fastertypefresh-theclicks.icu Open in urlscan Pro
100.24.228.132 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mysearchweb.net/sn/neqw.cgi?6&seoref=&parameter=$keyword&se=$se&ur=1&HTTP_REFERER=http%3A%2F%2Fclicksharelaunche...
Effective URL:
http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582
Submission: On March 07 via api (March 7th 2019, 8:35:32 pm UTC) from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 100.24.228.132, located in United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is fastertypefresh-theclicks.icu.

This is the only time fastertypefresh-theclicks.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple Software Update (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	88.214.207.128 88.214.207.128	46636 (NATCOWEB) (NATCOWEB - NatCoWeb Corp.)
2 2	46.229.167.130 46.229.167.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	64.111.192.97 64.111.192.97	23393 (NUCDN) (NUCDN - NuCDN LLC)
1 1	34.228.97.32 34.228.97.32	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	100.24.228.132 100.24.228.132	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
10	143.204.208.175 143.204.208.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	2

1 88.214.207.128 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB - NatCoWeb Corp., US)

mysearchweb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.229.167.130 (Ashburn, United States) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

t2lgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.111.192.97 (Warner, United States) 1 redirects

ASN23393 (NUCDN - NuCDN LLC, US)

feston.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.97.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-228-97-32.compute-1.amazonaws.com

tracker1027-973701781.us-east-1.elb.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.228.132 (United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-100-24-228-132.compute-1.amazonaws.com

fastertypefresh-theclicks.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.208.175 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-175.fra53.r.cloudfront.net

dyo2sa0t1lfkm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net dyo2sa0t1lfkm.cloudfront.net	149 KB
2	t2lgo.com 2 redirects t2lgo.com	821 B
1	fastertypefresh-theclicks.icu fastertypefresh-theclicks.icu	24 KB
1	amazonaws.com 1 redirects tracker1027-973701781.us-east-1.elb.amazonaws.com	272 B
1	feston.pro 1 redirects feston.pro	349 B
1	mysearchweb.net 1 redirects mysearchweb.net	381 B
11	6

	Domain	Requested by
10	dyo2sa0t1lfkm.cloudfront.net	fastertypefresh-theclicks.icu
2	t2lgo.com	2 redirects
1	fastertypefresh-theclicks.icu
1	tracker1027-973701781.us-east-1.elb.amazonaws.com	1 redirects
1	feston.pro	1 redirects
1	mysearchweb.net	1 redirects
11	6

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582
Frame ID: C6FA2EF18D7C205087A40C14421F61AA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mysearchweb.net/sn/neqw.cgi?6&seoref=&parameter=$keyword&se=$se&ur=1&HTTP_REFERER=http%3A%2F... HTTP 302
http://t2lgo.com/Gmxa0?pass[filename]=Clickshare+Launcher+ HTTP 302
http://feston.pro/?group_id=3&ext_click_id=pqmcza5mz6&pub_account_id=MXP5PjoL0vnjlEchNyc--MvF8... HTTP 302
http://t2lgo.com/Y3zM9?sid5=xt9qeywygn&pub_account_id=MXP5PjoL0vnjlEchNyc--MvF8UHyZTJzsg7doQP... HTTP 302
http://tracker1027-973701781.us-east-1.elb.amazonaws.com/fds56f3f35fg4h5sf4g/dfsa3f23g54hg5d4dcfgrc/?utm_source=624&utm_campaign=7909... HTTP 302
http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

