amazingconsumerdeals.xyz Open in urlscan Pro
2606:4700:3033::681f:4e85  Malicious Activity! Public Scan

Submitted URL: http://sw8x.info/czAeG15ttW
Effective URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=B...
Submission: On September 28 via manual from US

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3033::681f:4e85, located in United States and belongs to CLOUDFLARENET, US. The main domain is amazingconsumerdeals.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 27th 2020. Valid for: a year.
This is the only time amazingconsumerdeals.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 47.242.139.4 45102 (CNNIC-ALI...)
1 212.7.204.100 60781 (LEASEWEB-...)
1 1 216.189.51.65 6921 (ARACHNITEC)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
17 3
Apex Domain
Subdomains
Transfer
15 amazingconsumerdeals.xyz
amazingconsumerdeals.xyz
323 KB
1 gstatic.com
www.gstatic.com
2 KB
1 ondemandvideo.monster
1.ondemandvideo.monster
907 B
1 dejeconia.com
go.dejeconia.com
335 B
1 rdtk.io
jtuzd.rdtk.io
826 B
1 sw8x.info
sw8x.info
200 B
17 6
Domain Requested by
15 amazingconsumerdeals.xyz amazingconsumerdeals.xyz
1 www.gstatic.com amazingconsumerdeals.xyz
1 1.ondemandvideo.monster 1 redirects
1 go.dejeconia.com 1 redirects
1 jtuzd.rdtk.io
1 sw8x.info 1 redirects
17 6

This site contains links to these domains. Also see Links.

Domain
1.ondemandvideo.monster
Subject Issuer Validity Valid
*.rdtk.io
GoGetSSL RSA DV CA
2020-05-19 -
2021-08-17
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-09-27 -
2021-09-27
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Frame ID: 1B61FEFF6170AB901DC049368A35048A
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://sw8x.info/czAeG15ttW HTTP 302
    https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru Page URL
  2. http://go.dejeconia.com/ts5603-sms-vod-us?clickid=5f72188b5e8af10001452e8c&thru=thru HTTP 302
    https://1.ondemandvideo.monster/?flux_fts=oozptaplattcaopoozeltxiioqtaacaccxlpia83c8&flux_cost=&clickid=1601... HTTP 307
    https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=104... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

326 kB
Transfer

458 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sw8x.info/czAeG15ttW HTTP 302
    https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru Page URL
  2. http://go.dejeconia.com/ts5603-sms-vod-us?clickid=5f72188b5e8af10001452e8c&thru=thru HTTP 302
    https://1.ondemandvideo.monster/?flux_fts=oozptaplattcaopoozeltxiioqtaacaccxlpia83c8&flux_cost=&clickid=1601312907.73-172980605-55447-&zone_id=ts5603-sms-vod-us&category_id=&keyword=&campaign_id= HTTP 307
    https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sw8x.info/czAeG15ttW HTTP 302
  • https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 5f70d955a490370001785f87
jtuzd.rdtk.io/
Redirect Chain
  • http://sw8x.info/czAeG15ttW
  • https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru
229 B
826 B
Document
General
Full URL
https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.7.204.100 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
926a20f4394efdadb76a3cffeb3f3b715e7031f900b96a39d2e2237710619085

Request headers

Host
jtuzd.rdtk.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Mon, 28 Sep 2020 17:08:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
redhash=NWY3MjE4OGI1ZThhZjEwMDAxNDUyZThjfDB8NWY3MGQ5NTVhNDkwMzcwMDAxNzg1Zjg3fHwxYmM3OTM0ZS05NjA3LTQ5YTYtOWRhZC0xYWExM2EzMzg4ZDV8MTYwMTMxMjkwNw==; Path=/; Domain=jtuzd.rdtk.io; Expires=Tue, 28 Sep 2021 17:08:27 GMT; SameSite=None; Secure
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Encoding
gzip

Redirect headers

Server
nginx/1.6.2
Date
Mon, 28 Sep 2020 17:08:27 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru
Primary Request /
amazingconsumerdeals.xyz/vod/7/
Redirect Chain
  • http://go.dejeconia.com/ts5603-sms-vod-us?clickid=5f72188b5e8af10001452e8c&thru=thru
  • https://1.ondemandvideo.monster/?flux_fts=oozptaplattcaopoozeltxiioqtaacaccxlpia83c8&flux_cost=&clickid=1601312907.73-172980605-55447-&zone_id=ts5603-sms-vod-us&category_id=&keyword=&campaign_id=
  • https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
17 KB
3 KB
Document
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.9
Resource Hash
fa2a1e02deae00f97df4390c1da0883a4ce4907a1255a5473715322d36e4654d

Request headers

:method
GET
:authority
amazingconsumerdeals.xyz
:scheme
https
:path
/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jtuzd.rdtk.io/5f70d955a490370001785f87?thru=thru

Response headers

status
200
date
Mon, 28 Sep 2020 17:08:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d498490e1bc342e0eac39b3f4e81c33e11601312908; expires=Wed, 28-Oct-20 17:08:28 GMT; path=/; domain=.amazingconsumerdeals.xyz; HttpOnly; SameSite=Lax
x-powered-by
PHP/7.4.9
cf-cache-status
DYNAMIC
cf-request-id
057748faf5000005bb44aff200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d9f110b2ad805bb-FRA
content-encoding
br

Redirect headers

status
307
date
Mon, 28 Sep 2020 17:08:27 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dee536390aa67dcd97ab6a7973d24e75f1601312907; expires=Wed, 28-Oct-20 17:08:27 GMT; path=/; domain=.ondemandvideo.monster; HttpOnly; SameSite=Lax PHPSESSID=bb98b9f955aeb369c2f3a94d4a4e655e; expires=Mon, 05-Oct-2020 17:08:27 GMT; Max-Age=604800; path=/; secure; SameSite=None csid3=bb98b9f955aeb369c2f3a94d4a4e655e; expires=Tue, 28-Sep-2021 17:08:27 GMT; Max-Age=31536000; path=/; secure; SameSite=None PHPSESSID=bb98b9f955aeb369c2f3a94d4a4e655e; expires=Tue, 29-Sep-2020 17:08:27 GMT; Max-Age=86400; path=/; secure; SameSite=None
x-powered-by
PHP/7.3.14
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex, noarchive, nofollow
p3p
CP="This is not a P3P policy"
location
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
cf-cache-status
DYNAMIC
cf-request-id
057748fa5c000096ce5e91a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d9f110a2cb896ce-FRA
css
amazingconsumerdeals.xyz/vod/7/extras/
5 KB
665 B
Stylesheet
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/css
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41875aa6c964e770eb0047c1f976c6f944c636a46720d95c482d6c6500ca22d

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Sep 2020 19:39:33 GMT
server
cloudflare
etag
W/"1266-5b02879e56f0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
status
200
cf-ray
5d9f110bcc9405bb-FRA
cf-request-id
057748fb58000005bb44b06200000001
style.css
amazingconsumerdeals.xyz/vod/7/extras/
33 KB
6 KB
Stylesheet
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/style.css
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93fd6abb99840aa0cfaac88c244026841f87817c0950d92e854770f1038f1bb

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:36 GMT
server
cloudflare
etag
W/"8210-5b0287a0f8851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5d9f110bcca705bb-FRA
cf-request-id
057748fb5b000005bb44b07200000001
translateelement.css
amazingconsumerdeals.xyz/vod/7/extras/
18 KB
3 KB
Stylesheet
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/translateelement.css
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:37 GMT
server
cloudflare
etag
W/"4924-5b0287a1eedb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5d9f110bcca805bb-FRA
cf-request-id
057748fb5b000005bb44b08200000001
translateelement(1).css
amazingconsumerdeals.xyz/vod/7/extras/
18 KB
3 KB
Stylesheet
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/translateelement(1).css
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:37 GMT
server
cloudflare
etag
W/"4924-5b0287a19f444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5d9f110bcca905bb-FRA
cf-request-id
057748fb5b000005bb44b09200000001
mov.png
amazingconsumerdeals.xyz/vod/7/extras/
445 B
547 B
Image
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/mov.png
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3b5813af08639f509729cbb27b1a04d96943fd26f9310cd253d046f3334702

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:35 GMT
server
cloudflare
etag
"1bd-5b0287a04d225"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5d9f110bccb005bb-FRA
content-length
445
cf-request-id
057748fb5b000005bb44b0d200000001
film.png
amazingconsumerdeals.xyz/vod/7/extras/
2 KB
2 KB
Image
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/film.png
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be2c8f23f4c5677593d5c88b76a3cddbcab7366dd48653dfa938f8dec11ea90

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:34 GMT
server
cloudflare
etag
"856-5b02879f00dc7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5d9f110bccb205bb-FRA
content-length
2134
cf-request-id
057748fb5b000005bb44b0e200000001
img-product.png
amazingconsumerdeals.xyz/vod/7/extras/
11 KB
11 KB
Image
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/img-product.png
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7458cc5c8e6464162d23320632e69d0b17de0b4631105cbe5698d56b028c040b

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:34 GMT
server
cloudflare
etag
"2b95-5b02879f52a5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5d9f110bccb305bb-FRA
content-length
11157
cf-request-id
057748fb5b000005bb44b0f200000001
jquery.js
amazingconsumerdeals.xyz/vod/7/extras/
86 KB
30 KB
Script
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/jquery.js
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:35 GMT
server
cloudflare
etag
W/"15851-5b02879ffa5f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5d9f110bccaa05bb-FRA
cf-request-id
057748fb5b000005bb44b0a200000001
svg4everybody.min.js
amazingconsumerdeals.xyz/vod/7/extras/
2 KB
1 KB
Script
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/svg4everybody.min.js
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:36 GMT
server
cloudflare
etag
W/"768-5b0287a147606"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5d9f110bccad05bb-FRA
cf-request-id
057748fb5b000005bb44b0b200000001
init.js
amazingconsumerdeals.xyz/vod/7/extras/
3 KB
711 B
Script
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/init.js
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a010f06947df03de3f279725360db238bd1ba602755372619555595b8133e35

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:35 GMT
server
cloudflare
etag
W/"bb6-5b02879fa6632"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5d9f110bccaf05bb-FRA
cf-request-id
057748fb5b000005bb44b0c200000001
translate_24dp.png
amazingconsumerdeals.xyz/vod/7/extras/
825 B
946 B
Image
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/translate_24dp.png
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:38 GMT
server
cloudflare
etag
"339-5b0287a297ccd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5d9f110bccb605bb-FRA
content-length
825
cf-request-id
057748fb5b000005bb44b10200000001
translate_24dp(1).png
amazingconsumerdeals.xyz/vod/7/extras/
825 B
963 B
Image
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/translate_24dp(1).png
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:37 GMT
server
cloudflare
etag
"339-5b0287a247b8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5d9f110bccb805bb-FRA
content-length
825
cf-request-id
057748fb5b000005bb44b11200000001
icons.svg
amazingconsumerdeals.xyz/vod/7/icons/
0
0
Other
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/icons/icons.svg
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/?clickid=1601312907&h=1043087159417024504&f=880619659117986880&ffn=1042338815568354109&r=Bayern&b=Hetzner%20online%20ag&d=1.ondemandvideo.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
status
404
cache-control
max-age=14400
cf-ray
5d9f110bccb905bb-FRA
cf-request-id
057748fb5b000005bb44b12200000001
bg.jpg
amazingconsumerdeals.xyz/vod/7/extras/
259 KB
259 KB
Image
General
Full URL
https://amazingconsumerdeals.xyz/vod/7/extras/bg.jpg
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/extras/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbb8bd903dd6fe325ab434193200da2111679906e51c2fcfc3175dde5c65708

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/extras/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 17:08:28 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Sep 2020 19:39:34 GMT
server
cloudflare
etag
"40b9c-5b02879eac251"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5d9f110c1dac05bb-FRA
content-length
265116
cf-request-id
057748fb8c000005bb44b16200000001
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: amazingconsumerdeals.xyz
URL: https://amazingconsumerdeals.xyz/vod/7/extras/translateelement(1).css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amazingconsumerdeals.xyz/vod/7/extras/translateelement(1).css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 07:45:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
379354
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Fri, 24 Sep 2021 07:45:54 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| svg4everybody

1 Cookies

Domain/Path Name / Value
.amazingconsumerdeals.xyz/ Name: __cfduid
Value: d498490e1bc342e0eac39b3f4e81c33e11601312908