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560
cde29d218b496e372446b582db01150b1faa86fda0e724dbf0fb373bda6a6f30
d1a3e08d4e37d6ee2b7de1db8df87c1dc7acd8ffb004caaf980917de518a60c9
d41995de24d024734f01a1f3a66d705ab34eb86ee58a67137196a36af2d86930
eb0d14c51d571b63ba1aa4050367d192f71c8e9d5c1aa15cd6de9aacae05b2a1
efdb6ee589c3b1c29cbed18fe546fe8d9e2764f92cfa9a27bcb2d95b4f402e13
f8f2ddc445b6b2318430260bdebb665c9415865827230565aa42f57c9c794baf

com-uhjsf8s.us Open in urlscan Pro 198.54.114.221 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

26 Requests

46 %HTTPS

23 %IPv6

12 Domains

14 Subdomains

14 IPs

5 Countries

180 kBTransfer

313 kBSize

15 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

15 Cookies

Indicators

com-uhjsf8s.us Open in urlscan Pro
198.54.114.221 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

46 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

180 kB
Transfer

313 kB
Size

15
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!