windows.igh098.site - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2600:9000:2138:7800:1b:f8cc:5480:93a1, located in United States and belongs to AMAZON-02, US. The main domain is windows.igh098.site.
TLS certificate: Issued by Amazon RSA 2048 M01 on November 17th 2022. Valid for: a year.

This is the only time windows.igh098.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2406:da12:2b2... 2406:da12:2b2:7002:67fe:c40a:44e:f4d9	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:213... 2600:9000:2138:7800:1b:f8cc:5480:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2

1 2406:da12:2b2:7002:67fe:c40a:44e:f4d9 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

bm.paidcpftraining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2138:7800:1b:f8cc:5480:93a1 (United States)

ASN16509 (AMAZON-02, US)

windows.igh098.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	igh098.site windows.igh098.site	5 KB
1	paidcpftraining.com bm.paidcpftraining.com	2 KB
4	2

	Domain	Requested by
3	windows.igh098.site	windows.igh098.site
1	bm.paidcpftraining.com
4	2

This site contains links to these domains. Also see Links.

Domain
bm.paidcpftraining.com

Subject Issuer	Validity	Valid
windows.igh098.site Amazon RSA 2048 M01	`2022-11-17` - `2023-12-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro
Frame ID: B51497B9CBA519E8816161B8EBE2F200
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

******Windows Alert******!

Page URL History Show full URLs

http://bm.paidcpftraining.com/go/b736370d-4783-4472-8689-e180b4c9c5f7?bid=0.05&clickid=IhkXxrc47d0&pubfeed... Page URL
https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l... Page URL

Page Statistics

4
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

7 kB
Transfer

8 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bm.paidcpftraining.com/click
Title: x

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bm.paidcpftraining.com/go/b736370d-4783-4472-8689-e180b4c9c5f7?bid=0.05&clickid=IhkXxrc47d0&pubfeed_subid=351528_10416_20131&campaign=986785&banner=5676768&offer=2450348&carrier=Softbank+BB&os=Windows+10&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chro Page URL
https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	b736370d-4783-4472-8689-e180b4c9c5f7 Show response bm.paidcpftraining.com/go/	616 B 2 KB	154ms 120ms	Document text/html	2406:da12:2b2:7002:67fe:c40a:44e:f4d9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://bm.paidcpftraining.com/go/b736370d-4783-4472-8689-e180b4c9c5f7?bid=0.05&clickid=IhkXxrc47d0&pubfeed_subid=351528_10416_20131&campaign=986785&banner=5676768&offer=2450348&carrier=Softbank+BB&os=Windows+10&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chro Protocol HTTP/1.1 Server 2406:da12:2b2:7002:67fe:c40a:44e:f4d9 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash `712d0372cbb3d851dc19bce11616cb6f581669f94e02d353001d7139442b9802` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sat, 07 Jan 2023 23:16:07 GMT ETag W/"268-kigSxzN/8SnACW1xlj61HmjOemg" Expires Thu, 01 Jan 1970 00:00:01 GMT Server openresty Transfer-Encoding chunked Vary Accept-Encoding X-Response-Time 84.783ms accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
GET H2	200	Primary Request index_enbox18a.html Show response windows.igh098.site/mc/	5 KB 2 KB	18ms 4ms	Document text/html	2600:9000:2138:7800:1b:f8cc:5480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2138:7800:1b:f8cc:5480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `ca2db7a7515637135cb26681587e7f3176361418e152a1ec331ce51dbd188615` Request headers Referer http://bm.paidcpftraining.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers age 24176 content-encoding br content-type text/html date Sat, 07 Jan 2023 16:33:13 GMT etag W/"873ea461294b6e5c8a2498dec9ee31c9" last-modified Wed, 23 Nov 2022 14:56:57 GMT server AmazonS3 vary Accept-Encoding via 1.1 da65225c6d2caf344f334a9cf8ed5188.cloudfront.net (CloudFront) x-amz-cf-id UPibNUUjL5n3x4CIOuf9AP2FF4TDT4G3TDZL4ikgXznpcwtSwBf9BA== x-amz-cf-pop NRT12-C2 x-cache Hit from cloudfront
GET H2	200	alert.png windows.igh098.site/mc/	2 KB 3 KB	4ms 4ms	Image image/png	2600:9000:2138:7800:1b:f8cc:5480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://windows.igh098.site/mc/alert.png Requested by Host: windows.igh098.site URL: https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2138:7800:1b:f8cc:5480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `42f0b2d60cc89423aa81f6d03d76f29374ab347478a32e53506c137cbcca50f4` Request headers accept-language jp-JP,jp;q=0.9 Referer https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 07 Jan 2023 00:38:34 GMT via 1.1 da65225c6d2caf344f334a9cf8ed5188.cloudfront.net (CloudFront) last-modified Wed, 16 Nov 2022 21:25:40 GMT server AmazonS3 x-amz-cf-pop NRT12-C2 age 81455 etag "99ba0d265f54d06e18082b0caa3016a5" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2530 x-amz-cf-id zJ5E9TP8TeFGzZditiOSHGBtzpmJ3-UU9UYD8pGgzhhoABkz7tn7pA==
GET H2	200	backfix.min.js.download Show response windows.igh098.site/mc/	70 B 419 B	5ms 5ms	Script binary/octet-stream	2600:9000:2138:7800:1b:f8cc:5480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://windows.igh098.site/mc/backfix.min.js.download Requested by Host: windows.igh098.site URL: https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2138:7800:1b:f8cc:5480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56` Request headers accept-language jp-JP,jp;q=0.9 Referer https://windows.igh098.site/mc/index_enbox18a.html?bemobdata=c%3Db736370d-4783-4472-8689-e180b4c9c5f7..l%3Dc3ec5528-7b60-4743-9511-ca00351d2704..f%3D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%3D5..b%3D0..z%3D0.05..e%3DIhkXxrc47d0..c1%3D351528_10416_20131..c2%3D986785..c3%3D5676768..c4%3D2450348..c5%3DSoftbank%2520BB..c6%3DWindows%252010..c7%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 07 Jan 2023 00:38:34 GMT via 1.1 da65225c6d2caf344f334a9cf8ed5188.cloudfront.net (CloudFront) last-modified Wed, 16 Nov 2022 21:25:42 GMT server AmazonS3 x-amz-cf-pop NRT12-C2 age 81455 etag "cb75a4a5436bc5f23fd500aed9ab3ad4" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream accept-ranges bytes content-length 70 x-amz-cf-id J555OhwluD8nI5lIiYtM6U2HfBPHCVTbJjc8HZG4WjwHps3_5kI71A==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bm.paidcpftraining.com/	1970-01-20 08:46:59	Name: bemob-uniq-visit:b736370d-4783-4472-8689-e180b4c9c5f7 Value: 1
.bm.paidcpftraining.com/	1970-01-20 08:46:59	Name: bemob-rotation:b736370d-4783-4472-8689-e180b4c9c5f7:random:a1c3f29725a17064679daa2737b9ffb7 Value: 0-0-1
.bm.paidcpftraining.com/	1970-01-20 08:46:59	Name: bemob-track-url Value: https%3A%2F%2Fwindows.igh098.site%2Fmc%2Findex_enbox18a.html%3Fbemobdata%3Dc%253Db736370d-4783-4472-8689-e180b4c9c5f7..l%253Dc3ec5528-7b60-4743-9511-ca00351d2704..f%253D657ace18-27a0-4778-bcb9-ad0b0da83eba..a%253D5..b%253D0..z%253D0.05..e%253DIhkXxrc47d0..c1%253D351528_10416_20131..c2%253D986785..c3%253D5676768..c4%253D2450348..c5%253DSoftbank%252520BB..c6%253DWindows%25252010..c7%253DMozilla%25252F5.0%252520(Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64)%252520AppleWebKit%25252F537.36%252520(KHTML%25252C%252520like%252520Gecko)%252520Chro

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bm.paidcpftraining.com
windows.igh098.site
2406:da12:2b2:7002:67fe:c40a:44e:f4d9
2600:9000:2138:7800:1b:f8cc:5480:93a1
42f0b2d60cc89423aa81f6d03d76f29374ab347478a32e53506c137cbcca50f4
712d0372cbb3d851dc19bce11616cb6f581669f94e02d353001d7139442b9802
ca2db7a7515637135cb26681587e7f3176361418e152a1ec331ce51dbd188615
cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56

windows.igh098.site Open in urlscan Pro 2600:9000:2138:7800:1b:f8cc:5480:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

75 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

7 kBTransfer

8 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Indicators

windows.igh098.site Open in urlscan Pro
2600:9000:2138:7800:1b:f8cc:5480:93a1 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

7 kB
Transfer

8 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions