showtime.co.nz Open in urlscan Pro
27.124.125.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://showtime.co.nz/
Submission: On November 22 via api (November 22nd 2022, 7:54:20 pm UTC) from US — Scanned from NZ

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 27.124.125.18, located in Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is showtime.co.nz.

This is the only time showtime.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	27.124.125.18 27.124.125.18	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
2	3.13.192.206 3.13.192.206	16509 (AMAZON-02) (AMAZON-02)
4	52.84.45.5 52.84.45.5	16509 (AMAZON-02) (AMAZON-02)
1	76.223.7.137 76.223.7.137	16509 (AMAZON-02) (AMAZON-02)
1	198.145.13.11 198.145.13.11	2044 (DF-PTL1) (DF-PTL1)
1	198.145.13.14 198.145.13.14	() ()
10	6

1 27.124.125.18 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: webforwarders.dnspackage.com

showtime.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.13.192.206 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-192-206.us-east-2.compute.amazonaws.com

www.jtcfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.45.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-5.mrs52.r.cloudfront.net

static.secure.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.7.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa060c25d492a72b0.awsglobalaccelerator.com

www.webstarts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.11 (Tualatin, United States)

ASN2044 (DF-PTL1, US)
PTR: getclicky.com

stats.webstarts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (None, )

ASN- ()

stats.webstarts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	secure.website static.secure.website — Cisco Umbrella Rank: 478862	114 KB
3	webstarts.com www.webstarts.com — Cisco Umbrella Rank: 481643 stats.webstarts.com — Cisco Umbrella Rank: 675525	6 KB
2	jtcfun.com www.jtcfun.com	2 KB
1	showtime.co.nz showtime.co.nz	803 B
10	4

	Domain	Requested by
4	static.secure.website	www.jtcfun.com static.secure.website
2	stats.webstarts.com	www.jtcfun.com stats.webstarts.com
2	www.jtcfun.com	showtime.co.nz www.jtcfun.com
1	www.webstarts.com	static.secure.website
1	showtime.co.nz
10	5

This site contains no links.

Subject Issuer	Validity	Valid
static.secure.website Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
www.webstarts.com Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh
win.staticstuff.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-28` - `2023-11-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://showtime.co.nz/
Frame ID: 28B27A9A26B1C634D544A6CD4AF16DA6
Requests: 1 HTTP requests in this frame

Frame: http://www.jtcfun.com/showtime?r=20221109003824
Frame ID: 09DBD855F02616670DC6E2C24632643C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

