urlscan.io logo urlscan.io
SecurityTrails logo

lion.chairhelmet.com Open in urlscan Pro
2600:9000:2209:f000:1b:c776:62c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrx...
Effective URL: https://lion.chairhelmet.com/undefined
Submission: On March 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 7 domains to perform 3 HTTP transactions. The main IP is 2600:9000:2209:f000:1b:c776:62c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is lion.chairhelmet.com. The Cisco Umbrella rank of the primary domain is 428053.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 29th 2023. Valid for: a year.
This is the only time lion.chairhelmet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.164.96.79 16509 (AMAZON-02)
1 1 108.138.128.37 16509 (AMAZON-02)
2 2 35.244.130.28 396982 (GOOGLE-CL...)
1 1 172.64.128.12 13335 (CLOUDFLAR...)
1 1 172.67.151.107 13335 (CLOUDFLAR...)
3 2600:9000:220... 16509 (AMAZON-02)
3 1
1    18.164.96.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-79.jfk50.r.cloudfront.net
t.asrv3.com
1    108.138.128.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-37.jfk50.r.cloudfront.net
t.crdefault.link
2    35.244.130.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.130.244.35.bc.googleusercontent.com
www.h47lntrk.com
www.hoa44trk.com
1    172.64.128.12 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
a.7amz.com
1    172.67.151.107 (United States)

ASN13335 (CLOUDFLARENET, US)
a.medfoodsafety.com
3    2600:9000:2209:f000:1b:c776:62c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
lion.chairhelmet.com
Apex Domain
Subdomains		 Transfer
3 chairhelmet.com
lion.chairhelmet.com — Cisco Umbrella Rank: 428053
1 KB
1 medfoodsafety.com
a.medfoodsafety.com — Cisco Umbrella Rank: 153692
670 B
1 7amz.com
a.7amz.com — Cisco Umbrella Rank: 240806
547 B
1 hoa44trk.com
www.hoa44trk.com — Cisco Umbrella Rank: 736552
469 B
1 h47lntrk.com
www.h47lntrk.com
478 B
1 crdefault.link
t.crdefault.link
1 KB
1 asrv3.com
t.asrv3.com
1 KB
3 7
Domain Requested by
3 lion.chairhelmet.com
1 a.medfoodsafety.com 1 redirects
1 a.7amz.com 1 redirects
1 www.hoa44trk.com 1 redirects
1 www.h47lntrk.com 1 redirects
1 t.crdefault.link 1 redirects
1 t.asrv3.com 1 redirects
3 7

This site contains no links.

Subject Issuer Validity Valid
njump.xmobistein.com
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lion.chairhelmet.com/undefined
Frame ID: E9C33600A5FF5B4B75FA740E75D9B1E2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9... HTTP 307
    https://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9... HTTP 303
    https://t.crdefault.link/28326/1?aff_sub=6601f90d5c2ab826badeb6b9&aff_sub2=&aff_sub3=&aff_sub4=&aff_s... HTTP 303
    https://www.h47lntrk.com/DQ7MW8/W7SML2/?sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&su... HTTP 302
    https://www.hoa44trk.com/cmp/7FL1N8/649PWD/?__ptid=ac79e2c4cb2348b0a5ad9fcffc368c9d&sub1=102c8479f548... HTTP 302
    https://a.7amz.com/loader?a=210&s=65&t=71&p=99&s1=259&bo=2753%2C2754%2C2755%2C2756 HTTP 302
    http://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg HTTP 307
    https://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg HTTP 302
    https://lion.chairhelmet.com/?jp=65fd5b1b3a358&cid=eeie11bgXefe6XdddbX2254Xbcgd6g31d166JagaadiaebgJbhigia... Page URL
  2. https://lion.chairhelmet.com/undefined Page URL

Page Statistics

3
Requests

100 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

1
IPs

1
Countries

1 kB
Transfer

1 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrxbx7si HTTP 307
    https://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrxbx7si HTTP 303
    https://t.crdefault.link/28326/1?aff_sub=6601f90d5c2ab826badeb6b9&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=fnbeaq2gftrxbx7si&noredirect=fallback&bo=2753%2C2754%2C2755%2C2756 HTTP 303
    https://www.h47lntrk.com/DQ7MW8/W7SML2/?sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&sub3=28326&sub4=FALLBACK&bo=2753%2C2754%2C2755%2C2756 HTTP 302
    https://www.hoa44trk.com/cmp/7FL1N8/649PWD/?__ptid=ac79e2c4cb2348b0a5ad9fcffc368c9d&sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&sub3=28326&sub4=FALLBACK&sub5=&source_id=&bo=2753%2C2754%2C2755%2C2756 HTTP 302
    https://a.7amz.com/loader?a=210&s=65&t=71&p=99&s1=259&bo=2753%2C2754%2C2755%2C2756 HTTP 302
    http://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg HTTP 307
    https://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg HTTP 302
    https://lion.chairhelmet.com/?jp=65fd5b1b3a358&cid=eeie11bgXefe6XdddbX2254Xbcgd6g31d166JagaadiaebgJbhigiaJedeifciJdgh00ciJdgib00fJhd0JiiihJaJiiiiJb0bJbe&adzone=4792006&site=4780039&sitename={site.name}&linkref=11981_3_1 Page URL
  2. https://lion.chairhelmet.com/undefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrxbx7si HTTP 307
  • https://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrxbx7si HTTP 303
  • https://t.crdefault.link/28326/1?aff_sub=6601f90d5c2ab826badeb6b9&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=fnbeaq2gftrxbx7si&noredirect=fallback&bo=2753%2C2754%2C2755%2C2756 HTTP 303
  • https://www.h47lntrk.com/DQ7MW8/W7SML2/?sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&sub3=28326&sub4=FALLBACK&bo=2753%2C2754%2C2755%2C2756 HTTP 302
  • https://www.hoa44trk.com/cmp/7FL1N8/649PWD/?__ptid=ac79e2c4cb2348b0a5ad9fcffc368c9d&sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&sub3=28326&sub4=FALLBACK&sub5=&source_id=&bo=2753%2C2754%2C2755%2C2756 HTTP 302
  • https://a.7amz.com/loader?a=210&s=65&t=71&p=99&s1=259&bo=2753%2C2754%2C2755%2C2756 HTTP 302
  • http://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg HTTP 307
  • https://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg HTTP 302
  • https://lion.chairhelmet.com/?jp=65fd5b1b3a358&cid=eeie11bgXefe6XdddbX2254Xbcgd6g31d166JagaadiaebgJbhigiaJedeifciJdgh00ciJdgib00fJhd0JiiihJaJiiiiJb0bJbe&adzone=4792006&site=4780039&sitename={site.name}&linkref=11981_3_1

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lion.chairhelmet.com/
Redirect Chain
  • http://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrxbx7si
  • https://t.asrv3.com/28326/7822/0?bo=2753,2754,2755,2756&po=6456&aff_sub=6601f90d5c2ab826badeb6b9&source=fnbeaq2gftrxbx7si
  • https://t.crdefault.link/28326/1?aff_sub=6601f90d5c2ab826badeb6b9&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=fnbeaq2gftrxbx7si&noredirect=fallback&bo=2753%2C2754%2C2755%2C2756
  • https://www.h47lntrk.com/DQ7MW8/W7SML2/?sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&sub3=28326&sub4=FALLBACK&bo=2753%2C2754%2C2755%2C2756
  • https://www.hoa44trk.com/cmp/7FL1N8/649PWD/?__ptid=ac79e2c4cb2348b0a5ad9fcffc368c9d&sub1=102c8479f5481b84f00aa7626693da&sub2=fnbeaq2gftrxbx7si&sub3=28326&sub4=FALLBACK&sub5=&source_id=&bo=2753%2C27...
  • https://a.7amz.com/loader?a=210&s=65&t=71&p=99&s1=259&bo=2753%2C2754%2C2755%2C2756
  • http://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg
  • https://a.medfoodsafety.com/i?tid=47f50734-6378-4101-aab7-242035740d52&cf=agaadiaebg
  • https://lion.chairhelmet.com/?jp=65fd5b1b3a358&cid=eeie11bgXefe6XdddbX2254Xbcgd6g31d166JagaadiaebgJbhigiaJedeifciJdgh00ciJdgib00fJhd0JiiihJaJiiiiJb0bJbe&adzone=4792006&site=4780039&sitename={site.n...
624 B
874 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lion.chairhelmet.com/?jp=65fd5b1b3a358&cid=eeie11bgXefe6XdddbX2254Xbcgd6g31d166JagaadiaebgJbhigiaJedeifciJdgh00ciJdgib00fJhd0JiiihJaJiiiiJb0bJbe&adzone=4792006&site=4780039&sitename={site.name}&linkref=11981_3_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f000:1b:c776:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

apigw-requestid
VQh3VhA2liAEJ-A=
content-length
624
content-type
text/html
date
Tue, 26 Mar 2024 22:18:48 GMT
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
x-amz-cf-id
wjAikNGD6eQ6hofF7PFsK7jrWKenDqt4OdbCtSk4XxYdcPCg39rw4Q==
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86aa84c0a8dd09d6-MIA
content-length
0
date
Tue, 26 Mar 2024 22:18:47 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
location
https://lion.chairhelmet.com/?jp=65fd5b1b3a358&cid=eeie11bgXefe6XdddbX2254Xbcgd6g31d166JagaadiaebgJbhigiaJedeifciJdgh00ciJdgib00fJhd0JiiihJaJiiiiJb0bJbe&adzone=4792006&site=4780039&sitename={site.name}&linkref=11981_3_1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referer
b.montpti.top
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZN4YIkJcxrt%2B7abVHaf5iilELDUIK44z9p0TDOZrHY8X0lJKnHIgO%2BZAM6sXP67ZRgtu6bjcziGRepJNUtxAAbs1Ws8mcFMXQeEbk33MaL%2BCLpGELhHJK5%2FNeRqQREQ0%2FdcjpzYJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request undefined
lion.chairhelmet.com/ 		23 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lion.chairhelmet.com/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f000:1b:c776:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8fd54eee4277f1327015cc0bcaed8a878bf44d1804364cd5d93dfab9e2d1a5af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

apigw-requestid
VQh3aiAhFiAEJBg=
content-length
23
content-type
application/json
date
Tue, 26 Mar 2024 22:18:48 GMT
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
x-amz-cf-id
jopImYfh4102Uotw9WmnI8s-Tqs51JXZPhuvrndLLuxadxE1vqIziw==
x-amz-cf-pop
EWR53-P1
x-cache
Error from cloudfront
favicon.ico
lion.chairhelmet.com/ 		23 B
277 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lion.chairhelmet.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:f000:1b:c776:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 22:18:48 GMT
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-cache
Error from cloudfront
content-type
application/json
x-amz-cf-id
VJqbN9-_q05nPxDPvCieMjzjiFOb2SOaJ-c9wI3MNiGxcg-_CAvcsg==
content-length
23
apigw-requestid
VQh3ZhWFFiAEJvw=

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

7 Cookies

Domain/Path Name / Value
t.asrv3.com/ Name: enc_aff_session_7821
Value: ENC03c2ab697995ce1f77ea9e9e8ba20f1a202a3dfeb8fd5f838affe6244713ea3cdc9026d795d77d9b8ba6007e96312b706d97a283d9c1446f77f827d615a01eab8c4bec7a71efb74f824df9869b61b2e016966651943e6ad4ad3297ab181ea71516ab5560ad3ce376e71850eb950a9a5911d8be455b6255616d8e48e8236f264f149b65b7480f8d2c05ea94e2d0047a5bebc41eefc9720f9309b5bbad87f4ed0a79156aecb2
t.asrv3.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMy4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
t.crdefault.link/ Name: enc_aff_session_8679
Value: ENC03578216467e2bffeaea02bad98486406b02942d56cb8101eb31d506156eb14467c0d81c8dc0b920d861aafc516fe2db0afe42d826556a774ec7603d9a43ef07452292ff3ef625b02d4729c5d364939ca23098617dfa394e024488355dbf74a2438aa0724a88a3fc68363ad0d9f0e12a0cbf50c2b9cca5413098a0c2feda487216326c994244aaa83086c94204c3fda06687e87f0a7280085fbc9e4fac5f4ef9723970e752
t.crdefault.link/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyMy4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
www.h47lntrk.com/ Name: uniqueClick_W7SML2
Value: b366ed02-d601-4525-8987-854e594b2b47:1711491527
www.hoa44trk.com/ Name: uniqueClick_649PWD
Value: 9e66b0d8-fdb1-49a7-b89f-6b005d82da77:1711491527
www.hoa44trk.com/ Name: transaction_id
Value: fcefb9bdda7d456d86e1280f26f4085e

2 Console Messages

Source Level URL
Text
network error URL: https://lion.chairhelmet.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lion.chairhelmet.com/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.7amz.com
a.medfoodsafety.com
lion.chairhelmet.com
t.asrv3.com
t.crdefault.link
www.h47lntrk.com
www.hoa44trk.com
108.138.128.37
172.64.128.12
172.67.151.107
18.164.96.79
2600:9000:2209:f000:1b:c776:62c0:93a1
35.244.130.28
8fd54eee4277f1327015cc0bcaed8a878bf44d1804364cd5d93dfab9e2d1a5af