ab1.bot Open in urlscan Pro
18.66.192.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ab1.bot/
Effective URL:
https://ab1.bot/
Submission: On July 13 via manual (July 13th 2023, 5:49:40 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 18.66.192.86, located in United States and belongs to AMAZON-02, US. The main domain is ab1.bot.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 1st 2023. Valid for: a year.

This is the only time ab1.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.192.105 18.66.192.105	16509 (AMAZON-02) (AMAZON-02)
9	18.66.192.86 18.66.192.86	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
3	18.164.52.76 18.164.52.76	16509 (AMAZON-02) (AMAZON-02)
1	185.165.243.110 185.165.243.110	49981 (WORLDSTREAM) (WORLDSTREAM)
2	52.222.174.2 52.222.174.2	16509 (AMAZON-02) (AMAZON-02)
1	3.5.19.181 3.5.19.181	() ()
19	7

1 18.66.192.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-105.muc50.r.cloudfront.net

ab1.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.192.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-86.muc50.r.cloudfront.net

ab1.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

scripts.simpleanalyticscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.52.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-76.cdg50.r.cloudfront.net

publicos.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.165.243.110 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-243-110.hosted-by-worldstream.net

queue.simpleanalyticscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-2.cdg50.r.cloudfront.net

bootstrap.auxbackend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.19.181 (None, )

ASN- ()

auxbackend-apiary-messagesbucket-10vv53sj4crhk.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ab1.bot 1 redirects ab1.bot	2 MB
3	publicos.link publicos.link	74 KB
2	auxbackend.com bootstrap.auxbackend.com	116 KB
2	simpleanalyticscdn.com scripts.simpleanalyticscdn.com — Cisco Umbrella Rank: 95456 queue.simpleanalyticscdn.com — Cisco Umbrella Rank: 61465	5 KB
1	amazonaws.com auxbackend-apiary-messagesbucket-10vv53sj4crhk.s3.amazonaws.com
19	5

	Domain	Requested by
10	ab1.bot	1 redirects ab1.bot
3	publicos.link	ab1.bot publicos.link
2	bootstrap.auxbackend.com	ab1.bot
1	auxbackend-apiary-messagesbucket-10vv53sj4crhk.s3.amazonaws.com
1	queue.simpleanalyticscdn.com
1	scripts.simpleanalyticscdn.com	ab1.bot
19	6

This site contains no links.

Subject Issuer	Validity	Valid
ab1.bot Amazon RSA 2048 M02	`2023-03-01` - `2024-03-30`	a year	crt.sh
scripts.simpleanalyticscdn.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
publicos.link Amazon RSA 2048 M02	`2023-02-18` - `2024-03-19`	a year	crt.sh
queue-es.simpleanalyticscdn.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
auxbackend.com Amazon RSA 2048 M01	`2023-02-17` - `2024-03-18`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh

This page contains 3 frames:

Primary Page: https://ab1.bot/
Frame ID: 81381163F209E2E567BB2DB9FB0006D9
Requests: 11 HTTP requests in this frame

Frame: https://ab1.bot/aux-vm-iframe.html
Frame ID: 0ED7FE09D6F0887B73A00A562272CD3C
Requests: 4 HTTP requests in this frame

Frame: https://publicos.link/iframe.html
Frame ID: 22393C751CD926AEDDFD1B49F34A2F22
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

popular-peach-gayalLayer 1Layer 1Layer 1Layer 1Layer 1combine_icon

Page URL History Show full URLs

http://ab1.bot/ HTTP 301
https://ab1.bot/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

19
Requests

89 %
HTTPS

14 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

2619 kB
Transfer

11497 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ab1.bot/ HTTP 301
https://ab1.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ab1.bot/ Redirect Chain http://ab1.bot/ https://ab1.bot/	2 KB 1 KB	488ms 432ms	Document text/html	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `02ec128dc32933bfac9e6f2f3256f9f91932354f9c78a0eebc4608c07d675dcb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html date Thu, 13 Jul 2023 17:49:35 GMT etag W/"13953b90acfe2599fe90fb8782a5c8fa" last-modified Fri, 07 Jul 2023 18:58:58 GMT server AmazonS3 vary Accept-Encoding via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-id LPpfOLXMOwiPunOitLeDbmyUG7MqvuSRKaKBrqmmRnVYHs93lHY1gg== x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront Redirect headers Connection keep-alive Content-Length 167 Content-Type text/html Date Thu, 13 Jul 2023 17:49:33 GMT Location https://ab1.bot/ Server CloudFront Via 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront) X-Amz-Cf-Id gXiB3tYF_HHoJ4DLHC1bCLD1Kml7pxsitzo3Ylarg0WU4JcgMVO__A== X-Amz-Cf-Pop MUC50-P1 X-Cache Redirect from cloudfront
GET H2	200	IFrameHelpers.71230be6.js Show response ab1.bot/assets/	2 KB 1 KB	574ms 573ms	Script text/javascript	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/assets/IFrameHelpers.71230be6.js Requested by Host: ab1.bot URL: https://ab1.bot/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `c689c2981eb667fee7a99bbd050b93ac5868997be9cfd5bcbe6bf6a359a99b5a` Request headers Referer https://ab1.bot/ Origin https://ab1.bot accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:35 GMT content-encoding br via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 etag W/"a98687c313bbad5644a2cdcf5c295ee4" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript x-amz-cf-id ZnNJZKis2kJVI10PbUGpNvTyFMQU5MGXSTnJciDaICpR3CqTGpVMAA==
GET H2	200	index.432d4585.js Show response ab1.bot/assets/	7 MB 2 MB	474ms 474ms	Script text/javascript	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/assets/index.432d4585.js Requested by Host: ab1.bot URL: https://ab1.bot/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `2d8aab679d0a69e3d99948f80a44b1f6c4f33c9cca82975a8d085d70ded6c35c` Request headers Referer https://ab1.bot/ Origin https://ab1.bot accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:35 GMT content-encoding br via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 etag W/"854186631cb979f785f91a6dd3b7d37f" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript x-amz-cf-id o1dkxG78ViWcfrGERh7vAZ1g5CMDht6tibxfSu5qxcDOmoirQvyCrQ==
GET H2	200	index.d0dca97f.css ab1.bot/assets/	356 KB 46 KB	448ms 448ms	Stylesheet text/css	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/assets/index.d0dca97f.css Requested by Host: ab1.bot URL: https://ab1.bot/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `6c33bd7b2d4082c0274f0d418523d4f39d80a128c5f48484c5f4cf72cd1924fb` Request headers accept-language de-DE,de;q=0.9 Referer https://ab1.bot/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:35 GMT content-encoding br via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 etag W/"f9f993e325b977ffee92de7be5291a1d" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css x-amz-cf-id m1YNj9dOEHnrlKQScrAhFOQJ0eEVRM4PDSppHCA-efQRp-UNSQfpig==
GET H2	200	latest.js Show response scripts.simpleanalyticscdn.com/	7 KB 5 KB	111ms 33ms	Script application/javascript	2400:52e0:1e00::1082:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://scripts.simpleanalyticscdn.com/latest.js Requested by Host: ab1.bot URL: https://ab1.bot/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1082 / Resource Hash `a965bdafdcbdf6a1bc0a04fb81ee6d5fb86e1fde7a2da4e8998ab3bcf467bdb4` Request headers accept-language de-DE,de;q=0.9 Referer https://ab1.bot/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:34 GMT content-encoding br cdn-edgestorageid 1080 cdn-storageserver DE-578 cdn-cachedat 07/07/2023 01:54:51 cdn-pullzone 103822 last-modified Wed, 03 May 2023 16:16:26 GMT server BunnyCDN-DE1-1082 cdn-fileserver 68 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"645288da-1d5b" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid 621ef7c8-45de-46e4-8237-2eca0c3a2d75 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=604800 simple-analytics true cdn-requestid 20d71649f51195396512eee2376f2fd1 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET BLOB	200 OK	42576788-4276-44d9-9b8b-c4d62b4def3c https://ab1.bot/	0 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://ab1.bot/42576788-4276-44d9-9b8b-c4d62b4def3c Requested by Host: ab1.bot URL: https://ab1.bot/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 0 Content-Type application/javascript
GET H2	200	config Show response ab1.bot/api/	456 B 850 B	425ms 425ms	XHR binary/octet-stream	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/api/config Requested by Host: ab1.bot URL: https://ab1.bot/assets/index.432d4585.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `6466da82349d407eef7ef0b5e645950dad45471676ef598729c7c81b531d719b` Request headers Accept application/json, text/plain, / Referer https://ab1.bot/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:36 GMT via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:59:00 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 etag "6e3c7fd06afec5ba61fb96178bbf6fe3" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type binary/octet-stream cache-control no-cache accept-ranges bytes content-length 456 x-amz-cf-id YpkoNW8meArUJDuF_k2VjNleFh-FEQNBvY8sp_NZE0PDk2nBVxG8PA==
GET H2	200	aux-vm-iframe.html Show response ab1.bot/ Frame 0ED7	521 B 886 B	447ms 447ms	Document text/html	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/aux-vm-iframe.html Requested by Host: ab1.bot URL: https://ab1.bot/assets/index.432d4585.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `3605d4d60c6ec25e95f10cb4f948da00e736e92fe874c925295b93f3322bfebf` Request headers Referer https://ab1.bot/?inst=popular-peach-gayal&gridPortal=home Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 521 content-type text/html date Thu, 13 Jul 2023 17:49:37 GMT etag "14b8ffc27bc87327b1a795393cc3d98b" last-modified Fri, 07 Jul 2023 18:59:00 GMT server AmazonS3 via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-id RN8aYWVWwTkyM4x0Q17f010tOUtRRwnpqSEyhhRElYgQx53E-AbvFQ== x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront
GET H2	200	vm.55f4c884.js Show response ab1.bot/assets/ Frame 0ED7	2 MB 588 KB	429ms 428ms	Script text/javascript	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/assets/vm.55f4c884.js Requested by Host: ab1.bot URL: https://ab1.bot/aux-vm-iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `5423c42dc0d022a6c56138d11ff78dd90654bc64703f34f28557a1b6f2a7d07a` Request headers Referer https://ab1.bot/aux-vm-iframe.html Origin https://ab1.bot accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:37 GMT content-encoding br via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 x-amz-server-side-encryption AES256 etag W/"6ef0eb64a0235b60da058d18ab3f7ccd" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript x-amz-cf-id D2lx2j1R8fKkmFijosTy9zi9fFaVZkIVGTW632DnIPeODohTntbJKA==
GET H2	200	IFrameHelpers.71230be6.js Show response ab1.bot/assets/ Frame 0ED7	2 KB 1 KB	37ms 37ms	Script text/javascript	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/assets/IFrameHelpers.71230be6.js Requested by Host: ab1.bot URL: https://ab1.bot/aux-vm-iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash `c689c2981eb667fee7a99bbd050b93ac5868997be9cfd5bcbe6bf6a359a99b5a` Request headers Referer https://ab1.bot/aux-vm-iframe.html Origin https://ab1.bot accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:35 GMT content-encoding br via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 2 etag W/"a98687c313bbad5644a2cdcf5c295ee4" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id WeohudCZqCG77D3-hPKN3D4ZllGhBYII7sVffiku7dOknffm7MAj7Q==
GET BLOB	200 OK	4b4db02f-023e-471c-8faf-f026a4e71fc7 https://ab1.bot/ Frame 0ED7	1 MB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `c077f1644413b69b9e5d0b45b88496462c7cb4c7685b6604d278649d57dab290` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 1538380 Content-Type text/javascript;charset=utf-8
GET H2	200	iframe.html Show response publicos.link/ Frame 2239	1 KB 833 B	549ms 441ms	Document text/html	18.164.52.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://publicos.link/iframe.html Requested by Host: ab1.bot URL: https://ab1.bot/assets/index.432d4585.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.52.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-52-76.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash `0805fef44158e2ddf5d1bcedb97f5c40b83ba1de0fca8802165674bdac6c3832` Request headers Referer https://ab1.bot/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding br content-type text/html date Thu, 13 Jul 2023 17:49:38 GMT etag W/"16bf16974fcb0e2ed8f7db3e27ee4ace" last-modified Fri, 07 Jul 2023 18:58:31 GMT server AmazonS3 vary Accept-Encoding via 1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront) x-amz-cf-id nl1Bkn2OctzxPP0x9QJZx90Mr6e4lqzdigBJAm0sNAPxmQ_v0c73yg== x-amz-cf-pop CDG50-P4 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront
GET H/1.1	202 Accepted	simple.gif queue.simpleanalyticscdn.com/	43 B 429 B	110ms 32ms	Image image/gif	185.165.243.110 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://queue.simpleanalyticscdn.com/simple.gif?version=cdn_latest_11&hostname=ab1.bot&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&https=true&timezone=Etc%2FUnknown&page_id=32021313-522c-4204-882a-ae88c2bf4b29&session_id=c7ff901a-6798-491c-b962-64c196e79f37&sri=false&mobile=false&brands=%5B%5D&os_name=&os_version=&path=%2Fpopular-peach-gayal&viewport_width=1600&viewport_height=1200&language=en-US&screen_width=1600&screen_height=1200&unique=true&id=32021313-522c-4204-882a-ae88c2bf4b29&type=pageview&time=1689270577188 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.165.243.110 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-165-243-110.hosted-by-worldstream.net Software / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers accept-language de-DE,de;q=0.9 Referer https://ab1.bot/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Thu, 13 Jul 2023 17:49:37 GMT Simple-Analytics-Feedback Thanks for sending this page view! Simple-Analytics-Location "Amsterdam Worldstream 03" Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Keep-Alive timeout=5 Content-Length 43 Expires 0
GET H2	200	iframe.1d0ff67b.js Show response publicos.link/assets/ Frame 2239	20 KB 7 KB	78ms 77ms	Script text/javascript	18.164.52.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://publicos.link/assets/iframe.1d0ff67b.js Requested by Host: publicos.link URL: https://publicos.link/iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.52.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-52-76.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash `1a9c90c9e3100f846c4cdacc833e8ebc6bf12d43947ba36748ada1db21c4cc59` Request headers Referer https://publicos.link/iframe.html Origin https://publicos.link accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:37 GMT content-encoding br via 1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:29 GMT server AmazonS3 x-amz-cf-pop CDG50-P4 age 14980 x-amz-server-side-encryption AES256 etag W/"ff2ebcda2f8c289556f892fcbc62487b" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id r8BCf8cLOS3xdc1xIc1i1R5QNEx_EnCGP_x4vgnRhdUou8IBMcQhuQ==
GET H2	200	IFrameHelpers.45456bac.js Show response publicos.link/assets/ Frame 2239	216 KB 66 KB	46ms 46ms	Script text/javascript	18.164.52.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://publicos.link/assets/IFrameHelpers.45456bac.js Requested by Host: publicos.link URL: https://publicos.link/iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.52.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-52-76.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash `05faa9143c9c4ba93319d0a4bebf151221a52b92cc8fa5c5a40c779fd2932252` Request headers Referer Origin https://publicos.link accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 10:40:45 GMT content-encoding br via 1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:29 GMT server AmazonS3 x-amz-cf-pop CDG50-P4 age 25733 x-amz-server-side-encryption AES256 etag W/"5845f17b2dda541d90777a873968bd3b" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id wAaF_1k4TJGrJ3454soq1z4ECS_5JAaphzycJKyVEj59kIhNAek46w==
GET H2	200	ab1.aux Show response bootstrap.auxbackend.com/	107 KB 107 KB	602ms 462ms	XHR binary/octet-stream	52.222.174.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bootstrap.auxbackend.com/ab1.aux Requested by Host: ab1.bot URL: https://ab1.bot/assets/index.432d4585.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.174.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-174-2.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash `11406d361357fd4e2733b4ffc91baf055b615bbb67e67f0544731382419a979b` Request headers Accept application/json, text/plain, / Referer https://ab1.bot/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:39 GMT via 1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 109292 last-modified Mon, 10 Jul 2023 18:18:19 GMT server AmazonS3 etag "9bbe34e078db6df2472ff67b33cff074" vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control no-cache accept-ranges bytes x-amz-cf-id -QqTBOKcNm88LVFk_3ryRUhxfPrAQku22XHKcRFJJcz-JxYV9oagIg==
