u.distortwear.com
Open in
urlscan Pro
2606:4700:3035::ac43:8d3b
Public Scan
Effective URL: https://u.distortwear.com/nPp-q5A7OQqDLSutLCqaTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5...
Submission: On September 24 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by WE1 on September 12th 2024. Valid for: 3 months.
This is the only time u.distortwear.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 30 | 104.21.20.43 104.21.20.43 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 | 2606:4700::68... 2606:4700::6812:bf4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:303... 2606:4700:3035::ac43:8d3b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
37 | 5 |
ASN13335 (CLOUDFLARENET, US)
distortwear.com | |
u.distortwear.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
phuthobsee.com
1 redirects
phuthobsee.com — Cisco Umbrella Rank: 423837 |
179 KB |
3 |
distortwear.com
distortwear.com u.distortwear.com |
2 KB |
3 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10867 |
2 KB |
1 |
littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 25083 |
2 KB |
0 |
aliexpress.com
Failed
s.click.aliexpress.com Failed |
|
37 | 5 |
Domain | Requested by | |
---|---|---|
30 | phuthobsee.com |
1 redirects
phuthobsee.com
|
3 | my.rtmark.net |
phuthobsee.com
|
2 | u.distortwear.com | |
1 | distortwear.com | |
1 | littlecdn.com |
phuthobsee.com
|
0 | s.click.aliexpress.com Failed | |
37 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
phuthobsee.com WE1 |
2024-09-05 - 2024-12-04 |
3 months | crt.sh |
rtmark.net R11 |
2024-08-30 - 2024-11-28 |
3 months | crt.sh |
littlecdn.com WE1 |
2024-09-04 - 2024-12-03 |
3 months | crt.sh |
distortwear.com WE1 |
2024-09-12 - 2024-12-11 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://s.click.aliexpress.com/e/_DCyjEDp?af=bwKd6ViLXwdZ&dp=6f6dd0db7a3611ef93c66cb3112353722759ac53a8
Frame ID: 899EBEA19C53A06631D225336487CA21
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Redirection...Page URL History Show full URLs
- https://phuthobsee.com/?l=wQKO0w6eqM4vaOn&s=862109609366917131&z=7362731&ctbmd=5&pz=7654967&tb=7654... Page URL
- https://phuthobsee.com/4/7393037?var=7654968 Page URL
-
https://phuthobsee.com/rhd?z=7393037&syncedCookie=false&rhd=true
HTTP 302
https://distortwear.com/8106fcbf77843e1e019810bbf0e996146c758b91b0?os=linux&clickid=8623172318315196... Page URL
- https://u.distortwear.com/nPp-q5A7OQqDLSutLCqaTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7r... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://phuthobsee.com/?l=wQKO0w6eqM4vaOn&s=862109609366917131&z=7362731&ctbmd=5&pz=7654967&tb=7654968&tb_reverse=7783495&ae=7972801&autoexitTime=100 Page URL
- https://phuthobsee.com/4/7393037?var=7654968 Page URL
-
https://phuthobsee.com/rhd?z=7393037&syncedCookie=false&rhd=true
HTTP 302
https://distortwear.com/8106fcbf77843e1e019810bbf0e996146c758b91b0?os=linux&clickid=862317231831519609&osversion=unspecified_linux&connection.type=broadband®ion=nw&cost=0.001455&browser=chrome&subzone_id=0&creaid=21958849&browserversion=129&zoneid=7393037&lang=de&campid=8586340 Page URL
- https://u.distortwear.com/nPp-q5A7OQqDLSutLCqaTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5_tJfTtNfTJB4iD-61u1mvtRZvcpD9titNZ-Lcg3wc8YwfCktY5YwYCxwI53HLQI7LcNZySO5O5Y5I5L7LSqQOSLDL5qDOS-HIQuQISz8~iEE Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://phuthobsee.com/rhd?z=7393037&syncedCookie=false&rhd=true HTTP 302
- https://distortwear.com/8106fcbf77843e1e019810bbf0e996146c758b91b0?os=linux&clickid=862317231831519609&osversion=unspecified_linux&connection.type=broadband®ion=nw&cost=0.001455&browser=chrome&subzone_id=0&creaid=21958849&browserversion=129&zoneid=7393037&lang=de&campid=8586340
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
phuthobsee.com/ |
50 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
phuthobsee.com/cdn-cgi/ |
128 B 540 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 544 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mw.min.js
phuthobsee.com/3bT/27mJf/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
littlecdn.com/apps/templates/subscriptions/universal/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
phuthobsee.com/19/7654968/ |
5 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0837106431823.jpeg
phuthobsee.com/contents/s/1e/10/1a/1182be0a57eae16f35cec8a07e/ |
111 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rhd
