urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Submission: On April 05 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
1 2 2606:2cc0:3::807 54113 (FASTLY)
7 3
Apex Domain
Subdomains		 Transfer
4 windows.net
pcloak.blob.core.windows.net
3 KB
2 amazon.com.tr
www.amazon.com.tr — Cisco Umbrella Rank: 17393
488 B
2 cloakan.co
www.cloakan.co
758 B
7 3
Domain Requested by
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
2 www.amazon.com.tr 1 redirects www.cloakan.co
2 www.cloakan.co pcloak.blob.core.windows.net
7 3

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
mail.cloakan.co
R3		 2023-03-03 -
2023-06-01		 3 months crt.sh
www.amazon.com.tr
DigiCert Global CA G2		 2022-10-19 -
2023-09-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Frame ID: CABE79A051364C764AACD22426949D59
Requests: 6 HTTP requests in this frame

Frame: https://www.amazon.com.tr/gp/cart/view.html/262-6772658-7991964
Frame ID: 1C5EBF6AD2E5E066D796ADDC8C1FC4BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

4 kB
Transfer

2 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.amazon.com.tr/gp/buy/payselect/handlers/display.html?hasWorkingJavascript=1 HTTP 302
  • https://www.amazon.com.tr/gp/cart/view.html/262-6772658-7991964

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x69269d6g5.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0e77092dbf6823afb46741cb2dcf439253a9b4d452f2977a98e8c42f9af159f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1318
Content-MD5
dAMEibA/7d0Am6kHejaLVA==
Content-Type
text/html
Date
Wed, 05 Apr 2023 22:04:10 GMT
ETag
0x8DB3056EBF0A452
Last-Modified
Wed, 29 Mar 2023 13:10:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
b887e551-e01e-0044-1a0a-68c832000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-request-id
b887e5b4-e01e-0044-6a0a-68c832000000
Date
Wed, 05 Apr 2023 22:04:10 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 05 Apr 2023 22:04:10 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
b887e641-e01e-0044-620a-68c832000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 05 Apr 2023 22:04:10 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
b887e5f4-e01e-0044-210a-68c832000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		55 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x69269d6g5
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69269d6g5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
a9f55a9e4658a9960455f9485c446ea9874f2590ae283801311d84e908536cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 22:04:07 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
45
nv.php
www.cloakan.co/ 		300 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x69269d6g5-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
b656434293e9adf75d6d7d83f720f536b5b5d6184999d7573d46759f1db3b707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 22:04:08 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
163
262-6772658-7991964
www.amazon.com.tr/gp/cart/view.html/ Frame 1C5E
Redirect Chain
  • https://www.amazon.com.tr/gp/buy/payselect/handlers/display.html?hasWorkingJavascript=1
  • https://www.amazon.com.tr/gp/cart/view.html/262-6772658-7991964
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.amazon.com.tr/gp/cart/view.html/262-6772658-7991964
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69269d6g5-m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2cc0:3::807 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
ect,rtt,downlink,device-memory,sec-ch-device-memory,viewport-width,sec-ch-viewport-width,dpr,sec-ch-dpr
accept-ch-lifetime
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-language
tr-TR
content-security-policy
upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
content-security-policy-report-only
default-src 'self' blob: https: data: mediastream: 'unsafe-eval' 'unsafe-inline';report-uri https://metrics.media-amazon.com/
content-type
text/html;charset=UTF-8
date
Wed, 05 Apr 2023 22:04:12 GMT
expires
-1
pragma
no-cache
server
Server
strict-transport-security
max-age=47474747; includeSubDomains; preload
vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
50TBZDTV2NZGDNW1R5NW
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-fra-eddf8230062-FRA
x-xss-protection
1;

Redirect headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 05 Apr 2023 22:04:12 GMT
location
https://www.amazon.com.tr/gp/cart/view.html/262-6772658-7991964
server
Server
strict-transport-security
max-age=47474747; includeSubDomains; preload
vary
Accept-Encoding,User-Agent,Content-Type,Accept-Encoding,User-Agent
x-amz-id-1
R3A8X8K0D2CVFZE6DVEP
x-amz-rid
R3A8X8K0D2CVFZE6DVEP
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-fra-eddf8230062-FRA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.amazon.com.tr/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.