amazoncon.co Open in urlscan Pro
154.9.254.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/4wrrcden?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc
Effective URL:
https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc
Submission Tags: @phish_report
Submission: On December 02 via api (December 2nd 2024, 4:00:04 pm UTC) from FI — Scanned from FI

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 154.9.254.48, located in Los Angeles, United States and belongs to NETLAB-SDN, US. The main domain is amazoncon.co.
TLS certificate: Issued by E5 on November 26th 2024. Valid for: 3 months.

This is the only time amazoncon.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.111.161 104.18.111.161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	154.9.254.48 154.9.254.48	979 (NETLAB-SDN) (NETLAB-SDN)
3	1

1 104.18.111.161 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 154.9.254.48 (Los Angeles, United States)

ASN979 (NETLAB-SDN, US)

amazoncon.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	amazoncon.co amazoncon.co	230 KB
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 21195	831 B
3	2

	Domain	Requested by
3	amazoncon.co	amazoncon.co
1	tinyurl.com	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
amazoncon.co E5	`2024-11-26` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc
Frame ID: 1B136D0B635EC6B42FF7C5CF758321F2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tinyurl.com/4wrrcden?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc HTTP 301
http://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc HTTP 307
https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

230 kB
Transfer

229 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/4wrrcden?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc HTTP 301
http://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc HTTP 307
https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response amazoncon.co/ Redirect Chain https://tinyurl.com/4wrrcden?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc http://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc	12 KB 13 KB	1064ms 222ms	Document text/html	154.9.254.48 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.254.48 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software Kestrel / Resource Hash `be460a535da6c2ed5776eca755580fc7ec914db303268e6e68c7ac9d5108939e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers content-length 12746 content-type text/html date Mon, 02 Dec 2024 15:59:59 GMT server Kestrel Redirect headers Location https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Non-Authoritative-Reason HttpsUpgrades
GET H2	200	bootstrap.css amazoncon.co/lib/bootstrap/dist/css/	199 KB 200 KB	215ms 215ms	Stylesheet text/css	154.9.254.48 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://amazoncon.co/lib/bootstrap/dist/css/bootstrap.css Requested by Host: amazoncon.co URL: https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.254.48 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software Kestrel / Resource Hash `c657b1aa3f7f937ba86d5c067dc899723fde0dda2868d81c7f83852ed2d4ca03` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Response headers accept-ranges bytes content-length 204136 etag "1db19e8959246e8" date Mon, 02 Dec 2024 15:59:59 GMT content-type text/css last-modified Wed, 09 Oct 2024 01:14:27 GMT server Kestrel
GET H2	200	favicon.ico amazoncon.co/	17 KB 17 KB	218ms 218ms	Other image/x-icon	154.9.254.48 NETLAB-SDN
General Check archive.org Show headers Download Go to Full URL https://amazoncon.co/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.9.254.48 Los Angeles, United States, ASN979 (NETLAB-SDN, US), Reverse DNS Software Kestrel / Resource Hash `17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://amazoncon.co/?Kxl=%209F2YtPEBje?Lil=CKhWcFSrgc Response headers accept-ranges bytes content-length 17542 etag "1db1a1331378506" date Mon, 02 Dec 2024 16:00:00 GMT content-type image/x-icon last-modified Wed, 09 Oct 2024 06:19:27 GMT server Kestrel

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tinyurl.com/	1970-01-21 01:25:56	Name: __cf_bm Value: CkAjf_E5hHFdRs1ovxLpjSRQuQhIRIrnFBsqf68k4.E-1733155199-1.0.1.1-.YlgwLUO_oBgx_rEUBP.EDArNeT1cPB02MV4TYTcfKNQ8HiAiKA_06q9rDi91nkp4E.kZvr9LbwFCtJA2CMNLQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazoncon.co
tinyurl.com
104.18.111.161
154.9.254.48
17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09
be460a535da6c2ed5776eca755580fc7ec914db303268e6e68c7ac9d5108939e
c657b1aa3f7f937ba86d5c067dc899723fde0dda2868d81c7f83852ed2d4ca03

amazoncon.co Open in urlscan Pro 154.9.254.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

230 kBTransfer

229 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

amazoncon.co Open in urlscan Pro
154.9.254.48 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

230 kB
Transfer

229 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions