www.amazon-amass.xyz Open in urlscan Pro
140.82.13.76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.amazon-amass.xyz/
Effective URL:
https://www.amazon-amass.xyz/ap/signin
Submission: On May 02 via automatic, source phishtank (May 2nd 2021, 8:48:46 am UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 140.82.13.76, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is www.amazon-amass.xyz.
TLS certificate: Issued by R3 on May 2nd 2021. Valid for: 3 months.

This is the only time www.amazon-amass.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 8	140.82.13.76 140.82.13.76	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2600:9000:214... 2600:9000:214f:5000:10:1731:ff49:ac01	16509 (AMAZON-02) (AMAZON-02)
8	2

8 140.82.13.76 (Piscataway, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 140.82.13.76.vultr.com

www.amazon-amass.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:5000:10:1731:ff49:ac01 (United States)

ASN16509 (AMAZON-02, US)

images-cn.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	amazon-amass.xyz 1 redirects www.amazon-amass.xyz	98 KB
1	ssl-images-amazon.com images-cn.ssl-images-amazon.com	28 KB
8	2

	Domain	Requested by
8	www.amazon-amass.xyz	1 redirects www.amazon-amass.xyz
1	images-cn.ssl-images-amazon.com	www.amazon-amass.xyz
8	2

This site contains no links.

Subject Issuer	Validity	Valid
www.amazon-amass.xyz R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
images-cn.ssl-images-amazon.com Amazon	`2021-01-15` - `2022-02-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.amazon-amass.xyz/ap/signin
Frame ID: 9D693564FA68AC93153A9D0E88209B99
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.amazon-amass.xyz/ HTTP 302
https://www.amazon-amass.xyz/ap/signin Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

126 kB
Transfer

314 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.amazon-amass.xyz/ HTTP 302
https://www.amazon-amass.xyz/ap/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
www.amazon-amass.xyz/ap/
Redirect Chain

https://www.amazon-amass.xyz/
https://www.amazon-amass.xyz/ap/signin

79 B
221 B

134ms
134ms

Document
text/html

140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon-amass.xyz/ap/signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

934d5bb9a5de921a53662411ee733ea0a5e0eb0fd8bc552aa4dcac302382900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.amazon-amass.xyz
:scheme: https
:path: /ap/signin
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sun, 02 May 2021 08:48:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip

Redirect headers

server: nginx
date: Sun, 02 May 2021 08:48:29 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache,must-revalidate
location: /ap/signin
strict-transport-security: max-age=31536000

GET
H2 200 login.js Show response
www.amazon-amass.xyz/mobile/ 24 KB
13 KB 95ms
95ms Script
application/javascript 140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon-amass.xyz/mobile/login.js

Requested by

Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/ap/signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

9229b3802b1e154529ac49051873a757e323c5aa5367aefb574ab9a9df98c36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /mobile/login.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.amazon-amass.xyz
referer: https://www.amazon-amass.xyz/ap/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amazon-amass.xyz/ap/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:48:29 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 07:17:20 GMT
server: nginx
etag: W/"60505b80-5e44"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sun, 02 May 2021 20:48:29 GMT

GET
H2 200 61ccss.css
www.amazon-amass.xyz/static/mobile/css/ 136 KB
29 KB 117ms
116ms Stylesheet
text/css 140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon-amass.xyz/static/mobile/css/61ccss.css

Requested by

Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/mobile/login.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

883b375ac1962c650077b01e672a03092160dc53ecb599e48e35639efbf16522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/mobile/css/61ccss.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.amazon-amass.xyz
referer: https://www.amazon-amass.xyz/ap/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amazon-amass.xyz/ap/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:48:29 GMT
content-encoding: gzip
last-modified: Mon, 13 Jul 2020 01:46:12 GMT
server: nginx
etag: W/"5f0bbce4-220ab"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sun, 02 May 2021 20:48:29 GMT

GET
H2 200 style.css
www.amazon-amass.xyz/static/mobile/css/ 10 KB
3 KB 152ms
151ms Stylesheet
text/css 140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon-amass.xyz/static/mobile/css/style.css

Requested by

Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/mobile/login.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

77c835ffd106cbd4cd9a2c9f747b884e926226724311e6f14031b4e0f8dd087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/mobile/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.amazon-amass.xyz
referer: https://www.amazon-amass.xyz/ap/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amazon-amass.xyz/ap/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:48:29 GMT
content-encoding: gzip
last-modified: Mon, 13 Jul 2020 08:43:07 GMT
server: nginx
etag: W/"5f0c1e9b-27f1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sun, 02 May 2021 20:48:29 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
www.amazon-amass.xyz/static/mobile/js/ 84 KB
33 KB 182ms
181ms Script
application/javascript 140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon-amass.xyz/static/mobile/js/jquery-2.2.4.min.js

Requested by

Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/mobile/login.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/mobile/js/jquery-2.2.4.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.amazon-amass.xyz
referer: https://www.amazon-amass.xyz/ap/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amazon-amass.xyz/ap/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:48:29 GMT
content-encoding: gzip
last-modified: Tue, 17 Apr 2018 12:39:18 GMT
server: nginx
etag: W/"5ad5eaf6-14e4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sun, 02 May 2021 20:48:29 GMT

GET
H2 200 jquery.validate.min.js Show response
www.amazon-amass.xyz/static/mobile/js/ 23 KB
8 KB 230ms
230ms Script
application/javascript 140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazon-amass.xyz/static/mobile/js/jquery.validate.min.js

Requested by

Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/mobile/login.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/mobile/js/jquery.validate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.amazon-amass.xyz
referer: https://www.amazon-amass.xyz/ap/signin
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amazon-amass.xyz/ap/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:48:29 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2016 02:50:38 GMT
server: nginx
etag: W/"5840e17e-5a1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sun, 02 May 2021 20:48:29 GMT

GET
H2 200 icon_1.png
www.amazon-amass.xyz/static/mobile/images/ 11 KB
11 KB 99ms
98ms Image
image/png 140.82.13.76
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amazon-amass.xyz/static/mobile/images/icon_1.png

Requested by

Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/static/mobile/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

140.82.13.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.13.76.vultr.com

Software

nginx /

Resource Hash

f5b6e0ff10a1f98ca5f76330837e57d20ca904b94123540bdb966bebff747a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/mobile/images/icon_1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.amazon-amass.xyz
referer: https://www.amazon-amass.xyz/static/mobile/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.amazon-amass.xyz/static/mobile/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:48:30 GMT
last-modified: Mon, 13 Jul 2020 00:58:45 GMT
server: nginx
etag: "5f0bb1c5-2c03"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11267
expires: Tue, 01 Jun 2021 08:48:30 GMT

GET
H2 200 AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
images-cn.ssl-images-amazon.com/images/G/01/AUIClients/ 27 KB
28 KB 39ms
8ms Image
image/png 2600:9000:214f:5000:10:1731:ff49:ac01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-cn.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
Requested by: Host: www.amazon-amass.xyz
URL: https://www.amazon-amass.xyz/static/mobile/css/61ccss.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5000:10:1731:ff49:ac01 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

Referer: https://www.amazon-amass.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 10:08:37 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
age: 8120095
edge-cache-tag: x-cache-998,/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013
x-cache: Hit from cloudfront
content-length: 27972
surrogate-key: x-cache-998 /images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013
last-modified: Fri, 22 Sep 2017 00:23:19 GMT
server: Server
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: dd9d6d64-8f26-4b4c-8778-f72a3669509b
x-amz-cf-pop: FRA53-C1
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: oxVm88SeHFtLZ5XeipGQDV14z7C5dJLw-i8iEpZLP6IZupQXQh6Qmg==
expires: Wed, 23 Jan 2041 09:13:34 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images-cn.ssl-images-amazon.com
www.amazon-amass.xyz
140.82.13.76
2600:9000:214f:5000:10:1731:ff49:ac01
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
77c835ffd106cbd4cd9a2c9f747b884e926226724311e6f14031b4e0f8dd087f
883b375ac1962c650077b01e672a03092160dc53ecb599e48e35639efbf16522
9229b3802b1e154529ac49051873a757e323c5aa5367aefb574ab9a9df98c36d
934d5bb9a5de921a53662411ee733ea0a5e0eb0fd8bc552aa4dcac302382900a
f5b6e0ff10a1f98ca5f76330837e57d20ca904b94123540bdb966bebff747a89

www.amazon-amass.xyz Open in urlscan Pro 140.82.13.76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

126 kBTransfer

314 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.amazon-amass.xyz Open in urlscan Pro
140.82.13.76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

126 kB
Transfer

314 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!