limmit.ru Open in urlscan Pro
2a03:c980:dead:4003:37:143:8:149  Malicious Activity! Public Scan

Submitted URL: http://limmit.ru/image/catalog/mts/html
Effective URL: https://limmit.ru/image/catalog/mts/html/
Submission: On July 05 via api from LU — Scanned from DE

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2a03:c980:dead:4003:37:143:8:149, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is limmit.ru.
TLS certificate: Issued by R3 on June 7th 2022. Valid for: 3 months.
This is the only time limmit.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
2 3 2a03:c980:dea... 210079 (EUROBYTE ...)
6 2a04:4e42:600... 54113 (FASTLY)
1 217.182.228.53 16276 (OVH)
8 3
Apex Domain
Subdomains
Transfer
3 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 505
60 KB
3 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 789
27 KB
3 limmit.ru
limmit.ru
4 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12315
4 KB
8 4
Domain Requested by
3 m.media-amazon.com images-na.ssl-images-amazon.com
3 images-na.ssl-images-amazon.com limmit.ru
3 limmit.ru 2 redirects
1 i.ibb.co limmit.ru
8 4

This site contains no links.

Subject Issuer Validity Valid
limmit.ru
R3
2022-06-07 -
2022-09-05
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2022-06-15 -
2023-06-14
a year crt.sh
ibb.co
R3
2022-06-07 -
2022-09-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://limmit.ru/image/catalog/mts/html/
Frame ID: 70B0CE1A1695323739677A619A40E97E
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Verification

Page URL History Show full URLs

  1. http://limmit.ru/image/catalog/mts/html HTTP 301
    https://limmit.ru/image/catalog/mts/html HTTP 301
    http://limmit.ru/image/catalog/mts/html/ HTTP 307
    https://limmit.ru/image/catalog/mts/html/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

96 kB
Transfer

253 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://limmit.ru/image/catalog/mts/html HTTP 301
    https://limmit.ru/image/catalog/mts/html HTTP 301
    http://limmit.ru/image/catalog/mts/html/ HTTP 307
    https://limmit.ru/image/catalog/mts/html/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
limmit.ru/image/catalog/mts/html/
Redirect Chain
  • http://limmit.ru/image/catalog/mts/html
  • https://limmit.ru/image/catalog/mts/html
  • http://limmit.ru/image/catalog/mts/html/
  • https://limmit.ru/image/catalog/mts/html/
4 KB
4 KB
Document
General
Full URL
https://limmit.ru/image/catalog/mts/html/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:c980:dead:4003:37:143:8:149 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software
nginx/1.22.0 / PHP/7.2.34
Resource Hash
190c895a6e8dd13902f5e135c1541609e6bbdd719aeb9e60adf1e3783c638b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 21:12:35 GMT
server
nginx/1.22.0
strict-transport-security
max-age=31536000;
x-powered-by
PHP/7.2.34

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://limmit.ru/image/catalog/mts/html/
Non-Authoritative-Reason
HSTS
61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css
images-na.ssl-images-amazon.com/images/I/
137 KB
19 KB
Stylesheet
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI
Requested by
Host: limmit.ru
URL: https://limmit.ru/image/catalog/mts/html/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://limmit.ru/
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

date
Tue, 05 Jul 2022 21:12:37 GMT
content-encoding
br
age
2432485
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
19544
x-served-by
cache-iad-kjyo7100151-IAD, cache-hhn4071-HHN
last-modified
Wed, 03 Jan 2018 00:13:54 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
d6a37508-c3a5-49ac-9945-4ab3d302d8b4
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Mon, 02 Jun 2042 09:37:24 GMT
01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css
images-na.ssl-images-amazon.com/images/I/
46 KB
7 KB
Stylesheet
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css?AUIClients/AuthenticationPortalAssets
Requested by
Host: limmit.ru
URL: https://limmit.ru/image/catalog/mts/html/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://limmit.ru/
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

date
Tue, 05 Jul 2022 21:12:37 GMT
content-encoding
br
age
627079
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
MISS
server-timing
provider;desc="fy"
content-length
7165
x-served-by
cache-iad-kcgs7200021-IAD, cache-hhn4071-HHN
last-modified
Sat, 30 May 2015 02:58:48 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
9a14ed1d-d9c3-4b8e-ab6f-778ae8ea0b48
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Fri, 16 May 2042 00:52:51 GMT
11E08O3eXDL.css
images-na.ssl-images-amazon.com/images/I/
2 KB
881 B
Stylesheet
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/11E08O3eXDL.css?AUIClients/CVFAssets
Requested by
Host: limmit.ru
URL: https://limmit.ru/image/catalog/mts/html/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://limmit.ru/
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

date
Tue, 05 Jul 2022 21:12:37 GMT
content-encoding
br
age
1206774
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
726
x-served-by
cache-iad-kiad7000044-IAD, cache-hhn4071-HHN
last-modified
Fri, 27 Mar 2020 19:40:05 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
e6c84478-1a88-49bf-8ff1-a71e1932b729
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Sun, 20 Apr 2042 17:08:03 GMT
828028a4f4a84acabd1a94001a5c8a7c.jpg
i.ibb.co/1XvK992/
4 KB
4 KB
Image
General
Full URL
https://i.ibb.co/1XvK992/828028a4f4a84acabd1a94001a5c8a7c.jpg
Requested by
Host: limmit.ru
URL: https://limmit.ru/image/catalog/mts/html/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.182.228.53 , France, ASN16276 (OVH, FR),
Reverse DNS
ip53.ip-217-182-228.eu
Software
nginx /
Resource Hash
9d021be18c53ca0d51304debf94034495d7b6bb25bccc673e58fd715ae51ed46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://limmit.ru/
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

date
Tue, 05 Jul 2022 21:12:37 GMT
last-modified
Fri, 24 Jul 2020 00:21:29 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4043
expires
Thu, 31 Dec 2037 23:55:55 GMT
AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
m.media-amazon.com/images/G/01/AUIClients/
27 KB
28 KB
Image
General
Full URL
https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI#us.not-trident
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://images-na.ssl-images-amazon.com/
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

timing-allow-origin
https://www.amazon.com
date
Tue, 05 Jul 2022 21:12:37 GMT
last-modified
Fri, 22 Sep 2017 00:23:19 GMT
age
3068492
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
expires
Fri, 23 May 2042 23:25:46 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
fcc48891-0d01-4ddb-a8bf-a5cb2404ae15
server-timing
provider;desc="fy"
accept-ranges
bytes
content-type
image/png
content-length
27972
x-served-by
cache-iad-kiad7000020-IAD, cache-hhn4071-HHN
AmazonUIBaseCSS-amazonember_rg-cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa._V2_.woff2
m.media-amazon.com/images/G/01/AUIClients/
16 KB
16 KB
Font
General
Full URL
https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-amazonember_rg-cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa._V2_.woff2
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI#us.not-trident
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
013d1dc68fadda651c773b6deb153e3e8b4dd612fb2af70db48c87af7808d1e7

Request headers

Referer
https://images-na.ssl-images-amazon.com/
Origin
https://limmit.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

timing-allow-origin
https://www.amazon.com
date
Tue, 05 Jul 2022 21:12:37 GMT
last-modified
Sat, 11 Jun 2016 01:31:21 GMT
age
1831497
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
expires
Sat, 07 Jun 2042 10:38:27 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
0525778a-c44a-462f-81ac-4092608cecbb
server-timing
provider;desc="fy"
accept-ranges
bytes
content-type
application/font-woff2; charset=utf-8
content-length
16616
x-served-by
cache-iad-kjyo7100142-IAD, cache-hhn4044-HHN
AmazonUIBaseCSS-amazonember_bd-46b91bda68161c14e554a779643ef4957431987b._V2_.woff2
m.media-amazon.com/images/G/01/AUIClients/
16 KB
16 KB
Font
General
Full URL
https://m.media-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-amazonember_bd-46b91bda68161c14e554a779643ef4957431987b._V2_.woff2
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI#us.not-trident
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0eef431cee18b1dc43636dd2a7703b7c0ce9f6bdbad9f280b7313d0ded232327

Request headers

Referer
https://images-na.ssl-images-amazon.com/
Origin
https://limmit.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows; U; Windows NT 6.0 (x86_64); de-DE) AppleWebKit/532.0 (KHTML, like Gecko) Chrome/4.0.202.2 Safari/532.0

Response headers

timing-allow-origin
https://www.amazon.com
date
Tue, 05 Jul 2022 21:12:37 GMT
last-modified
Sat, 11 Jun 2016 01:31:24 GMT
age
3675619
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
expires
Sat, 17 May 2042 09:13:18 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
bf5a39f2-ec4d-4b43-b648-6a5f3b94b23d
server-timing
provider;desc="fy"
accept-ranges
bytes
content-type
application/font-woff2; charset=utf-8
content-length
16460
x-served-by
cache-iad-kjyo7100073-IAD, cache-hhn4044-HHN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;