34.228.52.199 Open in urlscan Pro
34.228.52.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ds-intel.net/
Effective URL:
http://34.228.52.199/ui/login/?next=%2F
Submission: On August 30 via manual (August 30th 2018, 7:47:11 pm UTC) from CA

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 34.228.52.199, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is 34.228.52.199.

This is the only time 34.228.52.199 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 3	184.168.221.22 184.168.221.22		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 10	34.228.52.199 34.228.52.199		14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:806::200a		15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003		15169 (GOOGLE) (GOOGLE - Google LLC)
11	3

3 184.168.221.22 (Scottsdale, United States) 3 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-221-22.ip.secureserver.net

ds-intel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.228.52.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-228-52-199.compute-1.amazonaws.com

34.228.52.199	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ds-intel.net 3 redirects ds-intel.net	486 B
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	1 KB
11	3

	Domain	Requested by
3	ds-intel.net	3 redirects
1	fonts.gstatic.com	34.228.52.199
1	fonts.googleapis.com	34.228.52.199
11	3

This site contains links to these domains. Also see Links.

Domain
threatstream.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://34.228.52.199/ui/login/?next=%2F
Frame ID: 96AA537C3264F9287945F272CFB480D0
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ds-intel.net/ HTTP 302
http://ds-intel.net/McepZ/ HTTP 302
http://ds-intel.net/ HTTP 301
http://34.228.52.199/ HTTP 302
http://34.228.52.199/ui/login/?next=%2F Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i
html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

11
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

333 kB
Transfer

345 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://threatstream.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ds-intel.net/ HTTP 302
http://ds-intel.net/McepZ/ HTTP 302
http://ds-intel.net/ HTTP 301
http://34.228.52.199/ HTTP 302
http://34.228.52.199/ui/login/?next=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
34.228.52.199/ui/login/
Redirect Chain

http://ds-intel.net/
http://ds-intel.net/McepZ/
http://ds-intel.net/
http://34.228.52.199/
http://34.228.52.199/ui/login/?next=%2F

3 KB
2 KB

101ms
101ms

Document
text/html

34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 031d74797ce34fa16181ba475a7254ae72f78c98977b5370b0df37b9ce87cfa3

Request headers

Host: 34.228.52.199
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: session=.eJwtjE8LgjAcQL9K_M4epPQieGgUQ9CJ4J-2EHGunGMDwWiK-N0r8vTgwXsrNE_dTvIxQXBf4fD6g0MAbeUbbsMQNmc3BZ41vREd4fnNFjTyAbl8QZIeie5OSS-wHLsFWVoJHfe_st5qB5pBQLAvmDp7acU0U6VkprAkz2x6QYaqyGPm6hJTKoKpn-TZN98-5AozTA.DmnbNA.uQ-Upaxjq8iECp_iy8OxfAVJOeI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 96AA537C3264F9287945F272CFB480D0

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 30 Aug 2018 19:47:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s; HttpOnly; Path=/
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 30 Aug 2018 19:47:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 245
Connection: keep-alive
Location: http://34.228.52.199/ui/login/?next=%2F
Set-Cookie: session=.eJwtjE8LgjAcQL9K_M4epPQieGgUQ9CJ4J-2EHGunGMDwWiK-N0r8vTgwXsrNE_dTvIxQXBf4fD6g0MAbeUbbsMQNmc3BZ41vREd4fnNFjTyAbl8QZIeie5OSS-wHLsFWVoJHfe_st5qB5pBQLAvmDp7acU0U6VkprAkz2x6QYaqyGPm6hJTKoKpn-TZN98-5AozTA.DmnbNA.uQ-Upaxjq8iECp_iy8OxfAVJOeI; HttpOnly; Path=/

GET
H/1.1 200
OK jquery.js Show response
34.228.52.199/static/js/vendor/ 82 KB
82 KB 98ms
97ms Script
application/javascript 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/js/vendor/jquery.js
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0961697bd942a8fd6323ac9bd0e220eebf7f427e82070c8f354e052a8a38352b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://34.228.52.199/ui/login/?next=%2F
Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:00 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-14795"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83861

GET
H/1.1 200
OK foundation.min.css
34.228.52.199/static/css/ 105 KB
105 KB 205ms
106ms Stylesheet
text/css 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/css/foundation.min.css
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 44c7c465dce3865272dc7c3ee91f01c0200e6a259de116f6297b77d33416c88e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://34.228.52.199/ui/login/?next=%2F
Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-1a4f0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107760

GET
H/1.1 200
OK normalize.css
34.228.52.199/static/css/ 8 KB
8 KB 205ms
103ms Stylesheet
text/css 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/css/normalize.css
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6b52e5a934e2df10d6da22bed60f50f195e8054dc18d9934d5d97f0804e1fc9f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://34.228.52.199/ui/login/?next=%2F
Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-1f28"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7976

