urlscan.io logo urlscan.io
SecurityTrails logo

scammer.market Open in urlscan Pro
2600:1f18:2489:8201::c8  Public Scan

Go To Rescan Add Verdict Report
URL: https://scammer.market/acephalus
Submission: On April 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2600:1f18:2489:8201::c8, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is scammer.market.
TLS certificate: Issued by R3 on April 4th 2024. Valid for: 3 months.
This is the only time scammer.market was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2600:1f18:248... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 143.204.205.196 16509 (AMAZON-02)
2 34.102.211.197 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
10 52.54.200.33 14618 (AMAZON-AES)
21 7
2    2600:1f18:2489:8201::c8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
scammer.market
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    143.204.205.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-196.fra53.r.cloudfront.net
d33wubrfki0l68.cloudfront.net
2    34.102.211.197 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 197.211.102.34.bc.googleusercontent.com
k4snbik8.apicdn.sanity.io
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    52.54.200.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-200-33.compute-1.amazonaws.com
mainnet.infura.io
Apex Domain
Subdomains		 Transfer
10 infura.io
mainnet.infura.io — Cisco Umbrella Rank: 29321
2 KB
3 cloudfront.net
d33wubrfki0l68.cloudfront.net
903 KB
2 sanity.io
k4snbik8.apicdn.sanity.io
83 KB
2 scammer.market
scammer.market
29 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
13 KB
21 6
Domain Requested by
10 mainnet.infura.io d33wubrfki0l68.cloudfront.net
3 d33wubrfki0l68.cloudfront.net scammer.market
2 k4snbik8.apicdn.sanity.io d33wubrfki0l68.cloudfront.net
2 scammer.market
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com scammer.market
21 6

This site contains links to these domains. Also see Links.

Domain
discord.com
twitter.com
Subject Issuer Validity Valid
*.scammer.market
R3		 2024-04-04 -
2024-07-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.apicdn.sanity.io
Sectigo RSA Domain Validation Secure Server CA		 2023-10-10 -
2024-09-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.infura.io
Amazon RSA 2048 M02		 2023-11-29 -
2024-12-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://scammer.market/acephalus
Frame ID: F9DA986DFF3B91D36B211BA8702000B6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SCAMMER MARKET

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+class=\"[^\"]+\ssvelte-[\w]*\"
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

90 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1046 kB
Transfer

3943 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request acephalus
scammer.market/ 		2 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scammer.market/acephalus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:2489:8201::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
db55da0e7e4b0aeb2a93a3ae1b188121d059a58646e4ceb78e17b4094d2d724b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=miss
content-encoding
br
content-length
717
content-type
text/html; charset=UTF-8
date
Thu, 11 Apr 2024 21:29:32 GMT
etag
"01c0aaefa14e7c307c6b2e40c4e73974-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01HV7H1PY63S105N4YQP63DEYB
css2
fonts.googleapis.com/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Black+And+White+Picture&family=Permanent+Marker&family=Shadows+Into+Light+Two&display=swap
Requested by
Host: scammer.market
URL: https://scammer.market/acephalus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34fb27a79da739061d84477d54d95a45426d41b7ed818ac6ce00f675de55434d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Apr 2024 21:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 21:29:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Apr 2024 21:29:32 GMT
bundle.css
d33wubrfki0l68.cloudfront.net/css/45e584f69e879b8f887081faf61b453655a51e2d/build/ 		48 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/css/45e584f69e879b8f887081faf61b453655a51e2d/build/bundle.css
Requested by
Host: scammer.market
URL: https://scammer.market/acephalus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-196.fra53.r.cloudfront.net
Software
Netlify /
Resource Hash
8b28dc6a75c7f1957df9a0549c78500f93dd7590c573a28591e26ef5c5bbca21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HSXRHYG0D9PFFDBAND43JS2H
date
Tue, 26 Mar 2024 16:12:38 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
1401414
x-cache
Hit from cloudfront
server
Netlify
cache-status
"Netlify Edge"; fwd=miss
etag
a5d986c0974fb70796ea98b4cb864a4bd680a222-df
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31556926
accept-ranges
bytes
x-amz-cf-id
hPoID8eFopq387Ys1Dz_LNny-z_LiXUFJeCpAJka_XHZobpVlqbgIQ==
bundle.js
d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/ 		3 MB
849 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Requested by
Host: scammer.market
URL: https://scammer.market/acephalus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-196.fra53.r.cloudfront.net
Software
Netlify /
Resource Hash
a963371c0d510d03434ba77472566f7c1e240ac529899a907f3fb3cad15b40f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HTD9NBP23Z6RJNWJR2Q876W6
date
Mon, 01 Apr 2024 17:00:12 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
880160
x-cache
Hit from cloudfront
server
Netlify
cache-status
"Netlify Edge"; fwd=miss
etag
a351ddfb1cdee0f31f4bf6f6c7506e1700e076a6-df
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31556926
accept-ranges
bytes
x-amz-cf-id
yZIn7pJZlik-YAVPyLSNtWV8IRmqCeiOqusk_fF7vURf8nzdq_agTA==
production
k4snbik8.apicdn.sanity.io/v1/data/query/ 		25 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://k4snbik8.apicdn.sanity.io/v1/data/query/production?query=*%5B_id%20%3D%3D%20%27about%27%5D%5B0%5D
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.211.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
197.211.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7c2f9b46c654c1824fd173cb43fe0061f62f93114e9284e5b26115bfe0eb38ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1016
date
Thu, 11 Apr 2024 21:29:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
apicdn-cache-control
public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
via
1.1 google
server-timing
api;dur=11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7569
sanity-query-hash
TWp66UiuzzY uxvbys1qyTQ
access-control-max-age
600
x-sanity-age
0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://scammer.market
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary
accept-encoding, origin
accept-ranges
bytes
production
k4snbik8.apicdn.sanity.io/v1/data/query/ 		318 KB
75 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://k4snbik8.apicdn.sanity.io/v1/data/query/production?query=*%5B_type%20%3D%3D%20%27post%27%5D
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.211.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
197.211.102.34.bc.googleusercontent.com
Software
/
Resource Hash
47263a5d1140fc1910fe81ab310b60fb9c714b9d273e222b6d8d4345ccb18ac7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1016
date
Thu, 11 Apr 2024 21:29:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
apicdn-cache-control
public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
via
1.1 google
server-timing
api;dur=142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76463
sanity-query-hash
SbhaNzIxTe0 uxvbys1qyTQ
access-control-max-age
600
x-sanity-age
0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://scammer.market
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary
accept-encoding, origin
accept-ranges
bytes
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
arial-black.woff2
d33wubrfki0l68.cloudfront.net/076205728b3d42d4a7cf5dd03a5796cc8cdc1e20/8c1cf/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/076205728b3d42d4a7cf5dd03a5796cc8cdc1e20/8c1cf/fonts/arial-black.woff2
Requested by
Host: scammer.market
URL: https://scammer.market/acephalus
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-196.fra53.r.cloudfront.net
Software
Netlify /
Resource Hash
24a3cb7eabf6753af6cca76352f683188e6453686d8e1617b29dc1a84ac27010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://scammer.market/
Origin
https://scammer.market
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HTFCPMQDNCPK63FC1W0C4552
date
Tue, 02 Apr 2024 12:31:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
809864
x-cache
Hit from cloudfront
content-length
46432
server
Netlify
cache-status
"Netlify Edge"; fwd=miss
etag
5d46052fb47392dc39e10460f4835cc345c6a4e0
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31556926
accept-ranges
bytes
x-amz-cf-id
0Rmcty9cfDK8syO0Pz3EWsEgHpizlF9uVrNMHyiB7aeCSLnZlDkUZg==
4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
fonts.gstatic.com/s/shadowsintolighttwo/v17/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shadowsintolighttwo/v17/4iC86LVlZsRSjQhpWGedwyOoW-0A6_kpsyNmpAzHGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Black+And+White+Picture&family=Permanent+Marker&family=Shadows+Into+Light+Two&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cada708e119149edd948291e531ccce6385fe040e74e3bb4d482ec74bd3f22d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://scammer.market
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:17:57 GMT
x-content-type-options
nosniff
age
105095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15832
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 16:17:57 GMT
ceeeef47-2466-442d-a701-8a2f78e0220c
https://scammer.market/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://scammer.market/ceeeef47-2466-442d-a701-8a2f78e0220c
Requested by
Host: scammer.market
URL: https://scammer.market/acephalus
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7f7ebb9086e4a92ec8e1a2d9f6ddfdeb4e0aa2e289460ab20a6f5f5e46bbef9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
9576
Content-Type
application/javascript; charset=utf-8
ec55ea95-4bf1-41d3-8a27-b0f53f59d9dc
https://scammer.market/ 		9 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://scammer.market/ec55ea95-4bf1-41d3-8a27-b0f53f59d9dc
Requested by
Host: scammer.market
URL: https://scammer.market/acephalus
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c5a4ceb1c902082bd9ab5b4b6505e9d8bd9eb6b75dffeccd194724c2d565639

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
9269
Content-Type
application/javascript; charset=utf-8
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://scammer.market
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://scammer.market
access-control-max-age
86400
content-length
0
date
Thu, 11 Apr 2024 21:29:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		46 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash
d0a68bd3ad139cd725b2c3dd79f2bb3a9c1d10efb1ee9e1a850cb5a5e3b517ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://scammer.market
date
Thu, 11 Apr 2024 21:29:33 GMT
content-length
46
vary
Origin, Accept-Encoding
content-type
application/json
favicon-32x32.png
scammer.market/img/ 		28 KB
28 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://scammer.market/img/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:2489:8201::c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
274871a1364be4945ad523c937b40af342795b8612ff96e02fa7c3c3dbeb71ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://scammer.market/acephalus
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HV7H1QEEPX104PAEP5MP473D
date
Thu, 11 Apr 2024 21:29:32 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"d73b8ebc656e7c6e3b11ce608d44bf84-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
28200
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://scammer.market
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://scammer.market
access-control-max-age
86400
content-length
0
date
Thu, 11 Apr 2024 21:29:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		35 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash
643cc57b0534f2900f244ca35dfed9b691e6166801e453d2b92788a3fdc5179b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://scammer.market
date
Thu, 11 Apr 2024 21:29:33 GMT
content-encoding
gzip
content-length
1664
vary
Origin, Accept-Encoding
content-type
application/json
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		37 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash
67fe2169d4edb5c546c09f8a88c0474132d2abb37ec808d98bd9348616124e5b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://scammer.market
date
Thu, 11 Apr 2024 21:29:33 GMT
content-length
37
vary
Origin, Accept-Encoding
content-type
application/json
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://scammer.market
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://scammer.market
access-control-max-age
86400
content-length
0
date
Thu, 11 Apr 2024 21:29:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		46 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash
1ca394baa1ab3eb6eba7d23570bd1666a68df1c6e3c4fc9390f5920b34430228

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://scammer.market
date
Thu, 11 Apr 2024 21:29:36 GMT
content-length
46
vary
Origin, Accept-Encoding
content-type
application/json
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://scammer.market
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://scammer.market
access-control-max-age
86400
content-length
0
date
Thu, 11 Apr 2024 21:29:36 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		37 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/d95d46a1c09c13cff785af003bbea5e5ad1451e2/build/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash
f4667483f10d1cda733f20367ba6aadbad05ea3bf1e585bb710d0f44e630fb23

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://scammer.market/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://scammer.market
date
Thu, 11 Apr 2024 21:29:37 GMT
content-length
37
vary
Origin, Accept-Encoding
content-type
application/json
84842078b09946638c03157f83405213
mainnet.infura.io/v3/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mainnet.infura.io/v3/84842078b09946638c03157f83405213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.200.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-200-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://scammer.market
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://scammer.market
access-control-max-age
86400
content-length
0
date
Thu, 11 Apr 2024 21:29:36 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime function| updateWeb3Modal function| HowlerGlobal object| Howler function| Howl function| Sound function| saveAs

1 Cookies

Domain/Path Name / Value
scammer.market/ Name: scammer-visitor
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d33wubrfki0l68.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
k4snbik8.apicdn.sanity.io
mainnet.infura.io
scammer.market
143.204.205.196
2600:1f18:2489:8201::c8
2a00:1450:4001:827::200a
2a00:1450:4001:831::2003
34.102.211.197
52.54.200.33
0cada708e119149edd948291e531ccce6385fe040e74e3bb4d482ec74bd3f22d
1ca394baa1ab3eb6eba7d23570bd1666a68df1c6e3c4fc9390f5920b34430228
24a3cb7eabf6753af6cca76352f683188e6453686d8e1617b29dc1a84ac27010
274871a1364be4945ad523c937b40af342795b8612ff96e02fa7c3c3dbeb71ad
34fb27a79da739061d84477d54d95a45426d41b7ed818ac6ce00f675de55434d
47263a5d1140fc1910fe81ab310b60fb9c714b9d273e222b6d8d4345ccb18ac7
4c5a4ceb1c902082bd9ab5b4b6505e9d8bd9eb6b75dffeccd194724c2d565639
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
643cc57b0534f2900f244ca35dfed9b691e6166801e453d2b92788a3fdc5179b
67fe2169d4edb5c546c09f8a88c0474132d2abb37ec808d98bd9348616124e5b
7c2f9b46c654c1824fd173cb43fe0061f62f93114e9284e5b26115bfe0eb38ff
8b28dc6a75c7f1957df9a0549c78500f93dd7590c573a28591e26ef5c5bbca21
a963371c0d510d03434ba77472566f7c1e240ac529899a907f3fb3cad15b40f6
d0a68bd3ad139cd725b2c3dd79f2bb3a9c1d10efb1ee9e1a850cb5a5e3b517ac
db55da0e7e4b0aeb2a93a3ae1b188121d059a58646e4ceb78e17b4094d2d724b
e7f7ebb9086e4a92ec8e1a2d9f6ddfdeb4e0aa2e289460ab20a6f5f5e46bbef9
f4667483f10d1cda733f20367ba6aadbad05ea3bf1e585bb710d0f44e630fb23