www.reddit.zengzhelingasdfcxz.top Open in urlscan Pro
173.199.70.168 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.reddit.zengzhelingasdfcxz.top/
Effective URL:
https://www.reddit.zengzhelingasdfcxz.top/login/
Submission: On January 28 via automatic, source certstream-suspicious (January 28th 2019, 6:44:49 am UTC)

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 173.199.70.168, located in Skanderborg, Denmark and belongs to AS-CHOOPA - Choopa, LLC, US. The main domain is www.reddit.zengzhelingasdfcxz.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 28th 2019. Valid for: 3 months.

This is the only time www.reddit.zengzhelingasdfcxz.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Reddit (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 13	173.199.70.168 173.199.70.168	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
7	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY - Fastly)
17	2

13 173.199.70.168 (Skanderborg, Denmark) 3 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 173.199.70.168.vultr.com

www.reddit.zengzhelingasdfcxz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
win.reddit.zengzhelingasdfcxz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.reddit.zengzhelingasdfcxz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	zengzhelingasdfcxz.top 3 redirects www.reddit.zengzhelingasdfcxz.top win.reddit.zengzhelingasdfcxz.top events.reddit.zengzhelingasdfcxz.top	388 KB
7	redditstatic.com www.redditstatic.com	201 KB
17	2

	Domain	Requested by
7	www.redditstatic.com	www.reddit.zengzhelingasdfcxz.top
7	win.reddit.zengzhelingasdfcxz.top	www.reddit.zengzhelingasdfcxz.top
4	www.reddit.zengzhelingasdfcxz.top	3 redirects
2	events.reddit.zengzhelingasdfcxz.top	win.reddit.zengzhelingasdfcxz.top
17	4

This site contains links to these domains. Also see Links.

Domain
www.reddithelp.com

Subject Issuer	Validity	Valid
www.reddit.zengzhelingasdfcxz.top Let's Encrypt Authority X3	`2019-01-28` - `2019-04-28`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.reddit.zengzhelingasdfcxz.top/login/
Frame ID: 12E8C595F2B2E6E25F59B27E7AF6AB71
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.reddit.zengzhelingasdfcxz.top/ HTTP 302
https://www.reddit.zengzhelingasdfcxz.top/login HTTP 302
http://www.reddit.zengzhelingasdfcxz.top/login/ HTTP 302
https://www.reddit.zengzhelingasdfcxz.top/login/ Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /.*Varnish/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

2
Countries

588 kB
Transfer

583 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reddithelp.com/en/categories/using-reddit/your-reddit-account/how-set-two-factor-authentication
Title: Having trouble ?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.reddit.zengzhelingasdfcxz.top/ HTTP 302
https://www.reddit.zengzhelingasdfcxz.top/login HTTP 302
http://www.reddit.zengzhelingasdfcxz.top/login/ HTTP 302
https://www.reddit.zengzhelingasdfcxz.top/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.reddit.zengzhelingasdfcxz.top/login/ Redirect Chain https://www.reddit.zengzhelingasdfcxz.top/ https://www.reddit.zengzhelingasdfcxz.top/login http://www.reddit.zengzhelingasdfcxz.top/login/ https://www.reddit.zengzhelingasdfcxz.top/login/	6 KB 6 KB	476ms 132ms	Document text/html	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `03b32efed48b8de2b872300cc1a2c4918e067ab616f82d78755ec74f7b50b3ff` Request headers Host www.reddit.zengzhelingasdfcxz.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control private, max-age=0, must-revalidate Connection close Content-Type text/html; charset=UTF-8 Date Mon, 28 Jan 2019 06:44:32 GMT Expires 0 Pragma no-cache Server snooserv Set-Cookie token=; Path=/; Domain=reddit.zengzhelingasdfcxz.top; Expires=Wed, 23 Jan 2019 06:44:32 GMT session=58420b2bc5cfabff9a958c87d34839fbd1f00e99gAJK0KROXEdB1xOpNADpV31xAVUHX2NzcmZ0X3ECWCgAAAAzMTlkYWVjMWU5ZDY5ZDU5MWE5MmViMGYxNGRiYjQ3ZGMyYWFiYWJjcQNzh3EELg==; Path=/; HttpOnly Transfer-Encoding chunked Via 1.1 varnish X-Cache MISS X-Cache-Hits 0 X-Served-By cache-cdg20751-CDG X-Timer S1548657872.977278,VS0,VE88 Redirect headers Content-Type text/html; charset=utf-8 Location https://www.reddit.zengzhelingasdfcxz.top/login/ Date Mon, 28 Jan 2019 06:44:31 GMT Content-Length 71
GET H/1.1	200 OK	vendor.7749aab6f5c7d510110eaa0430cb683d.css win.reddit.zengzhelingasdfcxz.top/accountmanager/	2 KB 3 KB	119ms 35ms	Stylesheet text/css	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/vendor.7749aab6f5c7d510110eaa0430cb683d.css Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `cb585d8ded1147a5299c3402ccebb9a08ab27385faf1e9a919572434c177e8ee` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:32 GMT Via 1.1 varnish 1.1 varnish Last-Modified Wed, 16 Jan 2019 23:07:41 GMT Server snooserv Age 88881 Etag "5cae44acb6419db4eb631f4c3b450671" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type text/css; charset=utf-8 Transfer-Encoding chunked X-Cache-Hits 1, 55 Connection close Accept-Ranges bytes X-Timer S1548657872.202607,VS0,VE0 X-Served-By cache-iad2146-IAD, cache-cdg20749-CDG
GET H/1.1	200 OK	theme.5cac6866db5d20bcb4373af1c257df64.css win.reddit.zengzhelingasdfcxz.top/accountmanager/	14 KB 15 KB	136ms 37ms	Stylesheet text/css	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `e99dc31a7ed79adf1a638363662f08984a11067e7d641bf6feaf4cead6fd0693` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:32 GMT Via 1.1 varnish 1.1 varnish Last-Modified Wed, 16 Jan 2019 23:07:41 GMT Server snooserv Age 78249 Etag "915bf4c700703035d783edd702103354" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type text/css; charset=utf-8 Transfer-Encoding chunked X-Cache-Hits 1, 124 Connection close Accept-Ranges bytes X-Timer S1548657872.218443,VS0,VE0 X-Served-By cache-iad2141-IAD, cache-cdg20749-CDG
GET H/1.1	200 OK	login.5d548fad4637c6ba118ebcf590a30611.css win.reddit.zengzhelingasdfcxz.top/accountmanager/	1 KB 2 KB	138ms 39ms	Stylesheet text/css	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/login.5d548fad4637c6ba118ebcf590a30611.css Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `eb8255a05ae40013cdc1714607975339a75a76845a2e0773b419b0d8fb69fb5d` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:32 GMT Via 1.1 varnish 1.1 varnish Last-Modified Wed, 16 Jan 2019 23:07:41 GMT Server snooserv Age 67898 Etag "64c7cc5a7f7db8c4140a70287b867702" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type text/css; charset=utf-8 Transfer-Encoding chunked X-Cache-Hits 2, 31 Connection close Accept-Ranges bytes X-Timer S1548657872.221682,VS0,VE0 X-Served-By cache-iad2143-IAD, cache-cdg20749-CDG
GET H/1.1	200 OK	common.920e6ca07b9488e8bffc.js Show response win.reddit.zengzhelingasdfcxz.top/accountmanager/	2 KB 2 KB	1586ms 66ms	Script application/javascript	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/common.920e6ca07b9488e8bffc.js Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `14831847513c6721b08a2e223754a5d735c9e8cac4f95722a2875986be38fdd4` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:33 GMT Via 1.1 varnish 1.1 varnish Last-Modified Thu, 24 Jan 2019 22:41:46 GMT Server snooserv Age 28851 Etag "4ba93f537813552fb99220077a596211" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type application/javascript Transfer-Encoding chunked X-Cache-Hits 1, 1 Connection close Accept-Ranges bytes X-Timer S1548657874.657893,VS0,VE0 X-Served-By cache-iad2146-IAD, cache-lhr6337-LHR
GET H/1.1	200 OK	vendor.02e70b0510146f5c6a8c.js Show response win.reddit.zengzhelingasdfcxz.top/accountmanager/	95 KB 95 KB	1880ms 336ms	Script application/javascript	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/vendor.02e70b0510146f5c6a8c.js Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `2f4d0fa6b9e68d7a038933a792a18bbdbb4d9ac0ebd0dd52a66b66572173cc14` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:33 GMT Via 1.1 varnish 1.1 varnish Last-Modified Wed, 16 Jan 2019 23:07:41 GMT Server snooserv Age 82712 Etag "fddbeeee502d959c55b70a1594fd7ece" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type application/javascript Transfer-Encoding chunked X-Cache-Hits 1, 22 Connection close Accept-Ranges bytes X-Timer S1548657874.665618,VS0,VE0 X-Served-By cache-iad2128-IAD, cache-cdg20749-CDG
GET H/1.1	200 OK	theme.f03d466e68261629ed71.js Show response win.reddit.zengzhelingasdfcxz.top/accountmanager/	144 B 630 B	1717ms 164ms	Script application/javascript	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.f03d466e68261629ed71.js Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `6d348de31b44c93bbd2231f4e64a01130009a81ee830220cb79d5058552eea42` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:33 GMT Via 1.1 varnish 1.1 varnish Last-Modified Mon, 07 Jan 2019 23:58:47 GMT Server snooserv Age 143083 Etag "3744fe93819bdf18ac6ef2ed44e32a09" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type application/javascript Transfer-Encoding chunked X-Cache-Hits 1, 1 Connection close Accept-Ranges bytes X-Timer S1548657874.746486,VS0,VE0 X-Served-By cache-iad2121-IAD, cache-lhr6337-LHR
GET H/1.1	200 OK	login.cd55f0447472f8b1a34f.js Show response win.reddit.zengzhelingasdfcxz.top/accountmanager/	262 KB 263 KB	2173ms 621ms	Script application/javascript	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://win.reddit.zengzhelingasdfcxz.top/accountmanager/login.cd55f0447472f8b1a34f.js Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software snooserv / Resource Hash `52c6f27e81bb880d4fb6ce2383104a52055c049da49770a3f30f91af6e58e40e` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host win.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Cookie wPUY=fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25; rseor3=true; rabt=; edgebucket=9cdpEXfrDvPHyBMa7E Connection keep-alive Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 28 Jan 2019 06:44:33 GMT Via 1.1 varnish 1.1 varnish Last-Modified Thu, 24 Jan 2019 20:30:53 GMT Server snooserv Age 36520 Etag "ef9557a012adec146b3373d39abb4c42" Vary Accept-Encoding,Origin X-Cache HIT, HIT Content-Type application/javascript Transfer-Encoding chunked X-Cache-Hits 3, 25 Connection close Accept-Ranges bytes X-Timer S1548657874.746184,VS0,VE0 X-Served-By cache-iad2146-IAD, cache-cdg20749-CDG
GET H2	200	bbb584033aa89e39bad69436c504c9bd.png www.redditstatic.com/accountmanager/	87 KB 87 KB	59ms 8ms	Image image/png	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://www.redditstatic.com/accountmanager/bbb584033aa89e39bad69436c504c9bd.png Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `78b269382ca9de0232b8df6f8d72d627e51d455610161e9c35ec421e9ca26ab9` Request headers Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 28 Jan 2019 06:44:32 GMT via 1.1 varnish, 1.1 varnish last-modified Wed, 16 Jan 2019 23:07:40 GMT server snooserv age 82915 etag "bbb584033aa89e39bad69436c504c9bd" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-cache HIT, HIT content-type image/png status 200 x-cache-hits 1, 71 accept-ranges bytes x-timer S1548657872.308552,VS0,VE0 content-length 88903 x-served-by cache-iad2142-IAD, cache-hhn1550-HHN
GET H2	200	18e257d5fdea817c0f12cccf8867d930.svg www.redditstatic.com/accountmanager/	812 B 633 B	81ms 30ms	Image image/svg+xml	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://www.redditstatic.com/accountmanager/18e257d5fdea817c0f12cccf8867d930.svg Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `c52ea94142ae7f1cd040030f7eaa73b162a0d7e27bd34b2cf0b46d2e5566d114` Request headers Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 28 Jan 2019 06:44:32 GMT content-encoding gzip age 78249 x-cache HIT, HIT status 200 content-length 450 x-served-by cache-iad2151-IAD, cache-hhn1550-HHN last-modified Tue, 15 Jan 2019 00:20:18 GMT server snooserv x-timer S1548657872.308715,VS0,VE0 etag "18e257d5fdea817c0f12cccf8867d930" vary Accept-Encoding,Origin content-type image/svg+xml via 1.1 varnish, 1.1 varnish accept-ranges bytes x-cache-hits 1, 12
GET H2	200	d489caa9704588f7b7e1d7e1ea7b38b8.svg www.redditstatic.com/accountmanager/	1 KB 692 B	81ms 30ms	Image image/svg+xml	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://www.redditstatic.com/accountmanager/d489caa9704588f7b7e1d7e1ea7b38b8.svg Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `54bd57caa7049e31f1cf1578a5b1cf551f61a5add88719dc229fa9e76dbf8d80` Request headers Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 28 Jan 2019 06:44:32 GMT content-encoding gzip age 68707 x-cache HIT, HIT status 200 content-length 623 x-served-by cache-iad2128-IAD, cache-hhn1550-HHN last-modified Wed, 16 Jan 2019 23:07:41 GMT server snooserv x-timer S1548657872.308766,VS0,VE0 etag "d489caa9704588f7b7e1d7e1ea7b38b8" vary Accept-Encoding,Origin content-type image/svg+xml via 1.1 varnish, 1.1 varnish accept-ranges bytes x-cache-hits 1, 621
GET H2	200	90a416eeb64d4d6ecd46c53d4ee11975.svg www.redditstatic.com/accountmanager/	1 KB 600 B	81ms 31ms	Image image/svg+xml	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://www.redditstatic.com/accountmanager/90a416eeb64d4d6ecd46c53d4ee11975.svg Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `424ab07c3f5decf55dc7bf9ff763ed6f8ac1c24aded6708160eb4bb94e2225ce` Request headers Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 28 Jan 2019 06:44:32 GMT content-encoding gzip age 67515 x-cache HIT, HIT status 200 content-length 517 x-served-by cache-iad2139-IAD, cache-hhn1550-HHN last-modified Tue, 08 May 2018 17:15:11 GMT server snooserv x-timer S1548657872.309062,VS0,VE0 etag "90a416eeb64d4d6ecd46c53d4ee11975" vary Accept-Encoding,Origin content-type image/svg+xml via 1.1 varnish, 1.1 varnish accept-ranges bytes x-cache-hits 7, 603
GET H2	200	c4b185e25a4dde85a29f902cd5ce5360.woff2 www.redditstatic.com/accountmanager/	49 KB 49 KB	176ms 125ms	Font application/octet-stream	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/accountmanager/c4b185e25a4dde85a29f902cd5ce5360.woff2 Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `93cde5cb70bd771eb4da4454e87018953019eb0b30a9d223ee2016682de4c392` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css Origin https://www.reddit.zengzhelingasdfcxz.top Response headers date Mon, 28 Jan 2019 06:44:32 GMT via 1.1 varnish, 1.1 varnish age 0 x-cache HIT, MISS status 200 access-control-max-age 3000 content-length 50348 x-served-by cache-iad2126-IAD, cache-hhn1546-HHN last-modified Thu, 24 Jan 2019 23:02:07 GMT server snooserv x-timer S1548657872.308814,VS0,VE99 etag "c4b185e25a4dde85a29f902cd5ce5360" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin * accept-ranges bytes x-cache-hits 1, 0
GET H2	200	abc24b0f77dd16d0b4ea7cbe4a1082b0.woff2 www.redditstatic.com/accountmanager/	15 KB 16 KB	148ms 98ms	Font application/octet-stream	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/accountmanager/abc24b0f77dd16d0b4ea7cbe4a1082b0.woff2 Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css Origin https://www.reddit.zengzhelingasdfcxz.top Response headers date Mon, 28 Jan 2019 06:44:32 GMT via 1.1 varnish, 1.1 varnish age 0 x-cache HIT, MISS status 200 access-control-max-age 3000 content-length 15572 x-served-by cache-iad2139-IAD, cache-hhn1546-HHN last-modified Thu, 24 Jan 2019 23:02:07 GMT server snooserv x-timer S1548657872.308954,VS0,VE91 etag "abc24b0f77dd16d0b4ea7cbe4a1082b0" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin * accept-ranges bytes x-cache-hits 1, 1
GET H2	200	875de5047556e7c822519d95d7ee692d.woff2 www.redditstatic.com/accountmanager/	47 KB 47 KB	170ms 120ms	Font application/octet-stream	151.101.1.140 Fastly
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/accountmanager/875de5047556e7c822519d95d7ee692d.woff2 Requested by Host: www.reddit.zengzhelingasdfcxz.top URL: https://www.reddit.zengzhelingasdfcxz.top/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software snooserv / Resource Hash `47d0880913058312bf847a8f2d95af7ed6adc65b0cf0ad9ea166fdd08cfa622d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://win.reddit.zengzhelingasdfcxz.top/accountmanager/theme.5cac6866db5d20bcb4373af1c257df64.css Origin https://www.reddit.zengzhelingasdfcxz.top Response headers date Mon, 28 Jan 2019 06:44:32 GMT via 1.1 varnish, 1.1 varnish age 0 x-cache HIT, MISS status 200 access-control-max-age 3000 content-length 47712 x-served-by cache-iad2147-IAD, cache-hhn1546-HHN last-modified Thu, 24 Jan 2019 23:02:07 GMT server snooserv x-timer S1548657872.308895,VS0,VE94 etag "875de5047556e7c822519d95d7ee692d" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin * accept-ranges bytes x-cache-hits 1, 1
OPTIONS H/1.1	200	v2 Show response events.reddit.zengzhelingasdfcxz.top/	0 566 B	152ms 75ms	XHR text/plain	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://events.reddit.zengzhelingasdfcxz.top/v2 Requested by Host: win.reddit.zengzhelingasdfcxz.top URL: https://win.reddit.zengzhelingasdfcxz.top/accountmanager/login.cd55f0447472f8b1a34f.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software Varnish / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Pragma no-cache Access-Control-Request-Method POST Origin https://www.reddit.zengzhelingasdfcxz.top Accept-Encoding gzip, deflate, br Host events.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Connection keep-alive Access-Control-Request-Headers x-signature Access-Control-Request-Method POST Origin https://www.reddit.zengzhelingasdfcxz.top Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Access-Control-Request-Headers x-signature Response headers Date Mon, 28 Jan 2019 06:44:39 GMT Via 1.1 varnish Vary Origin Transfer-Encoding chunked X-Cache HIT Connection close X-Served-By cache-lhr6346-LHR Server Varnish X-Timer S1548657879.491818,VS0,VE0 Access-Control-Max-Age 1728000 Access-Control-Allow-Methods POST, OPTIONS Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers X-Signature,X-Signature-v2,Content-Type,Origin,Accept,X-origination-host,X-origination-path Retry-After 0 X-Cache-Hits 0
POST H/1.1	200 OK	v2 Show response events.reddit.zengzhelingasdfcxz.top/	2 B 576 B	518ms 173ms	XHR application/json	173.199.70.168 Choopa
General Check archive.org Show headers Download Go to Full URL https://events.reddit.zengzhelingasdfcxz.top/v2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.199.70.168 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US), Reverse DNS 173.199.70.168.vultr.com Software / Resource Hash `44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a` Request headers Pragma no-cache X-Signature key=AccountManager3, mac=183bdc84c3e05cf21c71405707ef736d4d9888484f151994ac1929e2729e2958 Origin https://www.reddit.zengzhelingasdfcxz.top Accept-Encoding gzip, deflate, br Host events.reddit.zengzhelingasdfcxz.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept / Cache-Control no-cache Referer https://www.reddit.zengzhelingasdfcxz.top/login/ Connection keep-alive Content-Length 764 X-Signature key=AccountManager3, mac=183bdc84c3e05cf21c71405707ef736d4d9888484f151994ac1929e2729e2958 Origin https://www.reddit.zengzhelingasdfcxz.top Referer https://www.reddit.zengzhelingasdfcxz.top/login/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Mon, 28 Jan 2019 06:44:40 GMT Via 1.1 varnish Vary Origin Transfer-Encoding chunked X-Cache MISS Connection close X-Served-By cache-lhr6345-LHR X-Timer S1548657880.913987,VS0,VE95 Access-Control-Max-Age 1728000 Access-Control-Allow-Methods POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers X-Signature,X-Signature-v2,Content-Type,Origin,Accept,X-origination-host,X-origination-path X-Cache-Hits 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Reddit (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.reddit.zengzhelingasdfcxz.top/	1969-12-31 23:59:59	Name: session Value: 72895a59bfe9855baf2e256292fd63edb51cbaaagAJK0KROXEdB1xOpNAE1sX1xAVUHX2NzcmZ0X3ECWCgAAAA5NzAyNGRmODI2MDlkMGM3N2QxZjg3NTQ1Yzc3MzhlMThlZjc4OTIycQNzh3EELg==
.reddit.zengzhelingasdfcxz.top/	1969-12-31 23:59:59	Name: rabt Value:
.reddit.zengzhelingasdfcxz.top/	1969-12-31 23:59:59	Name: rseor3 Value: true
.reddit.zengzhelingasdfcxz.top/	1969-12-31 23:59:59	Name: edgebucket Value: 9cdpEXfrDvPHyBMa7E
.reddit.zengzhelingasdfcxz.top/	1970-01-18 22:11:01	Name: wPUY Value: fb2c00cddf84acc9b534eeb59caf1dc98444eab3e963f5c45f9b9a8ee0031b25

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.reddit.zengzhelingasdfcxz.top
win.reddit.zengzhelingasdfcxz.top
www.reddit.zengzhelingasdfcxz.top
www.redditstatic.com
151.101.1.140
173.199.70.168
03b32efed48b8de2b872300cc1a2c4918e067ab616f82d78755ec74f7b50b3ff
14831847513c6721b08a2e223754a5d735c9e8cac4f95722a2875986be38fdd4
2f4d0fa6b9e68d7a038933a792a18bbdbb4d9ac0ebd0dd52a66b66572173cc14
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9
424ab07c3f5decf55dc7bf9ff763ed6f8ac1c24aded6708160eb4bb94e2225ce
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47d0880913058312bf847a8f2d95af7ed6adc65b0cf0ad9ea166fdd08cfa622d
52c6f27e81bb880d4fb6ce2383104a52055c049da49770a3f30f91af6e58e40e
54bd57caa7049e31f1cf1578a5b1cf551f61a5add88719dc229fa9e76dbf8d80
6d348de31b44c93bbd2231f4e64a01130009a81ee830220cb79d5058552eea42
78b269382ca9de0232b8df6f8d72d627e51d455610161e9c35ec421e9ca26ab9
93cde5cb70bd771eb4da4454e87018953019eb0b30a9d223ee2016682de4c392
c52ea94142ae7f1cd040030f7eaa73b162a0d7e27bd34b2cf0b46d2e5566d114
cb585d8ded1147a5299c3402ccebb9a08ab27385faf1e9a919572434c177e8ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99dc31a7ed79adf1a638363662f08984a11067e7d641bf6feaf4cead6fd0693
eb8255a05ae40013cdc1714607975339a75a76845a2e0773b419b0d8fb69fb5d

www.reddit.zengzhelingasdfcxz.top Open in urlscan Pro 173.199.70.168 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

2 IPs

2 Countries

588 kBTransfer

583 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

5 Cookies

Indicators

www.reddit.zengzhelingasdfcxz.top Open in urlscan Pro
173.199.70.168 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

2
IPs

2
Countries

588 kB
Transfer

583 kB
Size

5
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!