phuthobsee.com/ |
2 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
phuthobsee.com/ |
2 B 514 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
micro.tag.min.js
phuthobsee.com/3bT/27mJf/ |
44 KB 17 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
phuthobsee.com/ |
0 396 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7654967
phuthobsee.com/sw-check-permissions/ |
0 978 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
zone
phuthobsee.com/ |
0 543 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 619 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 543 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 619 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 620 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 622 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 620 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zone
phuthobsee.com/ |
562 B 926 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 625 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 622 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 621 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
event
phuthobsee.com/ |
26 B 622 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
cat.php
phuthobsee.com/ |
0 754 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7393037
phuthobsee.com/4/ |
29 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
phuthobsee.com/cdn-cgi/ |
128 B 536 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 506 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
add
phuthobsee.com/log/ |
12 B 556 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sftouch
phuthobsee.com/ |
43 B 786 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
phuthobsee.com/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
add
phuthobsee.com/async_log/ |
0 517 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8106fcbf77843e1e019810bbf0e996146c758b91b0
distortwear.com/ Redirect Chain
|
706 B 1004 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
phuthobsee.com/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
nPp-q5A7OQqDLSutLCqaTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5_tJfTtNfTJB4iD-61u1mvtRZvcpD9titNZ-Lcg3wc8YwfCktY5YwYCxwI53HLQI7LcNZySO5O5Y5I5L7LSqQOSLDL5qDOS-HIQuQI...
u.distortwear.com/ |
606 B 912 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
u.distortwear.com/cdn-cgi/ |
128 B 559 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
_DCyjEDp
s.click.aliexpress.com/e/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s.click.aliexpress.com
- URL
- https://s.click.aliexpress.com/e/_DCyjEDp?af=bwKd6ViLXwdZ&dp=6f6dd0db7a3611ef93c66cb3112353722759ac53a8
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
phuthobsee.com/ | Name: reverse Value: 2qDQymMM4da_EvtKfvLFmgP9Jgnt_brPbMSjPXxf_Ug |
|
phuthobsee.com/ | Name: OAID Value: 563f56fa0d17230953b64321f72b99c5 |
|
phuthobsee.com/ | Name: oaidts Value: 1727155965 |
|
phuthobsee.com/ | Name: prefetchAd_7654968 Value: true |
|
my.rtmark.net/ | Name: ID Value: 563f56fa0d17230953b64321f72b99c5 |
|
phuthobsee.com/ | Name: syncedCookie Value: true |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
distortwear.com
littlecdn.com
my.rtmark.net
phuthobsee.com
s.click.aliexpress.com
u.distortwear.com
s.click.aliexpress.com
104.21.20.43
139.45.195.8
2606:4700:3035::ac43:8d3b
2606:4700::6812:bf4
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1cf04620537038861c67b9315a1eed2222c7eea7a035d2bffa3fdb98cb67232f
235b928085dcdeafdaa0dbaae6ce1ef5329805c32938e258e8287df0fae2e3f9
2c0f1444a75cf4bec2bd707823c3f27ed2bedfef213f8d84318a066b2f9a9c8c
333df398bf3b7f1397fc352a33dde42747a18cd51f1bf77c6c4f3ddb01b1dc88
4335283743eb9e075b61c5870fd9a6ef1077eeb5369044b1d614a32a098b4779
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4da0eeb8e7c8b89450e16e9936659975f0ca18b6168d33a40627c6e1d3caf673
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
63d04b506a4039757540e6ccbd465770ac3fd10dd0d6503bb4aea9b972789e9c
6c877718b0216c2c3ae002b6820145d9cf3e35d250a58f74a5f8192d7a63df54
a3655c5899510964c4183c2ddf4be1b65cda0699cc5408e381eb55ed5a8f110e
a808bba5607c8545ab6675b5273a6841c033b50249466d44b62c2e738fd9377d
b007e24f9576dd319ad83127742dbbf90a0057c9696240c936719b7a808c9ad5
df2c6c0cd1f6392187ae3b54fa03074cb6c3f707d8baa2a7e7f28beba47fd338
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff9cd96127e8b0be3a97924e194da1bf8559d76517fe2d6e32dd7212a504b9f4