10
Requests

40 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

123 kB
Transfer

133 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response showtime.co.nz/	628 B 803 B	480ms 141ms	Document text/html	27.124.125.18 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://showtime.co.nz/ Protocol HTTP/1.1 Server 27.124.125.18 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS webforwarders.dnspackage.com Software nginx / Resource Hash `a9f2e60a2a5ad415dbec6db045c3591b4fd9bb8eed55fd02e64603bde398c8d7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 22 Nov 2022 19:54:14 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	showtime Show response www.jtcfun.com/ Frame 09DB	3 KB 2 KB	1163ms 495ms	Document text/html	3.13.192.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://www.jtcfun.com/showtime?r=20221109003824 Requested by Host: showtime.co.nz URL: http://showtime.co.nz/ Protocol HTTP/1.1 Server 3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-13-192-206.us-east-2.compute.amazonaws.com Software Apache / Resource Hash `4eabbf10545d6dd02b82d7c82c0f4ca58667d6f2092d6ea3c8c6f08b6e832ac9` Request headers Referer http://showtime.co.nz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers content-encoding gzip content-length 1436 content-type text/html; charset=UTF-8 date Tue, 22 Nov 2022 19:54:15 GMT server Apache vary Accept-Encoding
GET H/1.1	200 OK	ws-common.js Show response static.secure.website/library/users/ Frame 09DB	4 KB 2 KB	769ms 373ms	Script text/javascript	52.84.45.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.secure.website/library/users/ws-common.js Requested by Host: www.jtcfun.com URL: http://www.jtcfun.com/showtime?r=20221109003824 Protocol HTTP/1.1 Server 52.84.45.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-45-5.mrs52.r.cloudfront.net Software Apache / Resource Hash `2d2630e648d139b7eca62292684b171a53883f49bab3f8676439da2c381afe5f` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Wed, 26 Oct 2022 20:21:45 GMT Content-Encoding gzip Via 1.1 619ec087cb9316041730ef86d5003ae8.cloudfront.net (CloudFront) X-Amz-Cf-Pop MRS52-P1 Age 2331151 X-Cache Hit from cloudfront Connection keep-alive Content-Length 1576 Pragma cache Last-Modified Thu, 18 Mar 2021 11:50:06 GMT Server Apache Vary Accept-Encoding Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 X-Amz-Cf-Id RxXQmV-JUSIXLwpCwxpvx1fOxxwmlHPK4EFllhJC7mtSJHVmTiK4Jw== Expires Fri, 25 Nov 2022 20:21:45 GMT
GET H2	200	SHOWTIME_LOGO_THIS_218.png static.secure.website/wscfus/1328802/uploads/ Frame 09DB	95 KB 96 KB	1660ms 833ms	Image image/png	52.84.45.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.secure.website/wscfus/1328802/uploads/SHOWTIME_LOGO_THIS_218.png Requested by Host: www.jtcfun.com URL: http://www.jtcfun.com/showtime?r=20221109003824 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.45.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-45-5.mrs52.r.cloudfront.net Software AmazonS3 / Resource Hash `84d65977dfe4f5451ceb04d28f316ae07ba63623fd9c1f6d439d5c1b4617190d` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 20:37:24 GMT x-amz-version-id null via 1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront) last-modified Thu, 14 Dec 2017 18:45:12 GMT server AmazonS3 x-amz-cf-pop MRS52-P1 age 83813 etag "c7873be193a5e990e411b39dfdbe412d" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 97643 x-amz-cf-id n-liKPOckd1DtSv0rikaWCsHf4fOfj2zCdz8eUcEuyL-IdnRybQ7IQ==
GET H2	200	ofhxgrb0h5tq9ykk9wtl-w180-o.jpg static.secure.website/wscfus/1328802/2989027/ Frame 09DB	15 KB 15 KB	524ms 470ms	Image image/jpeg	52.84.45.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.secure.website/wscfus/1328802/2989027/ofhxgrb0h5tq9ykk9wtl-w180-o.jpg Requested by Host: www.jtcfun.com URL: http://www.jtcfun.com/showtime?r=20221109003824 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.45.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-45-5.mrs52.r.cloudfront.net Software AmazonS3 / Resource Hash `50c2fe5abefe4ece108b62053aaa1fa6b872d448a4eeb827a0d6f3ecd0c15e40` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 20:37:24 GMT x-amz-version-id null via 1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront) last-modified Fri, 29 Apr 2016 09:23:32 GMT server AmazonS3 x-amz-cf-pop MRS52-P1 age 83813 etag "c019b290420000f5a6d4b04a956ccd26" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 15481 x-amz-cf-id a8WatdANnyrCVv1-8cCNpvmCFIcdZSITtV8oK5n10WTdr-oSq3kAGg==
GET H/1.1	200 OK	stats-tracking.js Show response www.jtcfun.com/Scripts/ Frame 09DB	210 B 431 B	486ms 486ms	Script application/javascript	3.13.192.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://www.jtcfun.com/Scripts/stats-tracking.js Requested by Host: www.jtcfun.com URL: http://www.jtcfun.com/showtime?r=20221109003824 Protocol HTTP/1.1 Server 3.13.192.206 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-13-192-206.us-east-2.compute.amazonaws.com Software Apache / Resource Hash `a0a0d73971584c8332ccf8b154de50d798ad6f6de6646b2be9b46611b1ffe604` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/showtime?r=20221109003824 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 19:54:16 GMT content-encoding gzip last-modified Sun, 19 Mar 2017 13:48:35 GMT server Apache etag "d2-54b15aad1475b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 154
GET H/1.1	200 OK	ws-common.css static.secure.website/library/users/ Frame 09DB	817 B 969 B	373ms 373ms	Stylesheet text/css	52.84.45.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://static.secure.website/library/users/ws-common.css Requested by Host: static.secure.website URL: http://static.secure.website/library/users/ws-common.js Protocol HTTP/1.1 Server 52.84.45.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-45-5.mrs52.r.cloudfront.net Software Apache / Resource Hash `8051810d7b77e098aeecdf1534aad922e13f5f4a1865e79dc88a1a7c05bb6f94` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Sun, 06 Nov 2022 02:53:03 GMT Content-Encoding gzip Via 1.1 619ec087cb9316041730ef86d5003ae8.cloudfront.net (CloudFront) X-Amz-Cf-Pop MRS52-P1 Age 1443673 X-Cache Hit from cloudfront Connection keep-alive Content-Length 392 Pragma cache Last-Modified Thu, 18 Mar 2021 11:50:06 GMT Server Apache Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=2592000 X-Amz-Cf-Id ytfC1z4C49h8rZF1uAHqXpOHDSkII8YOlWCqgy2BXf8Q9CCklyYNiA== Expires Tue, 06 Dec 2022 02:53:03 GMT
GET H/1.1	200 OK	add.js Show response www.webstarts.com/library/users/ Frame 09DB	9 B 363 B	883ms 358ms	Script application/javascript	76.223.7.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.webstarts.com/library/users/add.js?from=www.jtcfun.com Requested by Host: static.secure.website URL: http://static.secure.website/library/users/ws-common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.7.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS aa060c25d492a72b0.awsglobalaccelerator.com Software Apache / Resource Hash `e49b1800e97d395ff06938f35262897dd9a771bca610708d7f433793eec7c78e` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Pragma no-cache Date Tue, 22 Nov 2022 19:54:17 GMT Server Apache Content-Type application/javascript; Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 9 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	179456.js Show response stats.webstarts.com/ Frame 09DB	15 KB 5 KB	934ms 306ms	Script text/javascript	198.145.13.11 DF-PTL1
General Check archive.org Show headers Download Go to Full URL https://stats.webstarts.com/179456.js Requested by Host: www.jtcfun.com URL: http://www.jtcfun.com/Scripts/stats-tracking.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.145.13.11 Tualatin, United States, ASN2044 (DF-PTL1, US), Reverse DNS getclicky.com Software nginx / Resource Hash `bbe98a7d220a6ac4af4f347963217735f04fc0bfce405c5303dcb75eb83ff370` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers expires Tue, 29 Nov 2022 19:54:17 GMT date Tue, 22 Nov 2022 19:54:17 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 x-proxy-cache MISS
GET H/1.1	200 OK	in.php Show response stats.webstarts.com/ Frame 09DB	250 B 589 B	617ms 311ms	Script text/javascript	198.145.13.14
General Check archive.org Show headers Download Go to Full URL http://stats.webstarts.com/in.php?site_id=179456&type=pageview&href=%2Fshowtime%3Fr%3D20221109003824&title=Showtime.co.nz%20for%20showbags%20and%20fundraising%20team%20gear!&ref=http%3A%2F%2Fshowtime.co.nz%2F&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.75336250988846 Requested by Host: stats.webstarts.com URL: https://stats.webstarts.com/179456.js Protocol HTTP/1.1 Server 198.145.13.14 -, , ASN (), Reverse DNS Software nginx / Resource Hash `2ab9f0c526edab55234a0ca7ee948c5b06825b2a8f917012e19bebdf5bf62e9f` Request headers accept-language en-NZ,en;q=0.9 Referer http://www.jtcfun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Tue, 22 Nov 2022 19:54:18 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Expires Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

showtime.co.nz
static.secure.website
stats.webstarts.com
www.jtcfun.com
www.webstarts.com
198.145.13.11
198.145.13.14
27.124.125.18
3.13.192.206
52.84.45.5
76.223.7.137
2ab9f0c526edab55234a0ca7ee948c5b06825b2a8f917012e19bebdf5bf62e9f
2d2630e648d139b7eca62292684b171a53883f49bab3f8676439da2c381afe5f
4eabbf10545d6dd02b82d7c82c0f4ca58667d6f2092d6ea3c8c6f08b6e832ac9
50c2fe5abefe4ece108b62053aaa1fa6b872d448a4eeb827a0d6f3ecd0c15e40
8051810d7b77e098aeecdf1534aad922e13f5f4a1865e79dc88a1a7c05bb6f94
84d65977dfe4f5451ceb04d28f316ae07ba63623fd9c1f6d439d5c1b4617190d
a0a0d73971584c8332ccf8b154de50d798ad6f6de6646b2be9b46611b1ffe604
a9f2e60a2a5ad415dbec6db045c3591b4fd9bb8eed55fd02e64603bde398c8d7
bbe98a7d220a6ac4af4f347963217735f04fc0bfce405c5303dcb75eb83ff370
e49b1800e97d395ff06938f35262897dd9a771bca610708d7f433793eec7c78e

showtime.co.nz Open in urlscan Pro 27.124.125.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

10 Requests

40 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

123 kBTransfer

133 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

showtime.co.nz Open in urlscan Pro
27.124.125.18 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

40 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

123 kB
Transfer

133 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions