www.azxurenotifeddicu.com Open in urlscan Pro
66.235.200.147  Malicious Activity! Public Scan

URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Submission Tags: @ipnigh
Submission: On April 29 via api from GB

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 12 HTTP transactions. The main IP is 66.235.200.147, located in Burlington, United States and belongs to CLOUDFLARENET, US. The main domain is www.azxurenotifeddicu.com.
This is the only time www.azxurenotifeddicu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 66.235.200.147 13335 (CLOUDFLAR...)
1 156.235.143.17 134548 (DXTL-HK D...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 204.109.60.27 36236 (NETACTUATE)
1 202.181.195.139 7540 (HKCIX-AS-...)
2 2 173.208.195.156 32097 (WII)
2 72.9.150.244 393398 (ASN-DIS)
12 10
Domain Requested by
2 err.freewebhostingarea.com www.azxurenotifeddicu.com
2 adobetranza.coolpage.biz 2 redirects
2 www.archiveteam.org 1 redirects www.azxurenotifeddicu.com
1 www.adone.com.hk www.azxurenotifeddicu.com
1 gunaxin.com www.azxurenotifeddicu.com
1 www.gunaxin.com 1 redirects
1 www1-lw.xda-cdn.com www.azxurenotifeddicu.com
1 upload.wikimedia.org www.azxurenotifeddicu.com
1 icons.iconarchive.com www.azxurenotifeddicu.com
1 blackhistory-101.com www.azxurenotifeddicu.com
1 www.azxurenotifeddicu.com
0 azxurenotifeddicu.com Failed www.azxurenotifeddicu.com
12 12

This site contains no links.

Subject Issuer Validity Valid
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-10-06
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-12-23 -
2020-10-09
10 months crt.sh
www.archiveteam.org
Let's Encrypt Authority X3
2020-04-07 -
2020-07-06
3 months crt.sh
err.freewebhostingarea.com
cPanel, Inc. Certification Authority
2020-04-22 -
2020-07-21
3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Frame ID: 2B51E3F8D54DA069E2E53749C39E09E6
Requests: 13 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

12
Requests

50 %
HTTPS

40 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

146 kB
Transfer

156 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.gunaxin.com/wp-content/uploads/2012/06/QQ-logo.jpg HTTP 301
  • https://gunaxin.com/wp-content/uploads/2012/06/QQ-logo.jpg
Request Chain 5
  • http://www.archiveteam.org/images/a/a2/Yahoo-logo.png HTTP 302
  • https://www.archiveteam.org/a/a2/Yahoo-logo.png
Request Chain 8
  • http://adobetranza.coolpage.biz/docomo/spiff/adobe-files/bg.jpg HTTP 302
  • https://err.freewebhostingarea.com/403.html
Request Chain 9
  • http://adobetranza.coolpage.biz/docomo/spiff/adobe-files/smallpdf.png HTTP 302
  • https://err.freewebhostingarea.com/403.html
Request Chain 10
  • http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.woff HTTP 301
  • http://azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.woff
Request Chain 11
  • http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.ttf HTTP 301
  • http://azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.ttf

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
17 KB
7 KB
Document
General
Full URL
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Server
66.235.200.147 Burlington, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
host77.ipowerweb.com
Software
cloudflare /
Resource Hash
80a95070a4777a69eebeb8e3a2535cd4a2c6addc0709b637c61b1a150ddde0ff

Request headers

Host
www.azxurenotifeddicu.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 01:16:37 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de437bbbe4b6e1a50f97827df22192aae1588122997; expires=Fri, 29-May-20 01:16:37 GMT; path=/; domain=.www.azxurenotifeddicu.com; HttpOnly; SameSite=Lax
Last-Modified
Tue, 28 Apr 2020 16:44:33 GMT
Cache-Control
max-age=300
Expires
Wed, 29 Apr 2020 01:21:37 GMT
Vary
Accept-Encoding
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level
2
X-Server-Cache
true
X-Proxy-Cache
HIT
CF-Cache-Status
REVALIDATED
Server
cloudflare
CF-RAY
58b52dbf08f00877-CDG
Content-Encoding
gzip
cf-request-id
02651aeb6400000877032b5200000001
pdf-logo.png
blackhistory-101.com/images/
0
0
Image
General
Full URL
http://blackhistory-101.com/images/pdf-logo.png
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Server
156.235.143.17 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pdf-icon.png
icons.iconarchive.com/icons/graphicloads/filetype/128/
5 KB
5 KB
Image
General
Full URL
http://icons.iconarchive.com/icons/graphicloads/filetype/128/pdf-icon.png
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Server
2606:4700:3036::681b:aeee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0517ce588e24625fa667809f1638786c4ce6300f5a4993c647614074b3f56a

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 01:16:37 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 14 Dec 2016 23:13:01 GMT
Server
cloudflare
Age
172250
ETag
"356277444"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=172800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
58b52dc10b2305c8-FRA
Content-Length
4847
cf-request-id
02651aeca8000005c85318d200000001
Expires
Wed, 29 Apr 2020 01:25:47 GMT
200px-AOL_Eraser.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/a/a2/AOL_Eraser.svg/
10 KB
10 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/AOL_Eraser.svg/200px-AOL_Eraser.svg.png
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.7 /
Resource Hash
8e982c922dc592371d022343be26330264a811cbf26885f5c89839e711914a1a
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 17:15:31 GMT
age
28866
x-cache-status
hit-front
x-cache
cp3053 hit, cp3063 hit/2
status
200
content-disposition
inline;filename*=UTF-8''AOL_Eraser.svg.png
server-timing
cache;desc="hit-front"
content-length
9929
x-client-ip
2a01:4f8:121:131a::2
x-object-meta-sha1base36
1e173krnq4omrwr237t82q9ornr6tpi
last-modified
Wed, 25 May 2016 02:56:27 GMT
server
ATS/8.0.7
etag
5e8a910616b6d430b573d9a9b7f7fb80
strict-transport-security
max-age=106384710; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
x-timestamp
1464144986.39129
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
microsoft_outlook-logo_640.jpg
www1-lw.xda-cdn.com/files/2015/01/
14 KB
15 KB
Image
General
Full URL
https://www1-lw.xda-cdn.com/files/2015/01/microsoft_outlook-logo_640.jpg
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:be4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e330f69dbb4fe1ffa0e5530ecdf9ff202ea8de225832d132cb7b35d8817bc23

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 01:16:37 GMT
cf-cache-status
HIT
age
2453
status
200
content-length
14612
cf-request-id
02651aecc30000dfeb4a22b200000001
pragma
public
last-modified
Thu, 29 Jan 2015 08:13:45 GMT
server
cloudflare
etag
"54c9ebb9-3914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
58b52dc13ff1dfeb-FRA
expires
Thu, 29 Apr 2021 00:35:43 GMT
QQ-logo.jpg
gunaxin.com/wp-content/uploads/2012/06/
Redirect Chain
  • http://www.gunaxin.com/wp-content/uploads/2012/06/QQ-logo.jpg
  • https://gunaxin.com/wp-content/uploads/2012/06/QQ-logo.jpg
0
0
Image
General
Full URL
https://gunaxin.com/wp-content/uploads/2012/06/QQ-logo.jpg
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:1f8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date
Wed, 29 Apr 2020 01:16:37 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://gunaxin.com/wp-content/uploads/2012/06/QQ-logo.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
58b52dc10b1805c8-FRA
cf-request-id
02651aeca4000005c86f3ed200000001
Expires
Wed, 29 Apr 2020 02:16:37 GMT
Yahoo-logo.png
www.archiveteam.org/a/a2/
Redirect Chain
  • http://www.archiveteam.org/images/a/a2/Yahoo-logo.png
  • https://www.archiveteam.org/a/a2/Yahoo-logo.png
0
0
Image
General
Full URL
https://www.archiveteam.org/a/a2/Yahoo-logo.png
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.109.60.27 Dallas, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
breeze2.tqhosting.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location
https://www.archiveteam.org/a/a2/Yahoo-logo.png
Date
Wed, 29 Apr 2020 01:16:38 GMT
Server
Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
Connection
close
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Net%20ease%20copy.png
www.adone.com.hk/images/
102 KB
102 KB
Image
General
Full URL
http://www.adone.com.hk/images/Net%20ease%20copy.png
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Server
202.181.195.139 , Hong Kong, ASN7540 (HKCIX-AS-AP HongKong Commercial Internet Exchange, HK),
Reverse DNS
salad2.keynet-hk.com
Software
Apache /
Resource Hash
2d4d62d6b74c8faa3fff2890b791053f13d094cf3fa56b44aa11f997d39e8680

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 01:16:38 GMT
Last-Modified
Wed, 30 Mar 2016 10:32:26 GMT
Server
Apache
ETag
"1967d-52f41a97fe192"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
close
Accept-Ranges
bytes
Content-Length
104061
Expires
Thu, 29 Apr 2021 01:16:38 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
150635dc2c0d83b291bca970628370ff2a04c760c3bb7c1ff52aee296b6287d5

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
403.html
err.freewebhostingarea.com/
Redirect Chain
  • http://adobetranza.coolpage.biz/docomo/spiff/adobe-files/bg.jpg
  • https://err.freewebhostingarea.com/403.html
3 KB
3 KB
Image
General
Full URL
https://err.freewebhostingarea.com/403.html
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.9.150.244 Dallas, United States, ASN393398 (ASN-DIS, US),
Reverse DNS
freewebhostingarea.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 01:16:38 GMT
Last-Modified
Mon, 27 Apr 2020 21:27:43 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=10000
Content-Length
3278

Redirect headers

Location
https://err.freewebhostingarea.com/403.html
Date
Wed, 29 Apr 2020 01:16:38 GMT
Server
Apache/2.4.41
Connection
Keep-Alive
Keep-Alive
timeout=1, max=10000
Content-Length
227
Content-Type
text/html; charset=iso-8859-1
403.html
err.freewebhostingarea.com/
Redirect Chain
  • http://adobetranza.coolpage.biz/docomo/spiff/adobe-files/smallpdf.png
  • https://err.freewebhostingarea.com/403.html
3 KB
3 KB
Image
General
Full URL
https://err.freewebhostingarea.com/403.html
Requested by
Host: www.azxurenotifeddicu.com
URL: http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.9.150.244 Dallas, United States, ASN393398 (ASN-DIS, US),
Reverse DNS
freewebhostingarea.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 01:16:38 GMT
Last-Modified
Mon, 27 Apr 2020 21:27:43 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=1, max=10000
Content-Length
3278

Redirect headers

Location
https://err.freewebhostingarea.com/403.html
Date
Wed, 29 Apr 2020 01:16:38 GMT
Server
Apache/2.4.41
Connection
Keep-Alive
Keep-Alive
timeout=1, max=10000
Content-Length
227
Content-Type
text/html; charset=iso-8859-1
et-line.woff
azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/
Redirect Chain
  • http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.woff
  • http://azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.woff
0
0

et-line.ttf
azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/
Redirect Chain
  • http://www.azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.ttf
  • http://azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.ttf
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
azxurenotifeddicu.com
URL
http://azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.woff
Domain
azxurenotifeddicu.com
URL
http://azxurenotifeddicu.com/~azxureno/wp-content/uploads/2020/04/fonts/et-line.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies