requests-amazon.networkappclients241.top Open in urlscan Pro
199.250.204.160 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://amzn-usr946.us.to/
Effective URL:
https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Submission: On April 16 via api (April 16th 2024, 12:28:36 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 199.250.204.160, located in United States and belongs to IMH-IAD, US. The main domain is requests-amazon.networkappclients241.top.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.

This is the only time requests-amazon.networkappclients241.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.199.80.121 128.199.80.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2a02:4780:b:1... 2a02:4780:b:1368:0:235c:3a48:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1 11	199.250.204.160 199.250.204.160	54641 (IMH-IAD) (IMH-IAD)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::272	54113 (FASTLY) (FASTLY)
12	3

1 128.199.80.121 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

amzn-usr946.us.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:b:1368:0:235c:3a48:2 (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

verify.upkiefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.250.204.160 (United States) 1 redirects

ASN54641 (IMH-IAD, US)
PTR: vps105033.inmotionhosting.com

requests-amazon.networkappclients241.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	networkappclients241.top 1 redirects requests-amazon.networkappclients241.top	338 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 522	64 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 315	63 KB
1	upkiefiles.com 1 redirects verify.upkiefiles.com	443 B
1	us.to 1 redirects amzn-usr946.us.to	300 B
12	5

	Domain	Requested by
11	requests-amazon.networkappclients241.top	1 redirects requests-amazon.networkappclients241.top
1	m.media-amazon.com	requests-amazon.networkappclients241.top
1	cdn.jsdelivr.net	requests-amazon.networkappclients241.top
1	verify.upkiefiles.com	1 redirects
1	amzn-usr946.us.to	1 redirects
12	5

This site contains no links.

Subject Issuer	Validity	Valid
requests-amazon.networkappclients241.top R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-03-18` - `2025-03-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Frame ID: 64B3130B0D37B18D65E7328BB8AB29E2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Sign-In

Page URL History Show full URLs

https://amzn-usr946.us.to/ HTTP 302
https://verify.upkiefiles.com/?ID=b2350371dc516810886d16efd5311831c6dc7353dd93797b9f18ab895df47c37 HTTP 302
https://requests-amazon.networkappclients241.top/?utuhh HTTP 302
https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

464 kB
Transfer

612 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://amzn-usr946.us.to/ HTTP 302
https://verify.upkiefiles.com/?ID=b2350371dc516810886d16efd5311831c6dc7353dd93797b9f18ab895df47c37 HTTP 302
https://requests-amazon.networkappclients241.top/?utuhh HTTP 302
https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1221c341f13f968fb12e78484de9b803 Show response
requests-amazon.networkappclients241.top/ap/signin/
Redirect Chain

https://amzn-usr946.us.to/
https://verify.upkiefiles.com/?ID=b2350371dc516810886d16efd5311831c6dc7353dd93797b9f18ab895df47c37
https://requests-amazon.networkappclients241.top/?utuhh
https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803

16 KB
17 KB

108ms
108ms

Document
text/html

199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: bbe4904d452d6a0ff9e500ecd77695deaed1f94463a1ab00ca2e1bf29fd94881

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 12:28:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 12:28:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ap/signin/1221c341f13f968fb12e78484de9b803
pragma: no-cache
server: Apache

GET
H2 200 31U9HrBLKmL.css_.css
requests-amazon.networkappclients241.top/css/ 159 KB
159 KB 108ms
104ms Stylesheet
text/css 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/css/31U9HrBLKmL.css_.css
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: 4648abb280e111d9e38e9725b6a134d942eb08d952e07587d04555bb38b4bb6a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Sun, 24 Dec 2023 18:54:16 GMT
server: Apache
accept-ranges: bytes
content-length: 162447
content-type: text/css

GET
H2 200 51ndJ60shfL.css_.css
requests-amazon.networkappclients241.top/css/ 47 KB
47 KB 226ms
222ms Stylesheet
text/css 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/css/51ndJ60shfL.css_.css
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: e8c15fc15b772e39f878c537bdff6f87a9ccf272a8ebb54e06470c66d8eb1dd8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Mon, 26 Feb 2024 13:07:24 GMT
server: Apache
accept-ranges: bytes
content-length: 48502
content-type: text/css

GET
H2 200 31jdWD+JB+L.css
requests-amazon.networkappclients241.top/css/ 17 KB
18 KB 212ms
208ms Stylesheet
text/css 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/css/31jdWD+JB+L.css
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: c7bf390b9c8c44e0cfd0e3a2bd7cf963a60b9b6058f63cb1f90c50bfbd7d4fb1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Mon, 26 Feb 2024 13:09:18 GMT
server: Apache
accept-ranges: bytes
content-length: 17880
content-type: text/css

GET
H2 200 11niB2yr5DL.css
requests-amazon.networkappclients241.top/css/ 4 KB
4 KB 212ms
208ms Stylesheet
text/css 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/css/11niB2yr5DL.css
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: 1712f9f133926303d291cef44ab82d27cb8043f65cf668786a7093199f2bc2f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Sun, 24 Dec 2023 18:54:34 GMT
server: Apache
accept-ranges: bytes
content-length: 4019
content-type: text/css

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/gh/cdnlib/jquery-3.6.4/ 211 KB
63 KB 808ms
499ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/cdnlib/jquery-3.6.4/jquery.min.js

Requested by

Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

228596eb745f73f0210086dd1f0d9c31344434bb59e10b014c10a8bb3587306a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 12:28:31 GMT
x-content-type-options: nosniff
content-encoding: br
age: 0
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 63663
x-served-by: cache-fra-etou8220067-FRA, cache-ewr18152-EWR
x-jsd-version-type: branch
etag: W/"34cf6-YWnzcxzp/17qLCy5pQ7KVVI48yY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.mask.min.js Show response
requests-amazon.networkappclients241.top/js/ 8 KB
8 KB 221ms
218ms Script
application/javascript 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/js/jquery.mask.min.js
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Wed, 08 Aug 2018 20:05:00 GMT
server: Apache
accept-ranges: bytes
content-length: 8185
content-type: application/javascript

GET
H2 200 disable.js Show response
requests-amazon.networkappclients241.top/assets/js/ 311 B
363 B 214ms
213ms Script
application/javascript 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/assets/js/disable.js
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: a6c3c8b744f9bea14b131f3431f86f28a488a228d89867a99aa6c853866852b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Sun, 05 Feb 2023 14:10:26 GMT
server: Apache
accept-ranges: bytes
content-length: 311
content-type: application/javascript

GET
H2 200 mPGmT0r6IeTyIee.png
requests-amazon.networkappclients241.top/img/ 27 KB
27 KB 91ms
91ms Image
image/png 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://requests-amazon.networkappclients241.top/img/mPGmT0r6IeTyIee.png
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/css/31U9HrBLKmL.css_.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/css/31U9HrBLKmL.css_.css
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Sat, 11 Feb 2023 10:18:26 GMT
server: Apache
accept-ranges: bytes
content-length: 27972
content-type: image/png

GET
H2 200 pDxWAF1pBB0dzGB.woff2
requests-amazon.networkappclients241.top/img/ 16 KB
16 KB 93ms
91ms Font
font/woff2 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/img/pDxWAF1pBB0dzGB.woff2
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/css/31U9HrBLKmL.css_.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/css/31U9HrBLKmL.css_.css
Origin: https://requests-amazon.networkappclients241.top
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:30 GMT
last-modified: Sat, 11 Feb 2023 10:18:28 GMT
server: Apache
accept-ranges: bytes
content-length: 16616
content-type: font/woff2

GET
H2 200 AmazonEmber_W_Bd.woff2
m.media-amazon.com/images/G/01/wg/assets/fonts/ 64 KB
64 KB 395ms
93ms Font
application/font-woff2 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://m.media-amazon.com/images/G/01/wg/assets/fonts/AmazonEmber_W_Bd.woff2
Requested by: Host: requests-amazon.networkappclients241.top
URL: https://requests-amazon.networkappclients241.top/css/51ndJ60shfL.css_.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fae8d9892169edc72006fbc01c8a55c20c98ddd38f1fb927e817d290f398ca92

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/
Origin: https://requests-amazon.networkappclients241.top
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:31 GMT
age: 17583
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65400
x-served-by: cache-iad-kiad7000160-IAD, cache-ewr18159-EWR
last-modified: Mon, 20 Nov 2017 19:35:22 GMT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400,public
x-amz-ir-id: e8f8c4ed-6d5f-42f0-8794-76fab414cdc6
accept-ranges: bytes
timing-allow-origin: https://www.amazon.com
expires: Wed, 24 Jan 2024 07:37:34 GMT

GET
H2 200 favicon.png
requests-amazon.networkappclients241.top/img/ 41 KB
41 KB 95ms
93ms Other
image/png 199.250.204.160
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://requests-amazon.networkappclients241.top/img/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.250.204.160 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps105033.inmotionhosting.com
Software: Apache /
Resource Hash: d4a6df90e4bdcf12316d42c6cc893878207b40964136ce3b61d1e7102c442377

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 12:28:31 GMT
last-modified: Sat, 11 Feb 2023 08:45:32 GMT
server: Apache
accept-ranges: bytes
content-length: 41885
content-type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			verify.upkiefiles.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 132876471b32933e170c8e114f044459
			requests-amazon.networkappclients241.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: 27ee7c1a76fac5454c4b678357e6e997

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://requests-amazon.networkappclients241.top/ap/signin/1221c341f13f968fb12e78484de9b803 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amzn-usr946.us.to
cdn.jsdelivr.net
m.media-amazon.com
requests-amazon.networkappclients241.top
verify.upkiefiles.com
128.199.80.121
199.250.204.160
2a02:4780:b:1368:0:235c:3a48:2
2a04:4e42:400::272
2a04:4e42::485
1712f9f133926303d291cef44ab82d27cb8043f65cf668786a7093199f2bc2f4
228596eb745f73f0210086dd1f0d9c31344434bb59e10b014c10a8bb3587306a
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
4648abb280e111d9e38e9725b6a134d942eb08d952e07587d04555bb38b4bb6a
a6c3c8b744f9bea14b131f3431f86f28a488a228d89867a99aa6c853866852b2
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
bbe4904d452d6a0ff9e500ecd77695deaed1f94463a1ab00ca2e1bf29fd94881
c7bf390b9c8c44e0cfd0e3a2bd7cf963a60b9b6058f63cb1f90c50bfbd7d4fb1
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
d4a6df90e4bdcf12316d42c6cc893878207b40964136ce3b61d1e7102c442377
e8c15fc15b772e39f878c537bdff6f87a9ccf272a8ebb54e06470c66d8eb1dd8
fae8d9892169edc72006fbc01c8a55c20c98ddd38f1fb927e817d290f398ca92

requests-amazon.networkappclients241.top Open in urlscan Pro 199.250.204.160 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

464 kBTransfer

612 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

requests-amazon.networkappclients241.top Open in urlscan Pro
199.250.204.160 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

464 kB
Transfer

612 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!