GET
H/1.1 200
OK foundation.min.js Show response
34.228.52.199/static/js/vendor/ 69 KB
70 KB 205ms
103ms Script
application/javascript 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/js/vendor/foundation.min.js
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6e2fe707c059531bb331c6b99fd04f1d5ea657964479f05e8e076267ca35fa30

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://34.228.52.199/ui/login/?next=%2F
Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-11532"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70962

GET
H/1.1 200
OK modernizr.js Show response
34.228.52.199/static/js/vendor/ 11 KB
11 KB 205ms
103ms Script
application/javascript 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/js/vendor/modernizr.js
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3485afabf51bc73fae971d455ee54a9a569fa03f450aa8cc9c7f8561c9db894d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://34.228.52.199/ui/login/?next=%2F
Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-2bf4"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11252

GET
H/1.1 200
OK main.js Show response
34.228.52.199/static/js/ 13 KB
14 KB 205ms
103ms Script
application/javascript 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/js/main.js
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b6cc888b73737571c29d1af0d2e4eba96b9950da669b8d2507e4e1cd39da4903

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://34.228.52.199/ui/login/?next=%2F
Cookie: session=.eJw9zl-LgkAUBfCvEve5h_7Yi9DDDtVgNCPCpN0bIanlaDNtrLFq4XevdqOnCwfO79w7xEezr_ShAnd7h971_yTgwj6a2KSeTqHrv5M1bwxupPF480stuyQFGyQt0ziSJh2LPOP6krasxigzq_zV3HW7PsRFBu6boPLL8SMyVIaa7LqWKqj9GbNYeg7Z-UDasJQcJ0IFr2FIq59jfP0-Hc4fwo_mQ6m8sa_EjVTeSB5qvGUn8aSJByOhsEW1eJK5I-yyQOU19PdN9wCl1E0d.DmnbNA.28U5SLyoLJy0JtH6ctKGCAfq_9s
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-358e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13710

GET
H/1.1 200
OK tslogo.png
34.228.52.199/static/img/ 22 KB
22 KB 103ms
102ms Image
image/png 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://34.228.52.199/static/img/tslogo.png
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 86dcf496271f61b6cec7dfc458b0460cac89b4b29e8ad0ebd65c9cd8cb265887

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://34.228.52.199/ui/login/?next=%2F
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-58d1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22737

GET
H/1.1 200
OK fastclick.js Show response
34.228.52.199/static/js/vendor/ 8 KB
8 KB 101ms
101ms Script
application/javascript 34.228.52.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://34.228.52.199/static/js/vendor/fastclick.js
Requested by: Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F
Protocol: HTTP/1.1
Server: 34.228.52.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-228-52-199.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 64d47daa17019525550dfc76888ad1b59d451608ee78792c9a970704638c5638

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 34.228.52.199
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://34.228.52.199/ui/login/?next=%2F
Connection: keep-alive
Cache-Control: no-cache
Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Last-Modified: Tue, 14 Nov 2017 21:25:38 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5a0b5f52-20a9"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8361

GET
H/1.1 200
OK css
fonts.googleapis.com/ 14 KB
1 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Requested by

Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f79af0ee328d223e6530d2b59c3f73302b73d32e2db7028bbb3f90c05f5c6d04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://34.228.52.199/ui/login/?next=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 30 Aug 2018 19:47:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 19:47:01 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Aug 2018 19:47:01 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 37ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: 34.228.52.199
URL: http://34.228.52.199/ui/login/?next=%2F

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Origin: http://34.228.52.199

Response headers

Date: Fri, 24 Aug 2018 13:06:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 21:49:38 GMT
Server: sffe
Age: 542448
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 8732
X-XSS-Protection: 1; mode=block
Expires: Sat, 24 Aug 2019 13:06:13 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Foundation object| html5 object| Modernizr function| FastClick

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ds-intel.net
fonts.googleapis.com
fonts.gstatic.com
184.168.221.22
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
34.228.52.199
031d74797ce34fa16181ba475a7254ae72f78c98977b5370b0df37b9ce87cfa3
0961697bd942a8fd6323ac9bd0e220eebf7f427e82070c8f354e052a8a38352b
3485afabf51bc73fae971d455ee54a9a569fa03f450aa8cc9c7f8561c9db894d
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
44c7c465dce3865272dc7c3ee91f01c0200e6a259de116f6297b77d33416c88e
64d47daa17019525550dfc76888ad1b59d451608ee78792c9a970704638c5638
6b52e5a934e2df10d6da22bed60f50f195e8054dc18d9934d5d97f0804e1fc9f
6e2fe707c059531bb331c6b99fd04f1d5ea657964479f05e8e076267ca35fa30
86dcf496271f61b6cec7dfc458b0460cac89b4b29e8ad0ebd65c9cd8cb265887
b6cc888b73737571c29d1af0d2e4eba96b9950da669b8d2507e4e1cd39da4903
f79af0ee328d223e6530d2b59c3f73302b73d32e2db7028bbb3f90c05f5c6d04