redeemgifting.tk
Open in
urlscan Pro
159.140.213.100
Malicious Activity!
Public Scan
Submission: On June 23 via automatic, source openphish — Scanned from DE
Summary
This is the only time redeemgifting.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 159.140.213.100 159.140.213.100 | 36502 (CERNER-CO...) (CERNER-CORPORATE-AS) | |
1 | 2600:9000:215... 2600:9000:2156:ae00:1d:d7f6:39d0:c781 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2 |
ASN16509 (AMAZON-02, US)
images-na.ssl-images-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 789 |
25 KB |
1 |
redeemgifting.tk
redeemgifting.tk |
2 KB |
2 | 2 |
Domain | Requested by | |
---|---|---|
1 | images-na.ssl-images-amazon.com |
redeemgifting.tk
|
1 | redeemgifting.tk | |
2 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2022-02-01 - 2023-01-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://redeemgifting.tk/?rid=nWoYbyC
Frame ID: 5990307D77D20942AAE307A91DA9AB4D
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
redeemgifting.tk/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
images-na.ssl-images-amazon.com
redeemgifting.tk
159.140.213.100
2600:9000:2156:ae00:1d:d7f6:39d0:c781
291a053d221f652249fd8785b47107613b0cc95e2943e8d39e1624e677ebba2a
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a