OPTIONS H/1.1	200 OK	2b0eb617-863e-4d96-8eac-17a272dcabab auxbackend-apiary-messagesbucket-10vv53sj4crhk.s3.amazonaws.com/ Frame	0 0	356ms 116ms	Preflight	3.5.19.181
General Check archive.org Show headers Download Go to Full URL https://auxbackend-apiary-messagesbucket-10vv53sj4crhk.s3.amazonaws.com/2b0eb617-863e-4d96-8eac-17a272dcabab?Content-Type=application%2Fjson&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIAV4N2TGWUEL2WUIUH%2F20230713%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230713T174939Z&X-Amz-Expires=900&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEHoaCXVzLWVhc3QtMSJHMEUCIGDSbiAERn7HXdQQ%2BsWbUOOVK7eOzZYDyD2uHFGgpPS4AiEA0Bem6rgyKGpz4xZBdI%2F%2BLrYS%2Br2uCI8YAkXE5Lgs8KYqxgMI8%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgw0MDQ2NTUxMjU5MjgiDD85KWHU30YbgWqTxCqaA9Ngv%2BJCe37rboKB7IBtCNJeMpJELEZbNdMS1pnLozR%2B5lQ7jqF9%2BqHLwcayy5OJd0kVnkNlRTWHc2yqrf0i0cUMc3nf4dlfEO9kVSLSqDnq%2FT6LJ%2BqPNVRUrj2mcd4znGtKAr1hUaOZSbCGPERvoWBhjwsVmXRlnjGFTIwS%2FAjtjoNhc8oSxZBqcjJWZnhmlg9HkoZLH7zwYRGx923WEmu7nVo0EARc6qe9NP4SI7VBRNqqS1fnvTnJwDt%2FtC5Pydwm0ZhVoKtGz%2FEPz9yRkzGN5lvBGZXXAp0cnwRBRvmcaY0QXygooRqfD9AIVsvk7dQmDpWsM%2FaceQIJDmni%2BSyr9QKlKZasMt2b%2BUXJ0XyzDpSUzDfW%2FTEud4N0BSE%2FYXWk2bT5fwoBZ9e7J1AJ%2FL0vXlB2vpVbHlYzjG43F6jYD9t1%2FSF4xwstPhejPllL8EFUqf%2FFaCgYkILb2UsEFQcz4N74yhhqrMxzX1sry4GZufLyOdMJ215X9pt%2BuR4hK8CNETahhom75KsU%2BrQQd2Wr15KDQ%2F%2ByCMcRMPDtwKUGOp4BpnB94SKW0lHnaQ3BfEhreo3JdQXBvn7svHGRHPEZhA3hitRrJZmoVkqZmJ%2B2YGwP121nLwc2McpT1qG3OcbEZg508rSSPOSf0exjp%2FUpnX9P6IYx6UGdwdJHBVzJDNsHEDJTAVdNkVShR2YZVMquBNJGh0%2FHNBbZmeMmILl9ZAsWrsX5fHt8zwqyfNw9ZT2cHat3%2FJsF4k3LFUky4aU%3D&X-Amz-Signature=d725924353cab3686d1dd51dc066bf59c7197df7a04d92c95362fbc3707c351b&X-Amz-SignedHeaders=host%3Bx-amz-acl&x-amz-acl=bucket-owner-full-control Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.19.181 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type,x-amz-acl Access-Control-Request-Method PUT Origin https://ab1.bot Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Headers content-type, x-amz-acl Access-Control-Allow-Methods GET, PUT Access-Control-Allow-Origin * Access-Control-Max-Age 3600 Content-Length 0 Date Thu, 13 Jul 2023 17:49:40 GMT Server AmazonS3 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-amz-id-2 hRo20o4s2JUPbMT6yO9NIBect/li+qVs68yqwk2YGifw18PSRjuE1OtRqIktqWTmo/21ANJzNADH5rzFb1V/XA== x-amz-request-id NK7VECZXX3VXDYAD
GET H2	200	MaterialIcons-Regular.8731aabb.ttf ab1.bot/assets/	320 KB 148 KB	501ms 499ms	Font font/ttf	18.66.192.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ab1.bot/assets/MaterialIcons-Regular.8731aabb.ttf Requested by Host: ab1.bot URL: https://ab1.bot/assets/index.d0dca97f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.192.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-192-86.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://ab1.bot/assets/index.d0dca97f.css Origin https://ab1.bot accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:40 GMT content-encoding br via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 18:58:56 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 etag W/"fc6295a305d4a8aca6c4d9d5606f8af2" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type font/ttf x-amz-cf-id 7O5XJ1VjtDm0ooVik53p9hjwmu1wDzPlXSZhJzcIHs5nwrdAdzJgQg==
GET H2	200	ab1Nugget.aux Show response bootstrap.auxbackend.com/	8 KB 8 KB	441ms 440ms	XHR binary/octet-stream	52.222.174.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bootstrap.auxbackend.com/ab1Nugget.aux Requested by Host: ab1.bot URL: https://ab1.bot/assets/index.432d4585.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.174.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-174-2.cdg50.r.cloudfront.net Software AmazonS3 / Resource Hash `2a1fcf226d85534b9e606b21cdf4b602e78d288b2286a82cbd7d2d3d9bd1bfb8` Request headers Accept application/json, text/plain, / Referer https://ab1.bot/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 13 Jul 2023 17:49:40 GMT via 1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 8035 last-modified Mon, 10 Jul 2023 18:18:19 GMT server AmazonS3 etag "dd3ca601548966c30f20aaaf3c2818e6" vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control no-cache accept-ranges bytes x-amz-cf-id opfm9Hzi2kIl5PMzhEBWS1QJU-NpuwjkxD96zIRwGzHU-oFZO8gv1g==

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ab1.bot/assets/index.432d4585.js(Line 3524) Message: Unrecognized feature: 'ambient-light-sensor'.
other	warning	URL: https://ab1.bot/assets/index.432d4585.js(Line 3524) Message: Unrecognized feature: 'vr'.
security	warning	URL: https://ab1.bot/aux-vm-iframe.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7 Message: [globalThis-polyfill] load
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [AuxChannel.worker] Listening for port...
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [AuxChannel.worker] Got port, exposing API
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [WebSocketManager] Starting...
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [WebSocketManager] Connected.
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [ApiaryConnectionClient] Connected.
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [ApiaryConnectionClient] Logging in...
worker	info	URL: blob:https://ab1.bot/4b4db02f-023e-471c-8faf-f026a4e71fc7(Line 3513) Message: [BaseAuxChannel] Sending init event
worker	info	(Line 103) Message: ab-1 START UP
worker	info	(Line 153) Message: [ab1 bootstrap] Installed ab1 version 1!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ab1.bot
auxbackend-apiary-messagesbucket-10vv53sj4crhk.s3.amazonaws.com
bootstrap.auxbackend.com
publicos.link
queue.simpleanalyticscdn.com
scripts.simpleanalyticscdn.com
18.164.52.76
18.66.192.105
18.66.192.86
185.165.243.110
2400:52e0:1e00::1082:1
3.5.19.181
52.222.174.2
02ec128dc32933bfac9e6f2f3256f9f91932354f9c78a0eebc4608c07d675dcb
05faa9143c9c4ba93319d0a4bebf151221a52b92cc8fa5c5a40c779fd2932252
0805fef44158e2ddf5d1bcedb97f5c40b83ba1de0fca8802165674bdac6c3832
11406d361357fd4e2733b4ffc91baf055b615bbb67e67f0544731382419a979b
1a9c90c9e3100f846c4cdacc833e8ebc6bf12d43947ba36748ada1db21c4cc59
2a1fcf226d85534b9e606b21cdf4b602e78d288b2286a82cbd7d2d3d9bd1bfb8
2d8aab679d0a69e3d99948f80a44b1f6c4f33c9cca82975a8d085d70ded6c35c
3605d4d60c6ec25e95f10cb4f948da00e736e92fe874c925295b93f3322bfebf
5423c42dc0d022a6c56138d11ff78dd90654bc64703f34f28557a1b6f2a7d07a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6466da82349d407eef7ef0b5e645950dad45471676ef598729c7c81b531d719b
6c33bd7b2d4082c0274f0d418523d4f39d80a128c5f48484c5f4cf72cd1924fb
a965bdafdcbdf6a1bc0a04fb81ee6d5fb86e1fde7a2da4e8998ab3bcf467bdb4
c077f1644413b69b9e5d0b45b88496462c7cb4c7685b6604d278649d57dab290
c689c2981eb667fee7a99bbd050b93ac5868997be9cfd5bcbe6bf6a359a99b5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ab1.bot Open in urlscan Pro 18.66.192.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

14 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

2619 kBTransfer

11497 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

0 Cookies

13 Console Messages

Indicators

ab1.bot Open in urlscan Pro
18.66.192.86 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

14 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

2619 kB
Transfer

11497 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions