amazonx.tk Open in urlscan Pro
2a02:4780:dead:f32c::1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://infomails.ru/campaigns/hp5074rj2p6f4/track-url/wv824seyws56f/73690bb9c5bdf2ff0cfe07575f05c6ccd247c5ba
Effective URL:
http://amazonx.tk/
Submission: On April 12 via manual (April 12th 2019, 7:51:19 am UTC) from JP

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 28 HTTP transactions. The main IP is 2a02:4780:dead:f32c::1, located in Lithuania and belongs to AWEX, US. The main domain is amazonx.tk.

This is the only time amazonx.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.57.68.35 176.57.68.35	24875 (NOVOSERVE-AS) (NOVOSERVE-AS)
1	195.216.243.155 195.216.243.155	29226 (MASTERTEL...) (MASTERTEL-AS Moscow)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a02:4780:dea... 2a02:4780:dead:f32c::1	204915 (AWEX) (AWEX)
2	194.177.23.34 194.177.23.34	199274 (MNGTNET) (MNGTNET)
8	143.204.211.180 143.204.211.180	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700:10:... 2606:4700:10::6814:442e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	143.204.99.194 143.204.99.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.203.2.149 54.203.2.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.33.134.198 52.33.134.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.43.220.193 52.43.220.193	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.69.1.164 54.69.1.164	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
28	12

1 176.57.68.35 (None, ) 1 redirects

ASN24875 (NOVOSERVE-AS, NL)
PTR: infomails.ru

infomails.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.216.243.155 (Moscow, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: s5.unet.com

u.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:4780:dead:f32c::1 (Lithuania)

ASN204915 (AWEX, US)

amazonx.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.177.23.34 (Russian Federation)

ASN199274 (MNGTNET, RU)
PTR: 194-177-23-34.flops.ru

local.adguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.211.180 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-211-180.fra53.r.cloudfront.net

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:442e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.000webhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.99.194 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-99-194.fra50.r.cloudfront.net

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-fe.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.2.149 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-203-2-149.us-west-2.compute.amazonaws.com

fls-fe.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.134.198 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-33-134-198.us-west-2.compute.amazonaws.com

fls-fe.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.220.193 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-43-220-193.us-west-2.compute.amazonaws.com

fls-fe.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.1.164 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-69-1-164.us-west-2.compute.amazonaws.com

fls-fe.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ssl-images-amazon.com images-na.ssl-images-amazon.com images-fe.ssl-images-amazon.com	266 KB
5	yandex.ru 1 redirects mc.yandex.ru	88 KB
4	amazon.com fls-fe.amazon.com	1 KB
3	media-amazon.com m.media-amazon.com	32 KB
3	amazonx.tk amazonx.tk	50 KB
2	adguard.com local.adguard.com	480 B
1	000webhost.com cdn.000webhost.com	2 KB
1	u.to u.to	998 B
1	infomails.ru 1 redirects infomails.ru	520 B
0	yadro.ru Failed counter.yadro.ru Failed
28	10

	Domain	Requested by
8	images-na.ssl-images-amazon.com	amazonx.tk
5	mc.yandex.ru	1 redirects u.to
4	fls-fe.amazon.com	images-fe.ssl-images-amazon.com
3	m.media-amazon.com	amazonx.tk
3	amazonx.tk	u.to
2	local.adguard.com	amazonx.tk
1	images-fe.ssl-images-amazon.com	amazonx.tk
1	cdn.000webhost.com	amazonx.tk
1	u.to
1	infomails.ru	1 redirects
0	counter.yadro.ru Failed	u.to
28	11

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com

Subject Issuer	Validity	Valid
u.to COMODO RSA Domain Validation Secure Server CA	`2018-09-18` - `2019-09-18`	a year	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2019-02-21` - `2019-07-19`	5 months	crt.sh
*.000webhost.com COMODO RSA Domain Validation Secure Server CA	`2018-10-19` - `2020-12-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://amazonx.tk/
Frame ID: 6E93EA7D18C657EE50A8C9089B687A7F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://infomails.ru/campaigns/hp5074rj2p6f4/track-url/wv824seyws56f/73690bb9c5bdf2ff0cfe07575f05... HTTP 301
https://u.to/nZIQFQ Page URL
http://amazonx.tk/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

28
Requests

64 %
HTTPS

25 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

439 kB
Transfer

1496 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://infomails.ru/campaigns/hp5074rj2p6f4/track-url/wv824seyws56f/73690bb9c5bdf2ff0cfe07575f05c6ccd247c5ba HTTP 301
https://u.to/nZIQFQ Page URL
http://amazonx.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://infomails.ru/campaigns/hp5074rj2p6f4/track-url/wv824seyws56f/73690bb9c5bdf2ff0cfe07575f05c6ccd247c5ba HTTP 301
https://u.to/nZIQFQ

Request Chain 3

https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190412075059%3Aet%3A1555055460%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A170375188%3Ahid%3A1056393328%3Ads%3A14%2C201%2C66%2C1%2C396%2C0%2C0%2C5%2C0%2C937%2C%2C%2C937%3Agdpr%3A14%3Av%3A1516%3Awv%3A2%3Ast%3A1555055460%3Au%3A1555055460780912489%3At%3ARedirecting HTTP 302
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190412075059%3Aet%3A1555055460%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A170375188%3Ahid%3A1056393328%3Ads%3A14%2C201%2C66%2C1%2C396%2C0%2C0%2C5%2C0%2C937%2C%2C%2C937%3Agdpr%3A14%3Av%3A1516%3Awv%3A2%3Ast%3A1555055460%3Au%3A1555055460780912489%3At%3ARedirecting

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set nZIQFQ Show response
u.to/
Redirect Chain

http://infomails.ru/campaigns/hp5074rj2p6f4/track-url/wv824seyws56f/73690bb9c5bdf2ff0cfe07575f05c6ccd247c5ba
https://u.to/nZIQFQ

964 B
998 B

533ms
67ms

Document
text/html

195.216.243.155
MASTERTEL-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://u.to/nZIQFQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.243.155 Moscow, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS: s5.unet.com
Software: nginx/1.8.0 /
Resource Hash: ff375e045afa20f3ba7f165b86d8c5c705a04e9cda568a4b895c8e216b6b740f

Request headers

Host: u.to
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.8.0
Date: Fri, 12 Apr 2019 07:51:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: lng=en; path=/; expires=Sat, 11-Apr-2020 07:51:00 GMT; domain=.u.to;
Cache-Control: no-cache no-store
Pragma: no-cache
Vary: host
Content-Encoding: gzip

Redirect headers

Date: Fri, 12 Apr 2019 07:50:58 GMT
Server: Apache/2.2.22 (@RELEASE@)
X-Powered-By: PHP/5.3.3
Set-Cookie: mwsid=2flinvl63mjmt5lnqcav77m8h0; path=/; HttpOnly
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 12 Apr 2019 07:50:58 GMT
Location: https://u.to/nZIQFQ
Content-Length: 0
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK tag.js
mc.yandex.ru/metrika/ 331 KB
86 KB 64ms
24ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: u.to
URL: https://u.to/nZIQFQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://u.to/nZIQFQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:50:59 GMT
Content-Encoding: br
Last-Modified: Tue, 02 Apr 2019 08:19:50 GMT
Server: nginx/1.12.2
ETag: "5ca31b26-15488"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 87176
Expires: Fri, 12 Apr 2019 08:50:59 GMT

GET hit;utostat
counter.yadro.ru/ 0
0

GET
H/1.1 200
OK Primary Request / Show response
amazonx.tk/ 169 KB
43 KB 251ms
106ms Document
text/html 2a02:4780:dead:f32c::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

http://amazonx.tk/

Requested by

Host: u.to
URL: https://u.to/nZIQFQ

Protocol

HTTP/1.1

Server

2a02:4780:dead:f32c::1 , Lithuania, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

247d9f8b3ddd6e08e6b264afb038704f7fb1d8a69cf682d17a9b3ca8b1eba8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: amazonx.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:50:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: awex
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Request-ID: 2a84021c74253070865a086b9afc5883
Content-Encoding: gzip

GET
H/1.1

302
Found

1
mc.yandex.ru/watch/51604940/
Redirect Chain

https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3...
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...

0
-1 B

13ms
12ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190412075059%3Aet%3A1555055460%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A170375188%3Ahid%3A1056393328%3Ads%3A14%2C201%2C66%2C1%2C396%2C0%2C0%2C5%2C0%2C937%2C%2C%2C937%3Agdpr%3A14%3Av%3A1516%3Awv%3A2%3Ast%3A1555055460%3Au%3A1555055460780912489%3At%3ARedirecting

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://u.to/nZIQFQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Apr 2019 07:50:59 GMT
Last-Modified: Fri, 12-Apr-2019 07:50:59 GMT
Server: nginx/1.12.2
Location: /watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190412075059%3Aet%3A1555055460%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A170375188%3Ahid%3A1056393328%3Ads%3A14%2C201%2C66%2C1%2C396%2C0%2C0%2C5%2C0%2C937%2C%2C%2C937%3Agdpr%3A14%3Av%3A1516%3Awv%3A2%3Ast%3A1555055460%3Au%3A1555055460780912489%3At%3ARedirecting
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://u.to
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 12-Apr-2019 07:50:59 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Apr 2019 07:50:59 GMT
Last-Modified: Fri, 12-Apr-2019 07:50:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: https://u.to
Strict-Transport-Security: max-age=31536000
Location: /watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FnZIQFQ&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555055458537%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20190412075059%3Aet%3A1555055460%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A170375188%3Ahid%3A1056393328%3Ads%3A14%2C201%2C66%2C1%2C396%2C0%2C0%2C5%2C0%2C937%2C%2C%2C937%3Agdpr%3A14%3Av%3A1516%3Awv%3A2%3Ast%3A1555055460%3Au%3A1555055460780912489%3At%3ARedirecting
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 12-Apr-2019 07:50:59 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 26ms
12ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://u.to/nZIQFQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:50:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.12.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Fri, 12 Apr 2019 08:50:59 GMT

GET
H/1.1 200
OK 1
mc.yandex.ru/watch/51604940/ 152 B
692 B 57ms
42ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://u.to/nZIQFQ
Origin: https://u.to
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 12 Apr 2019 07:50:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12-Apr-2019 07:50:59 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://u.to
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Fri, 12-Apr-2019 07:50:59 GMT

GET
H/1.1 200
OK content-script.js Show response
local.adguard.com/adguard-ajax-api/injections/ 22 B
240 B 1107ms
52ms Script
text/plain 194.177.23.34
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://local.adguard.com/adguard-ajax-api/injections/content-script.js?ts=63689730710406&domain=www.amazon.co.jp&mask=111
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: HTTP/1.1
Server: 194.177.23.34 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 194-177-23-34.flops.ru
Software: nginx /
Resource Hash: dbf9c27720f6870ca56d89ce7f9cfd29549af3bd398bfc74fb66a784951acbce

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Apr 2019 07:51:01 GMT
Server: nginx
Content-Type: text/plain
Cache-Control: no-cache
Connection: close
Content-Length: 22
Expires: Mon, 1 Jan 2001 10:00:00 GMT

GET
H/1.1 200
OK userscripts.js Show response
local.adguard.com/adguard-ajax-api/injections/ 22 B
240 B 3110ms
48ms Script
text/plain 194.177.23.34
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://local.adguard.com/adguard-ajax-api/injections/userscripts.js?ts=63689730704327&name=AdGuard%20Popup%20Blocker&name=Adguard%20Assistant
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: HTTP/1.1
Server: 194.177.23.34 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 194-177-23-34.flops.ru
Software: nginx /
Resource Hash: dbf9c27720f6870ca56d89ce7f9cfd29549af3bd398bfc74fb66a784951acbce

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Apr 2019 07:51:03 GMT
Server: nginx
Content-Type: text/plain
Cache-Control: no-cache
Connection: close
Content-Length: 22
Expires: Mon, 1 Jan 2001 10:00:00 GMT

GET
H2 200 61a7TmEWvNL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css
images-na.ssl-images-amazon.com/images/I/ 134 KB
23 KB 58ms
14ms Stylesheet
text/css 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/61a7TmEWvNL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: e3d155b691c3b7093ea0bde273190b7e4db12f670b26211dcbe3fd1962af70b6

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 21 Feb 2018 15:57:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Jan 2018 00:14:24 GMT
server: Server
age: 4296146
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: c2b4eb54-a90d-42b7-82fc-c84e1acf6237
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: dA0KKkNa1XhQTZgs5AjaeaWt7tEA8jeqPdlfmVohfa0jOKP-5at4Gg==
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
expires: Tue, 16 Feb 2038 14:58:33 GMT

GET
H2 200 01SdjaY0ZsL._RC%7C41VC4S3b45L.css,21PbmxV-RyL.css_.css
images-na.ssl-images-amazon.com/images/I/ 34 KB
7 KB 273ms
229ms Stylesheet
text/css 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C41VC4S3b45L.css,21PbmxV-RyL.css_.css?AUIClients/AuthenticationPortalAssets
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: b74603bf5f993b894d6a7416b4bf970dd64713dfa8d6513ed6f3926cc30d82ab

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 24 Mar 2019 22:02:45 GMT
content-encoding: gzip
last-modified: Sat, 30 May 2015 02:58:48 GMT
server: Server
age: 1686937
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: a6f58fd7-01ed-4cc7-ac6a-d1024c66b77c
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: U6_dFX8PG5tRU9VTIHIijwotbh2DIx8nXJA0pXIccLV1f68NTF7iTg==
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
expires: Fri, 18 Mar 2039 19:15:22 GMT

GET
H2 200 11BFk7eGdOL.css
images-na.ssl-images-amazon.com/images/I/ 2 KB
1 KB 63ms
19ms Stylesheet
text/css 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/11BFk7eGdOL.css?AUIClients/CVFAssets
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: ac6c8a640f5b8fea68c8aeaaad4e145c8261be36ba09df844e4121fb69e90cc7

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 28 Nov 2018 18:04:41 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2017 21:31:50 GMT
server: Server
age: 11821764
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: aaa29a99-3ad5-49c7-a96e-c5e5419d6f43
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: 8STqsvHsVUqQZIrMFV9UOaOghB2Cxo_xVuFZ42ux5YIfUndjALHIPQ==
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
expires: Fri, 29 Oct 2038 07:11:30 GMT

GET
H2 200 fwcim._CB481732277_.js Show response
images-na.ssl-images-amazon.com/images/G/09/x-locale/common/login/ 384 KB
109 KB 1049ms
12ms Script
application/x-javascript 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/G/09/x-locale/common/login/fwcim._CB481732277_.js
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: db30660fb9fb9e87f176e179b29c5239f8def42613054792901c63b065d7f764

Request headers

Referer: http://amazonx.tk/
Origin: http://amazonx.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 26 Nov 2018 21:44:46 GMT
content-encoding: gzip
last-modified: Mon, 15 Oct 2018 18:22:13 GMT
server: Server
age: 11831942
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: feb71b64-993f-45e0-b995-47ba4113a003
timing-allow-origin: https://www.amazon.co.jp
access-control-allow-origin: *
x-amz-cf-id: _xd4i32nqbu-9W_MFY9KaT5xhJkXB-Nvwk04sfLPR78N5t8z5saXxA==
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
expires: Sun, 21 Nov 2038 09:11:58 GMT

GET
H2 200 footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 2 KB
2 KB 60ms
13ms Image
image/webp 2606:4700:10::6814:442e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:442e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 12 Apr 2019 07:51:00 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2046
status: 200
content-disposition: inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj: imgq:100
x-hostinger-datacenter: srv
content-length: 1696
last-modified: Tue, 09 Apr 2019 14:15:21 GMT
server: cloudflare
etag: "5caca8f9-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
x-hostinger-node: nl-srv-cdn2
accept-ranges: bytes
cf-ray: 4c639cd0ffc197e0-FRA
expires: Fri, 12 Apr 2019 11:51:00 GMT

GET
H2 200 61HHaoAEflL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js Show response
images-na.ssl-images-amazon.com/images/I/ 314 KB
98 KB 11ms
7ms Script
application/x-javascript 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/61HHaoAEflL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js?AUIClients/AmazonUI
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 14068c130a5f9df098340fbea107a9d7807efdd9dbc15255103f176061c6d1b7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://amazonx.tk/
Origin: http://amazonx.tk

Response headers

date: Thu, 31 Jan 2019 06:03:02 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 22:40:43 GMT
server: Server
age: 6227286
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: a5affb07-dda6-4a0b-8074-8e248f08173c
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: S-_UEI6f86sHQA0N5BI5pEMad_dIO-RrO5qjBXF02eTUYjHtvdNPsg==
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
expires: Tue, 25 Jan 2039 06:02:57 GMT

GET
H2 200 21T7I7qVEeL._RC%7C21T1XtqIBZL.js,21WEJWRAQlL.js,31DwnWh8lFL.js,21VKEfzET-L.js,01fHQhWQYWL.js,51R1ftc2MoL.js_.js Show response
images-na.ssl-images-amazon.com/images/I/ 69 KB
20 KB 17ms
13ms Script
application/x-javascript 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/21T7I7qVEeL._RC%7C21T1XtqIBZL.js,21WEJWRAQlL.js,31DwnWh8lFL.js,21VKEfzET-L.js,01fHQhWQYWL.js,51R1ftc2MoL.js_.js?AUIClients/AuthenticationPortalAssets
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 4219ff22048db6cf1038fbe1846fb3a0b155f150faf430ee686c1be2a62630b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://amazonx.tk/
Origin: http://amazonx.tk

Response headers

date: Sat, 23 Mar 2019 04:35:33 GMT
content-encoding: gzip
last-modified: Mon, 14 Jan 2019 22:06:28 GMT
server: Server
age: 2341292
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: cc8b3eb7-ffb4-40b3-8483-5eb43a756cbd
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: zAwHfbyuS_hpRIDXzUlilyktG_wW48bGJbXGTbf5wCIVglgWboCPDQ==
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
expires: Fri, 11 Mar 2039 05:29:31 GMT

GET
H2 200 0173Lf6yxEL.js Show response
images-na.ssl-images-amazon.com/images/I/ 518 B
799 B 9ms
9ms Script
application/x-javascript 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/0173Lf6yxEL.js?AUIClients/AuthenticationPortalInlineAssets
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 4dd5dafa2ec42f8e9ffaaf3bfa6b7f6a1e5bf54e91faa7bb7fb8933f8d253299

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://amazonx.tk/
Origin: http://amazonx.tk

Response headers

date: Thu, 24 Jan 2019 19:08:19 GMT
content-encoding: gzip
last-modified: Wed, 23 Jan 2019 01:55:20 GMT
server: Server
age: 6844235
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: f87f5f60-390c-403f-ade4-6e9404dd0bc6
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: AELJfG4YCIvMUUKXhNlDGuVJuQOfcG7ui3jTjs3od__lEXstKq5tYw==
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
expires: Tue, 18 Jan 2039 02:40:28 GMT

GET
H2 200 21Xqu3WntzL.js Show response
images-na.ssl-images-amazon.com/images/I/ 8 KB
3 KB 15ms
12ms Script
application/x-javascript 143.204.211.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/21Xqu3WntzL.js?AUIClients/CVFAssets
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.211.180 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-211-180.fra53.r.cloudfront.net
Software: Server /
Resource Hash: b029665adc493bd5b4716c5a282ad61a93020dc6fbd025e39038da42488db2e4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://amazonx.tk/
Origin: http://amazonx.tk

Response headers

date: Sat, 23 Mar 2019 20:59:22 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2019 20:22:26 GMT
server: Server
age: 1747324
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: e33db818-9ea1-4d21-8be2-09bd02f558e3
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: Fcbr5OWh3ylLadSHMpLwsMXKI_y7gv3lNQ9EG1-xyviNDAJaWPaOAA==
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
expires: Fri, 18 Mar 2039 02:28:59 GMT

GET
H2 200 AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ 27 KB
28 KB 111ms
8ms Image
image/png 143.204.99.194
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.194 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-99-194.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

Referer: https://images-na.ssl-images-amazon.com/images/I/61a7TmEWvNL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 16 Nov 2018 00:50:19 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
last-modified: Fri, 22 Sep 2017 00:23:19 GMT
server: Server
age: 12876589
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: 19122237-df30-4b33-9bd1-f3e4cfe4db4e
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
content-length: 27972
x-amz-cf-id: Q_sSaBXmNwXyFsxWirHp65duaaAXt6my9cwhWfoj4aGx7AuFxh9X_Q==
expires: Tue, 09 Nov 2038 07:01:14 GMT

GET
H2 200 AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ 4 KB
4 KB 112ms
9ms Image
image/png 143.204.99.194
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea._V2_.png
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.194 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-99-194.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483

Request headers

Referer: https://images-na.ssl-images-amazon.com/images/I/61a7TmEWvNL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 04 Jul 2018 00:32:59 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2015 22:39:54 GMT
server: Server
age: 24433094
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: 5c12b0d8-5fe4-4ece-a49e-c1b14f942b27
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
content-length: 3589
x-amz-cf-id: mHdB_2ZhrW9YxVeDI7v67dsZP-kC4eieqIGvYrKetKfX1_u4N2ufBw==
expires: Mon, 28 Jun 2038 12:52:49 GMT

GET
H/1.1 404
Not Found uedata
amazonx.tk/ap/ 3 KB
3 KB 213ms
102ms Image
text/html 2a02:4780:dead:f32c::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://amazonx.tk/ap/uedata?ld&v=0.203171.0&id=0F46GCMFY9AWW1WVYQW7&sw=1600&sh=1200&vw=1585&vh=1200&m=1&sc=0F46GCMFY9AWW1WVYQW7&ue=3&bb=28&cf=176&be=368&pc=428&tc=-3585&na_=-3585&ul_=-1555055463059&_ul=-1555055463059&rd_=-1555055463059&_rd=-1555055463059&fe_=-3583&lk_=-3575&_lk=-3538&co_=-3538&_co=-3433&sc_=-1555055463059&rq_=-3431&rs_=-3325&_rs=-3116&dl_=-3323&di_=374&de_=374&_de=376&_dc=428&ld_=428&_ld=-1555055463059&ntd=-1&ty=0&rc=0&hob=2&hoe=3&ld=429&t=1555055463488&ctb=1&rt=cf:13-7-3-1-4-1-1__ld:13-7-3-1-4-1-0&csmtags=aui|aui:aui_build_date:3.19.2-2019-03-21|aui:aui_build_date:3.18.5-2018-04-12|fls-fe&viz=visible:3&pty=AuthenticationPortal&spty=SignInApplication&pti=undefined&tid=0F46GCMFY9AWW1WVYQW7&aftb=1

Protocol

HTTP/1.1

Server

2a02:4780:dead:f32c::1 , Lithuania, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

034845a9028e8b58e98d970405b0587ac5b1e41bf82efa3805d5890c7f654522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: amazonx.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://amazonx.tk/
Cookie: csm-hit=tb:s-0F46GCMFY9AWW1WVYQW7|1555055463085&t:1555055463086
Connection: keep-alive
Cache-Control: no-cache
Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:51:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 1b1694f6c4bb3f6d687b7977b302ad04

GET
H/1.1 200
OK A1VC38T7YXB528:357-7314281-4998657:0F46GCMFY9AWW1WVYQW7$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.203171.0%26id%3D0F46GCMFY9AWW1WVYQW7%26sw%3D1600%26sh%3D1200%26vw%3D1585%26vh%3D1200%26m%3D1%26sc%3D0F46...
fls-fe.amazon.com/1/batch/1/OP/ 43 B
224 B 384ms
179ms Image
image/gif 54.203.2.149
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fls-fe.amazon.com/1/batch/1/OP/A1VC38T7YXB528:357-7314281-4998657:0F46GCMFY9AWW1WVYQW7$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.203171.0%26id%3D0F46GCMFY9AWW1WVYQW7%26sw%3D1600%26sh%3D1200%26vw%3D1585%26vh%3D1200%26m%3D1%26sc%3D0F46GCMFY9AWW1WVYQW7%26ue%3D3%26bb%3D28%26cf%3D176%26be%3D368%26pc%3D428%26tc%3D-3585%26na_%3D-3585%26ul_%3D-1555055463059%26_ul%3D-1555055463059%26rd_%3D-1555055463059%26_rd%3D-1555055463059%26fe_%3D-3583%26lk_%3D-3575%26_lk%3D-3538%26co_%3D-3538%26_co%3D-3433%26sc_%3D-1555055463059%26rq_%3D-3431%26rs_%3D-3325%26_rs%3D-3116%26dl_%3D-3323%26di_%3D374%26de_%3D374%26_de%3D376%26_dc%3D428%26ld_%3D428%26_ld%3D-1555055463059%26ntd%3D-1%26ty%3D0%26rc%3D0%26hob%3D2%26hoe%3D3%26ld%3D429%26t%3D1555055463488%26ctb%3D1%26rt%3Dcf%3A13-7-3-1-4-1-1__ld%3A13-7-3-1-4-1-0%26csmtags%3Daui%7Caui%3Aaui_build_date%3A3.19.2-2019-03-21%7Caui%3Aaui_build_date%3A3.18.5-2018-04-12%7Cfls-fe%26viz%3Dvisible%3A3%26pty%3DAuthenticationPortal%26spty%3DSignInApplication%26pti%3Dundefined%26tid%3D0F46GCMFY9AWW1WVYQW7%26aftb%3D1:433
Protocol: HTTP/1.1
Server: 54.203.2.149 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-203-2-149.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:51:03 GMT
Connection: keep-alive
x-amzn-RequestId: b8c35fb9-5cf7-11e9-9f0c-77485df22367
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js Show response
images-fe.ssl-images-amazon.com/images/G/01/AUIClients/ 9 KB
5 KB 1058ms
7ms Script
application/x-javascript 143.204.99.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images-fe.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.194 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-99-194.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 5ea5d14e97b5a39ae16ca0e2d8ddfcb2d5e29112e64615aabf5b59cd37230082

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://amazonx.tk/
Origin: http://amazonx.tk

Response headers

date: Thu, 13 Dec 2018 12:54:59 GMT
content-encoding: gzip
last-modified: Wed, 14 Nov 2018 15:06:07 GMT
server: Server
age: 10352784
x-cache: Hit from cloudfront
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=630720000,public
x-amz-ir-id: 8d7c3685-5716-414e-809b-12cf7cd2b3cb
timing-allow-origin: https://www.amazon.com
access-control-allow-origin: *
x-amz-cf-id: 9NrkjqTcGeyPcRI60aLx8_556Kj6HqyvU4xlUqiXVNCkNp0BZY7DOA==
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
expires: Sun, 05 Dec 2038 07:43:34 GMT

GET
H2 200 showads.v2.js Show response
m.media-amazon.com/images/G/01/csm/ 23 B
441 B 1055ms
9ms Script
application/x-javascript 143.204.99.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://m.media-amazon.com/images/G/01/csm/showads.v2.js
Requested by: Host: amazonx.tk
URL: http://amazonx.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.194 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-99-194.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://amazonx.tk/
Origin: http://amazonx.tk

Response headers

date: Fri, 12 Apr 2019 02:11:07 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2016 08:24:04 GMT
server: Server
age: 20401
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400,public
x-amz-ir-id: efcddcc3-17a0-4410-98ba-119561cc5423
access-control-allow-origin: *
x-amz-cf-id: 6Z0wsq8nAxVHXAjVlJgHhbVYfFBHTmKphhqMKdiwGvlFAVbHeqQ-NQ==
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
expires: Fri, 01 Feb 2019 02:11:06 GMT

GET
H/1.1 404
Not Found uedata
amazonx.tk/ap/ 4 KB
4 KB 216ms
108ms Image
text/html 2a02:4780:dead:f32c::1
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://amazonx.tk/ap/uedata?at&v=0.203171.0&id=0F46GCMFY9AWW1WVYQW7&m=1&sc=adblk_no&pc=1501&at=1501&t=1555055464560&csmtags=adblk_no&pty=AuthenticationPortal&spty=SignInApplication&pti=undefined&tid=0F46GCMFY9AWW1WVYQW7&aftb=1

Protocol

HTTP/1.1

Server

2a02:4780:dead:f32c::1 , Lithuania, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

bc6f227b5885646c79f90f4f29fd3c064472d34d56d87c970ccc64e7340cf7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: amazonx.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://amazonx.tk/
Cookie: csm-hit=tb:s-0F46GCMFY9AWW1WVYQW7|1555055463085&t:1555055464561&adb:adblk_no
Connection: keep-alive
Cache-Control: no-cache
Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:51:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 2552d2f55b086d28f903a566a745ed64

GET
H/1.1 200
OK A1VC38T7YXB528:357-7314281-4998657:0F46GCMFY9AWW1WVYQW7$uedata=s:%2Fap%2Fuedata%3Fat%26v%3D0.203171.0%26id%3D0F46GCMFY9AWW1WVYQW7%26m%3D1%26sc%3Dadblk_no%26pc%3D1501%26at%3D1501%26t%3D1555055464560...
fls-fe.amazon.com/1/batch/1/OP/ 43 B
224 B 390ms
184ms Image
image/gif 52.33.134.198
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fls-fe.amazon.com/1/batch/1/OP/A1VC38T7YXB528:357-7314281-4998657:0F46GCMFY9AWW1WVYQW7$uedata=s:%2Fap%2Fuedata%3Fat%26v%3D0.203171.0%26id%3D0F46GCMFY9AWW1WVYQW7%26m%3D1%26sc%3Dadblk_no%26pc%3D1501%26at%3D1501%26t%3D1555055464560%26csmtags%3Dadblk_no%26pty%3DAuthenticationPortal%26spty%3DSignInApplication%26pti%3Dundefined%26tid%3D0F46GCMFY9AWW1WVYQW7%26aftb%3D1:1502
Protocol: HTTP/1.1
Server: 52.33.134.198 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-33-134-198.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer: http://amazonx.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 12 Apr 2019 07:51:04 GMT
Connection: keep-alive
x-amzn-RequestId: b9693d6e-5cf7-11e9-9103-11b33ce76829
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content /
fls-fe.amazon.com/1/batch/1/OE/ 0
293 B 391ms
183ms Other
text/plain 52.43.220.193
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://fls-fe.amazon.com/1/batch/1/OE/
Requested by: Host: images-fe.ssl-images-amazon.com
URL: https://images-fe.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js
Protocol: HTTP/1.1
Server: 52.43.220.193 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-43-220-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://amazonx.tk/
Origin: http://amazonx.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Apr 2019 07:51:05 GMT
Connection: keep-alive
x-amzn-RequestId: b9ff3b3c-5cf7-11e9-b672-2deb5c920bbf
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Content-Type: text/plain

POST
H/1.1 204
No Content /
fls-fe.amazon.com/1/batch/1/OE/ 0
293 B 386ms
184ms Other
text/plain 54.69.1.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://fls-fe.amazon.com/1/batch/1/OE/
Requested by: Host: images-fe.ssl-images-amazon.com
URL: https://images-fe.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript@jserrorsForester.10f2559e93ec589d92509318a7e2acbac74c343a._V2_.js
Protocol: HTTP/1.1
Server: 54.69.1.164 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-1-164.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://amazonx.tk/
Origin: http://amazonx.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Apr 2019 07:51:07 GMT
Connection: keep-alive
x-amzn-RequestId: baef8eb1-5cf7-11e9-ab5c-a75b6c7c45aa
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: counter.yadro.ru
URL: https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/nZIQFQ;1555055459473

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amazonx.tk/	1970-01-19 16:45:35	Name: csm-hit Value: tb:s-0F46GCMFY9AWW1WVYQW7\|1555055463085&t:1555055463086

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonx.tk
cdn.000webhost.com
counter.yadro.ru
fls-fe.amazon.com
images-fe.ssl-images-amazon.com
images-na.ssl-images-amazon.com
infomails.ru
local.adguard.com
m.media-amazon.com
mc.yandex.ru
u.to
counter.yadro.ru
143.204.211.180
143.204.99.194
176.57.68.35
194.177.23.34
195.216.243.155
2606:4700:10::6814:442e
2a02:4780:dead:f32c::1
2a02:6b8::1:119
52.33.134.198
52.43.220.193
54.203.2.149
54.69.1.164
034845a9028e8b58e98d970405b0587ac5b1e41bf82efa3805d5890c7f654522
14068c130a5f9df098340fbea107a9d7807efdd9dbc15255103f176061c6d1b7
247d9f8b3ddd6e08e6b264afb038704f7fb1d8a69cf682d17a9b3ca8b1eba8a6
4219ff22048db6cf1038fbe1846fb3a0b155f150faf430ee686c1be2a62630b5
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
4dd5dafa2ec42f8e9ffaaf3bfa6b7f6a1e5bf54e91faa7bb7fb8933f8d253299
5ea5d14e97b5a39ae16ca0e2d8ddfcb2d5e29112e64615aabf5b59cd37230082
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
88ea58255d4cd82340f7acaabe0e6a99f195a4dc2ca6ef56ec503d03b331bee5
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
ac6c8a640f5b8fea68c8aeaaad4e145c8261be36ba09df844e4121fb69e90cc7
b029665adc493bd5b4716c5a282ad61a93020dc6fbd025e39038da42488db2e4
b74603bf5f993b894d6a7416b4bf970dd64713dfa8d6513ed6f3926cc30d82ab
bc6f227b5885646c79f90f4f29fd3c064472d34d56d87c970ccc64e7340cf7c2
db30660fb9fb9e87f176e179b29c5239f8def42613054792901c63b065d7f764
dbf9c27720f6870ca56d89ce7f9cfd29549af3bd398bfc74fb66a784951acbce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d155b691c3b7093ea0bde273190b7e4db12f670b26211dcbe3fd1962af70b6
ff375e045afa20f3ba7f165b86d8c5c705a04e9cda568a4b895c8e216b6b740f

amazonx.tk Open in urlscan Pro 2a02:4780:dead:f32c::1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

64 %HTTPS

25 %IPv6

10 Domains

11 Subdomains

12 IPs

4 Countries

439 kBTransfer

1496 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

amazonx.tk Open in urlscan Pro
2a02:4780:dead:f32c::1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

64 %
HTTPS

25 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

439 kB
Transfer

1496 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!