dolmen.com.co Open in urlscan Pro
162.240.102.229 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Submission: On March 18 via api (March 18th 2024, 5:15:46 pm UTC) from US — Scanned from US

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 162.240.102.229, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is dolmen.com.co.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time dolmen.com.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 11	162.240.102.229 162.240.102.229	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	34.248.226.43 34.248.226.43	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:251... 2600:9000:2510:6000:1d:d7f6:39d3:d9e1	16509 (AMAZON-02) (AMAZON-02)
2	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
1	2600:9000:251... 2600:9000:2510:1000:1d:d7f6:39d3:d9e1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f1:3a00:3:12d0:8d40:21	16509 (AMAZON-02) (AMAZON-02)
1	67.220.228.97 67.220.228.97	16509 (AMAZON-02) (AMAZON-02)
21	8

11 162.240.102.229 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-1250426.dolmen.com.co

dolmen.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dolmen.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.226.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-226-43.eu-west-1.compute.amazonaws.com

fls-eu.amazon.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2510:6000:1d:d7f6:39d3:d9e1 (United States)

ASN16509 (AMAZON-02, US)

images-eu.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:1000:1d:d7f6:39d3:d9e1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:3a00:3:12d0:8d40:21 (United States)

ASN16509 (AMAZON-02, US)

d35uxhjf90umnp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.220.228.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

unagi.amazon.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dolmen.com.co 1 redirects dolmen.com.co www.dolmen.com.co	918 KB
4	amazon.sa fls-eu.amazon.sa — Cisco Umbrella Rank: 323962 unagi.amazon.sa — Cisco Umbrella Rank: 410621	851 B
2	telegram.org api.telegram.org — Cisco Umbrella Rank: 42288	500 B
2	ssl-images-amazon.com images-eu.ssl-images-amazon.com — Cisco Umbrella Rank: 6140	123 KB
1	cloudfront.net d35uxhjf90umnp.cloudfront.net	12 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 510	28 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 746	24 KB
21	7

	Domain	Requested by
10	dolmen.com.co	1 redirects dolmen.com.co
3	fls-eu.amazon.sa	dolmen.com.co
2	api.telegram.org	dolmen.com.co
2	images-eu.ssl-images-amazon.com	dolmen.com.co
1	unagi.amazon.sa	dolmen.com.co
1	www.dolmen.com.co
1	d35uxhjf90umnp.cloudfront.net	dolmen.com.co
1	m.media-amazon.com	dolmen.com.co
1	code.jquery.com	dolmen.com.co
21	9

This site contains links to these domains. Also see Links.

Domain
www.amazon.sa

Subject Issuer	Validity	Valid
www.siap.dolmen.com.co R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
fls-eu.amazon.com Amazon RSA 2048 M03	`2023-12-25` - `2025-01-23`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-01-05` - `2024-12-08`	a year	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
unagi-eu.amazon.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Frame ID: 0A16CBD07CE3A4342F6BAE940496D7AF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Die Zahlungsanweisungen für Ihre Rechnung eingeben

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

1105 kB
Transfer

1464 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.sa/ref=ap_frn_logo

Search URL Search Domain Scan URL

URL: https://www.amazon.sa/gp/help/customer/display.html/ref=ap_cookie_error_help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257&_ul=-1710782141257&rd_=-1710782141257&_rd=-1710782141257&fe_=-512&lk_=-342&_lk=-342&co_=-342&_co=-196&sc_=-278&rq_=-196&rs_=-130&_rs=60&dl_=-127&di_=288&de_=288&_de=288&_dc=709&ld_=709&_ld=-1710782141257&ntd=-1&ty=0&rc=0&hob=0&hoe=1&ld=710&t=1710782141967&ctb=1&csmtags=aui|aui:aui_build_date:3.23.1-2023-11-28|aui:sw:page_proxy:no_ctrl&viz=visible:1&aftb=1 HTTP 301
https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257&_ul=-1710782141257&rd_=-1710782141257&_rd=-1710782141257&fe_=-512&lk_=-342&_lk=-342&co_=-342&_co=-196&sc_=-278&rq_=-196&rs_=-130&_rs=60&dl_=-127&di_=288&de_=288&_de=288&_dc=709&ld_=709&_ld=-1710782141257&ntd=-1&ty=0&rc=0&hob=0&hoe=1&ld=710&t=1710782141967&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:1&aftb=1

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request registerfe46.php Show response
dolmen.com.co/wp-content/amazo/www.amazozz/ap/ 101 KB
101 KB 381ms
66ms Document
text/html 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 6b9b424663557e906676e674e40b59564b04d84782b80d27b72ae211b5b19796

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 17:15:40 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 99ms
33ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://dolmen.com.co/
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:15:41 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2700638
x-cache: HIT
content-length: 24606
x-served-by: cache-lga21921-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710782141.214835,VS0,VE0
etag: W/"28feccc0-11abc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 22874

GET
H/1.1 200
OK 710hicIoD5Lbff5.css
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 134 KB
134 KB 193ms
66ms Stylesheet
text/css 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/710hicIoD5Lbff5.css?AUIClients/AmazonRTL
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 12294d71e342aae78acb0501fe8043a20e26218fda46b45f04b562ed79a5880b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 137307

GET
H/1.1 200
OK 01SdjaY0ZsL._RC_31jdWD%2bJB%2bL.css%2c51ndJ60shfL.css_7e0c.css
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 57 KB
57 KB 194ms
65ms Stylesheet
text/css 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC_31jdWD%2bJB%2bL.css%2c51ndJ60shfL.css_7e0c.css?AUIClients/AuthenticationPortalAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: fccb6bdf1465e9629f69a143ab791809b9686cbe35bbe6466c2498024fae1c9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:24 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 58622

GET
H/1.1 200
OK 21PFuszay6Lc8b6.css
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 4 KB
5 KB 193ms
64ms Stylesheet
text/css 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/21PFuszay6Lc8b6.css?AUIClients/CVFAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 058d9ee2e22b801b2bf14ba5c17eb0ec0cc758fdf56c972d6eec7f83000d6329

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4534

GET
H2 200 A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0
fls-eu.amazon.sa/1/batch/1/OP/ 43 B
150 B 365ms
108ms Image
image/gif 34.248.226.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.226.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-226-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:15:41 GMT
x-amzn-requestid: acfd411c-2908-41fb-8213-29d5e9c32968
content-length: 43
content-type: image/gif

GET
H2 200 61xzeOOI6-L._RC%7C11Y+5x+kkTL.js,01rpauTep4L.js,71d9+41yctL.js_.js Show response
images-eu.ssl-images-amazon.com/images/I/ 310 KB
97 KB 116ms
35ms Script
application/x-javascript 2600:9000:2510:6000:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images-eu.ssl-images-amazon.com/images/I/61xzeOOI6-L._RC%7C11Y+5x+kkTL.js,01rpauTep4L.js,71d9+41yctL.js_.js?AUIClients/AmazonRTL
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:6000:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c15464cfd8f30e640563d03479defb5ed8b9ef8b2b84337a6be06b0ab5799bb8

Request headers

Referer: https://dolmen.com.co/
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:19:32 GMT
content-encoding: gzip
via: 1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
age: 6834844
x-amz-cf-pop: JFK50-P5
edge-cache-tag: x-cache-031,/images/I/61xzeOOI6-L
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
alt-svc: h3=":443"; ma=86400
surrogate-key: x-cache-031 /images/I/61xzeOOI6-L
last-modified: Fri, 23 Sep 2022 18:30:09 GMT
server: Server
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: d4a7ba96-3fe7-4ca5-be2c-2ccad217ef56
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: 3RSjJ5UinxQfnxC-3v5xk4zB2MVtzWnY7R79Rig2VkftO2nd7AxwAg==
expires: Thu, 05 Nov 2043 10:19:32 GMT

GET
H2 200 21ZMwVh4T0L._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61RM99J+cHL.js_.js Show response
images-eu.ssl-images-amazon.com/images/I/ 104 KB
26 KB 167ms
87ms Script
application/x-javascript 2600:9000:2510:6000:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images-eu.ssl-images-amazon.com/images/I/21ZMwVh4T0L._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61RM99J+cHL.js_.js?AUIClients/AuthenticationPortalAssets&klvnhO/g
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:6000:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 59b2f30c7c1a73c404de7e8fcda5e81776d6a59a0e83333daa27c1b04ffbdea3

Request headers

Referer: https://dolmen.com.co/
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 11:45:52 GMT
content-encoding: br
via: 1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
age: 257657
x-amz-cf-pop: JFK50-P5
edge-cache-tag: x-cache-013,/images/I/21ZMwVh4T0L
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
alt-svc: h3=":443"; ma=86400
surrogate-key: x-cache-013 /images/I/21ZMwVh4T0L
last-modified: Mon, 10 Aug 2020 22:19:37 GMT
server: Server
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: d348f56d-f175-4c52-8361-e53452d11867
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: 4JWBuxrqGjCnYie2ZC7KI4OQR43f118bajjPczIsLdQz5ZHi2cr8NQ==
expires: Thu, 04 Feb 2044 11:45:52 GMT

GET
H/1.1 200
OK 01wGDSlxwdLf98e.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 521 B
775 B 66ms
64ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/01wGDSlxwdLf98e.js?AUIClients/AuthenticationPortalInlineAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 521

GET
H/1.1 200
OK 41zkUAGye%2bL088f.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 21 KB
21 KB 66ms
65ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/41zkUAGye%2bL088f.js?AUIClients/CVFAssets&uJU2Io3m
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 297c212cce971bf5e04f54d75ce2fe6c974c33f17792c35c762fd599b89d0936

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21069

GET
H/1.1 200
OK 8135BpGZX3Lf1d7.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 323 KB
323 KB 67ms
66ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/8135BpGZX3Lf1d7.js?AUIClients/SiegeClientSideEncryptionAUI
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 8eb684de5f6d7ea4079a9a79e5e29e84f80e6790ffadd0de13e9f16841ceeec6

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 330750

GET
H/1.1 200
OK 31jdfgcsPAL5973.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 14 KB
14 KB 89ms
88ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/31jdfgcsPAL5973.js?AUIClients/AmazonUIFormControlsJS
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14537

GET
H/1.1 200
OK 8178jsL3v3Lac85.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 260 KB
260 KB 134ms
65ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/8178jsL3v3Lac85.js?AUIClients/FWCIMAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: bdec81d204fb4893c23f31b2dd4cf8a110eec9c06638ac98a11569b2476e6d05

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 17:15:40 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 266279

OPTIONS
H2 204 sendMessage
api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/ 0
0 331ms
111ms Preflight 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/sendMessage
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dolmen.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
access-control-max-age: 86400
date: Mon, 18 Mar 2024 17:15:41 GMT
server: nginx/1.18.0

POST
H2 200 sendMessage Show response
api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/ 254 B
500 B 151ms
142ms Fetch
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/sendMessage

Requested by

Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

1705727c2a7f5f905c30aae0ecf96b128afee69d2e1063dc3cc130cadd7292e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dolmen.com.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Mar 2024 17:15:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
content-length: 254

GET
H2 200 mPGmT0r6IeTyIee.png
m.media-amazon.com/images/S/sash/ 27 KB
28 KB 95ms
35ms Image
image/png 2600:9000:2510:1000:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/710hicIoD5Lbff5.css?AUIClients/AmazonRTL#not-trident.rtl-true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:1000:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:19:54 GMT
via: 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
age: 30178547
x-amz-cf-pop: JFK50-P5
edge-cache-tag: x-cache-629,/images/S/sash/mPGmT0r6IeTyIee
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
alt-svc: h3=":443"; ma=86400
content-length: 27972
surrogate-key: x-cache-629 /images/S/sash/mPGmT0r6IeTyIee
last-modified: Tue, 17 Nov 2020 23:31:33 GMT
server: Server
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 135f8856-57e3-4552-972d-bcf2a44d8e12
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: O-29lE7tGws75VUNfcFNy4s0Z0hGGCPzEWifvpZnU9lZ5iBTpQEH3A==
expires: Mon, 09 Mar 2043 17:10:08 GMT

GET
H2 200 index.js Show response
d35uxhjf90umnp.cloudfront.net/ 37 KB
12 KB 142ms
32ms Script
application/javascript 2600:9000:24f1:3a00:3:12d0:8d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35uxhjf90umnp.cloudfront.net/index.js
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/8178jsL3v3Lac85.js?AUIClients/FWCIMAssets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:3a00:3:12d0:8d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: .WCB9yvxzufrsvypRZW5w_pUwNZ4.SCn
content-encoding: gzip
via: 1.1 c7947fe0c635bc68b2cbc2a30738872c.cloudfront.net (CloudFront)
date: Mon, 18 Mar 2024 06:51:54 GMT
last-modified: Tue, 27 Apr 2021 20:18:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 37479
x-amz-server-side-encryption: AES256
etag: W/"a216acbf4c266a507cb6c7de4d63d883"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0igJzjI3z9asfXqY8AD_-iQQs1xME3e3sNz2IL0HGzh2neoynFjBqA==

GET
H/1.1

404
Not Found

uedata
www.dolmen.com.co/ap/
Redirect Chain

https://dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257&_ul...
https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257...

0
0

643ms
509ms

Image
text/html

162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257&_ul=-1710782141257&rd_=-1710782141257&_rd=-1710782141257&fe_=-512&lk_=-342&_lk=-342&co_=-342&_co=-196&sc_=-278&rq_=-196&rs_=-130&_rs=60&dl_=-127&di_=288&de_=288&_de=288&_dc=709&ld_=709&_ld=-1710782141257&ntd=-1&ty=0&rc=0&hob=0&hoe=1&ld=710&t=1710782141967&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:1&aftb=1
Protocol: HTTP/1.1
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

Date: Mon, 18 Mar 2024 17:15:41 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257&_ul=-1710782141257&rd_=-1710782141257&_rd=-1710782141257&fe_=-512&lk_=-342&_lk=-342&co_=-342&_co=-196&sc_=-278&rq_=-196&rs_=-130&_rs=60&dl_=-127&di_=288&de_=288&_de=288&_dc=709&ld_=709&_ld=-1710782141257&ntd=-1&ty=0&rc=0&hob=0&hoe=1&ld=710&t=1710782141967&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:1&aftb=1
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DRS02...
fls-eu.amazon.sa/1/batch/1/OP/ 43 B
149 B 113ms
111ms Image
image/gif 34.248.226.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DRS02CM5QATK4ZTKSAQXF%26ue%3D1%26bb%3D266%26cf%3D274%26pc%3D709%26tc%3D-512%26na_%3D-512%26ul_%3D-1710782141257%26_ul%3D-1710782141257%26rd_%3D-1710782141257%26_rd%3D-1710782141257%26fe_%3D-512%26lk_%3D-342%26_lk%3D-342%26co_%3D-342%26_co%3D-196%26sc_%3D-278%26rq_%3D-196%26rs_%3D-130%26_rs%3D60%26dl_%3D-127%26di_%3D288%26de_%3D288%26_de%3D288%26_dc%3D709%26ld_%3D709%26_ld%3D-1710782141257%26ntd%3D-1%26ty%3D0%26rc%3D0%26hob%3D0%26hoe%3D1%26ld%3D710%26t%3D1710782141967%26ctb%3D1%26csmtags%3Daui%7Caui%3Aaui_build_date%3A3.23.1-2023-11-28%7Caui%3Asw%3Apage_proxy%3Ano_ctrl%26viz%3Dvisible%3A1%26aftb%3D1:711
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.226.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-226-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:15:42 GMT
x-amzn-requestid: 4739c873-d0c6-4d68-bf02-8f0bae51bbb9
content-length: 43
content-type: image/gif

GET
H2 200 A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sc0%3Daui%3Asw%3Appft%3Acallback_ricb%26bb0%3D270%26pc0%3D290%26l...
fls-eu.amazon.sa/1/batch/1/OP/ 43 B
149 B 111ms
110ms Image
image/gif 34.248.226.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sc0%3Daui%3Asw%3Appft%3Acallback_ricb%26bb0%3D270%26pc0%3D290%26ld0%3D290%26t0%3D1710782141547%26ctb%3D1:711
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.226.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-226-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 17:15:42 GMT
x-amzn-requestid: 8e03fae4-8956-4b67-b440-0ebdf33ef79d
content-length: 43
content-type: image/gif

POST
H/1.1 200
OK com.amazon.csm.csa.prod
unagi.amazon.sa/1/events/ 2 B
403 B 395ms
118ms Ping
application/json 67.220.228.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unagi.amazon.sa/1/events/com.amazon.csm.csa.prod

Requested by

Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://dolmen.com.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 18 Mar 2024 17:15:42 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HPVSTD7G5E7FEVPC5VH0
x-amzn-RequestId: 5c9faf43-15e4-429c-a8f0-5cf23de94b4a
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Connection: keep-alive
Content-Length: 22

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dolmen.com.co/	1970-01-21 03:37:02	Name: csm-hit Value: tb:s-RS02CM5QATK4ZTKSAQXF\|1710782141522&t:1710782141522

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php Message: Mixed Content: The page at 'https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php' was loaded over HTTPS, but requested an insecure element 'http://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php(Line 224) Message: Mixed Content: The page at 'https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php' was loaded over HTTPS, but requested an insecure element 'http://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=1&bb=266&cf=274&pc=709&tc=-512&na_=-512&ul_=-1710782141257&_ul=-1710782141257&rd_=-1710782141257&_rd=-1710782141257&fe_=-512&lk_=-342&_lk=-342&co_=-342&_co=-196&sc_=-278&rq_=-196&rs_=-130&_rs=60&dl_=-127&di_=288&de_=288&_de=288&_dc=709&ld_=709&_ld=-1710782141257&ntd=-1&ty=0&rc=0&hob=0&hoe=1&ld=710&t=1710782141967&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:1&aftb=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
code.jquery.com
d35uxhjf90umnp.cloudfront.net
dolmen.com.co
fls-eu.amazon.sa
images-eu.ssl-images-amazon.com
m.media-amazon.com
unagi.amazon.sa
www.dolmen.com.co
162.240.102.229
2001:67c:4e8:f004::9
2600:9000:24f1:3a00:3:12d0:8d40:21
2600:9000:2510:1000:1d:d7f6:39d3:d9e1
2600:9000:2510:6000:1d:d7f6:39d3:d9e1
2a04:4e42:400::649
34.248.226.43
67.220.228.97
058d9ee2e22b801b2bf14ba5c17eb0ec0cc758fdf56c972d6eec7f83000d6329
12294d71e342aae78acb0501fe8043a20e26218fda46b45f04b562ed79a5880b
1705727c2a7f5f905c30aae0ecf96b128afee69d2e1063dc3cc130cadd7292e4
297c212cce971bf5e04f54d75ce2fe6c974c33f17792c35c762fd599b89d0936
2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89
432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
59b2f30c7c1a73c404de7e8fcda5e81776d6a59a0e83333daa27c1b04ffbdea3
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
6b9b424663557e906676e674e40b59564b04d84782b80d27b72ae211b5b19796
8eb684de5f6d7ea4079a9a79e5e29e84f80e6790ffadd0de13e9f16841ceeec6
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
bdec81d204fb4893c23f31b2dd4cf8a110eec9c06638ac98a11569b2476e6d05
c15464cfd8f30e640563d03479defb5ed8b9ef8b2b84337a6be06b0ab5799bb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
fccb6bdf1465e9629f69a143ab791809b9686cbe35bbe6466c2498024fae1c9c

dolmen.com.co Open in urlscan Pro 162.240.102.229 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

8 IPs

3 Countries

1105 kBTransfer

1464 kBSize

1 Cookies

2 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

69 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

dolmen.com.co Open in urlscan Pro
162.240.102.229 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

1105 kB
Transfer

1464 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!