2
IPs

2
Countries

173 kB
Transfer

168 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mysearchweb.net/sn/neqw.cgi?6&seoref=&parameter=$keyword&se=$se&ur=1&HTTP_REFERER=http%3A%2F%2Fclicksharelauncherdownload.pcfreedownloadx.com%2F&default_keyword=Clickshare+Launcher+Download HTTP 302
http://t2lgo.com/Gmxa0?pass[filename]=Clickshare+Launcher+ HTTP 302
http://feston.pro/?group_id=3&ext_click_id=pqmcza5mz6&pub_account_id=MXP5PjoL0vnjlEchNyc--MvF8UHyZTJzsg7doQPe15IGEEYifwC00lPkyCq8Im_IjfBmct9WLCs___&ext_pub_account_id=&h=9386d64f8030129e8546591d64026d8b&fn=Clickshare+Launcher+ HTTP 302
http://t2lgo.com/Y3zM9?sid5=xt9qeywygn&pub_account_id=MXP5PjoL0vnjlEchNyc--MvF8UHyZTJzsg7doQPe15IGEEYifwC00lPkyCq8Im_IjfBmct9WLCs___ HTTP 302
http://tracker1027-973701781.us-east-1.elb.amazonaws.com/fds56f3f35fg4h5sf4g/dfsa3f23g54hg5d4dcfgrc/?utm_source=624&utm_campaign=7909440&clck=7tmzpdsl93&sid=5582 HTTP 302
http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set _aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0 Show response fastertypefresh-theclicks.icu/ Redirect Chain http://mysearchweb.net/sn/neqw.cgi?6&seoref=&parameter=$keyword&se=$se&ur=1&HTTP_REFERER=http%3A%2F%2Fclicksharelauncherdownload.pcfreedownloadx.com%2F&default_keyword=Clickshare+Launcher+Download http://t2lgo.com/Gmxa0?pass[filename]=Clickshare+Launcher+ http://feston.pro/?group_id=3&ext_click_id=pqmcza5mz6&pub_account_id=MXP5PjoL0vnjlEchNyc--MvF8UHyZTJzsg7doQPe15IGEEYifwC00lPkyCq8Im_IjfBmct9WLCs___&ext_pub_account_id=&h=9386d64f8030129e8546591d640... http://t2lgo.com/Y3zM9?sid5=xt9qeywygn&pub_account_id=MXP5PjoL0vnjlEchNyc--MvF8UHyZTJzsg7doQPe15IGEEYifwC00lPkyCq8Im_IjfBmct9WLCs___ http://tracker1027-973701781.us-east-1.elb.amazonaws.com/fds56f3f35fg4h5sf4g/dfsa3f23g54hg5d4dcfgrc/?utm_source=624&utm_campaign=7909440&clck=7tmzpdsl93&sid=5582 http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582	24 KB 24 KB	291ms 115ms	Document text/html	100.24.228.132 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 100.24.228.132 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-100-24-228-132.compute-1.amazonaws.com Software nginx / Resource Hash `710fff93efdcb4aecd311d6331b2250b777a62e10e0d7b7eabd468703e22875a` Request headers Host fastertypefresh-theclicks.icu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:16 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie session=696a6c86-291b-475d-833b-38aa490dc856 Server nginx Redirect headers Date Thu, 07 Mar 2019 20:35:15 GMT Content-Type text/html Content-Length 158 Connection keep-alive Location http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Server nginx
GET H/1.1	200 OK	clean_k.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	81 KB 81 KB	265ms 191ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/clean_k.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `2b6f66d6fc25784ab605c93008f911e7e99a78e5de23e0a489ee0f20f0bc2319` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront) Last-Modified Mon, 01 Oct 2018 08:43:22 GMT Server AmazonS3 ETag "03bf1d883e59c49a3564d917790bf834" x-amz-meta-origin-date-iso8601 2018-10-01T08:42:43.636Z X-Cache Miss from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 82521 X-Amz-Cf-Id 4LOfvm4VVjOHngB0VmJxwg13Zj6tvAO7gySvVuRgZMbVukQirYdd3A==
GET H/1.1	200 OK	downloadgif.gif dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	12 KB 12 KB	327ms 250ms	Image image/gif	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/downloadgif.gif Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `d714e144f5890b10e5bfb765e0ea6c31737ee11031131a0c306cc2645ef7ba81` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-09T08:38:13.325Z Server AmazonS3 ETag "71d508a5a418c2eab6ac59dab52e5f53" X-Cache Miss from cloudfront Content-Type image/gif Last-Modified Mon, 06 Jun 2016 13:29:02 GMT Connection keep-alive Accept-Ranges bytes Content-Length 11787 X-Amz-Cf-Id M_1Gva2lInfCbw8B_TFD80UYd9UmmGjkwjQAjFzqZP6iTGhQIkKFcg==
GET H/1.1	200 OK	downloadactive.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	4 KB 5 KB	201ms 124ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/downloadactive.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `85ca0e8a71da7cb9f6da2faad0b491818b83b721a03dd71a9e6c1fd23cc355fe` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-09T08:30:35.401Z Server AmazonS3 ETag "759894fc31058cbee5c154ddf8109da6" X-Cache Miss from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:29:02 GMT Connection keep-alive Accept-Ranges bytes Content-Length 4367 X-Amz-Cf-Id IBqDBL5c48ixkDJ9Msh_GVnGhH7c-2rjj10xgOXYu0gOHGFjNvieAQ==
GET H/1.1	200 OK	ok.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	3 KB 4 KB	250ms 165ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/ok.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `60bc686d0dbd4a721a5b96df034ac04067756297cf097ad6f4338b0e37c95af1` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-09T08:27:57.299Z Server AmazonS3 ETag "8735b3e852676168da0cb997fc397c4d" X-Cache Miss from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:29:04 GMT Connection keep-alive Accept-Ranges bytes Content-Length 3387 X-Amz-Cf-Id gF25mZuC976NGia12lgP-3EonxaDADLmtaIzhpLskpuVcq7feuR0FQ==
GET H/1.1	200 OK	okactive.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	3 KB 4 KB	324ms 123ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/okactive.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `2755c2a109a7dc442afa20ab5ea319eca18f94a8ea7c05e2dddb6e1264501e23` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-09T08:29:12.912Z Server AmazonS3 ETag "2b9dd1759bf55999fc392c5dbb6bb6f7" X-Cache Miss from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:29:05 GMT Connection keep-alive Accept-Ranges bytes Content-Length 3437 X-Amz-Cf-Id s4tcN23lsMrZEcNhSqMKEufBY9dxNgV4eGazG3zgm-Ud0owrB7iu0g==
GET H/1.1	200 OK	okactive@2x.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	4 KB 5 KB	368ms 128ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/okactive@2x.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `a8b80ca1f74242b77cbf0ac6ec3e8076757aa54578434944a4e4df767c9cf6ad` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-09T08:42:33.705Z Server AmazonS3 ETag "370305f8f631cc0642d7bf0d8d7f51e2" X-Cache Miss from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:29:05 GMT Connection keep-alive Accept-Ranges bytes Content-Length 4484 X-Amz-Cf-Id rjcHBEYceIchj1H04r9MTKeVc2YQLRV74qne6Sxsuzy8Sti4V6nkmg==
GET H/1.1	200 OK	downloadactive@2x.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	7 KB 7 KB	138ms 138ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/downloadactive@2x.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `911a71457c0146a07bd5d48ef8556f7a802c9feddf63d59750453ff76a443484` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2015-03-09T08:39:32.396Z Server AmazonS3 ETag "1cd55b247bf699786c644652ea0d1973" X-Cache Miss from cloudfront Content-Type image/png Last-Modified Mon, 06 Jun 2016 13:29:02 GMT Connection keep-alive Accept-Ranges bytes Content-Length 6790 X-Amz-Cf-Id K7JESJdQjsWToIgm3M7p3kRqSryX3WDdDe8anyTE0nrlmPzynUyZ7w==
GET H/1.1	200 OK	arrow__blue.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	2 KB 3 KB	46ms 14ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/arrow__blue.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `5bbee510c3b5965532d53185cadd47753740b6445f2b9bded3849424fcd2661a` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 09:48:32 GMT Via 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2017-01-30T08:48:38.478Z Server AmazonS3 Age 38805 ETag "6d26faedbdd557f7dcd86e9060de347f" X-Cache Hit from cloudfront Content-Type image/png Last-Modified Mon, 30 Jan 2017 13:50:57 GMT Connection keep-alive Accept-Ranges bytes Content-Length 2266 X-Amz-Cf-Id 8cW41hBwYNs1Yf_7ioN1m2JQy-DOEHJUiH0EE_bTHHJAmVNo55KcsA==
GET H/1.1	200 OK	pattern__safari1.jpg dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	25 KB 25 KB	199ms 165ms	Image image/jpeg	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/pattern__safari1.jpg Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `7b4d70d5fb64a31f115e1e853b7272e1415ffec2234e78e00847350c23d607fe` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2017-01-31T09:32:59.097Z Server AmazonS3 ETag "918dfef192de7b99284e969e75d6cc29" X-Cache Miss from cloudfront Content-Type image/jpeg Last-Modified Thu, 15 Feb 2018 14:46:36 GMT Connection keep-alive Accept-Ranges bytes Content-Length 25293 X-Amz-Cf-Id UXvSM5X5eTROYdR_ESFPaPoR5glyxfeG097TSXTvhUv0TiqR7ewUOQ==
GET H/1.1	200 OK	pattern__safari-arrow.png dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/	3 KB 4 KB	250ms 216ms	Image image/png	143.204.208.175 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dyo2sa0t1lfkm.cloudfront.net/lps/flash_mac/images/pattern__safari-arrow.png Requested by Host: fastertypefresh-theclicks.icu URL: http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 Protocol HTTP/1.1 Server 143.204.208.175 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-208-175.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `7c48ecdfda540af22ecb4d9638c8c0082e401cc4b45aa2df46c976ec80d38c12` Request headers Referer http://fastertypefresh-theclicks.icu/_aXvH6rK4hjpkD0vcAHQu051UjRY85zUkGUmMnNZeE0?cid=7tmzpdsl93&sid=5582 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 07 Mar 2019 20:35:17 GMT Via 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront) x-amz-meta-crossftp-original-file-date-iso8601 2017-01-30T12:13:47.914Z Server AmazonS3 ETag "496171f7f5272b0c3b8ae1d526110caf" X-Cache Miss from cloudfront Content-Type image/png Last-Modified Mon, 30 Jan 2017 13:51:01 GMT Connection keep-alive Accept-Ranges bytes Content-Length 3478 X-Amz-Cf-Id fr2Qap0egq8_bj_AvwcVDZ2rcvjBUAbqTtK6dLuZkncNYwT5pZJ0_A==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple Software Update (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| showStep

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fastertypefresh-theclicks.icu/	1969-12-31 23:59:59	Name: session Value: 696a6c86-291b-475d-833b-38aa490dc856

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dyo2sa0t1lfkm.cloudfront.net
fastertypefresh-theclicks.icu
feston.pro
mysearchweb.net
t2lgo.com
tracker1027-973701781.us-east-1.elb.amazonaws.com
100.24.228.132
143.204.208.175
34.228.97.32
46.229.167.130
64.111.192.97
88.214.207.128
2755c2a109a7dc442afa20ab5ea319eca18f94a8ea7c05e2dddb6e1264501e23
2b6f66d6fc25784ab605c93008f911e7e99a78e5de23e0a489ee0f20f0bc2319
5bbee510c3b5965532d53185cadd47753740b6445f2b9bded3849424fcd2661a
60bc686d0dbd4a721a5b96df034ac04067756297cf097ad6f4338b0e37c95af1
710fff93efdcb4aecd311d6331b2250b777a62e10e0d7b7eabd468703e22875a
7b4d70d5fb64a31f115e1e853b7272e1415ffec2234e78e00847350c23d607fe
7c48ecdfda540af22ecb4d9638c8c0082e401cc4b45aa2df46c976ec80d38c12
85ca0e8a71da7cb9f6da2faad0b491818b83b721a03dd71a9e6c1fd23cc355fe
911a71457c0146a07bd5d48ef8556f7a802c9feddf63d59750453ff76a443484
a8b80ca1f74242b77cbf0ac6ec3e8076757aa54578434944a4e4df767c9cf6ad
d714e144f5890b10e5bfb765e0ea6c31737ee11031131a0c306cc2645ef7ba81

fastertypefresh-theclicks.icu Open in urlscan Pro 100.24.228.132 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

2 IPs

2 Countries

173 kBTransfer

168 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

fastertypefresh-theclicks.icu Open in urlscan Pro
100.24.228.132 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

2
IPs

2
Countries

173 kB
Transfer

168 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!