urlscan.io logo urlscan.io
SecurityTrails logo

s3.amazonaws.com Open in urlscan Pro
52.216.1.179  Public Scan

Go To Rescan Add Verdict Report
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Submission: On March 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 6 domains to perform 18 HTTP transactions. The main IP is 52.216.1.179, located in Ashburn, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is s3.amazonaws.com.
This is the only time s3.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 52.216.1.179 16509 (AMAZON-02)
1 104.111.231.90 16625 (AKAMAI-AS)
1 2 91.214.6.22 26415 (VERISIGN-INC)
1 66.128.58.228 7819 (GLOBAL-IP...)
2 2 50.63.202.88 26496 (AS-26496-...)
2 2 184.168.221.67 26496 (AS-26496-...)
1 2 50.63.202.80 26496 (AS-26496-...)
3 52.216.232.229 16509 (AMAZON-02)
5 52.216.96.197 16509 (AMAZON-02)
1 46.105.201.240 16276 (OVH)
1 192.99.0.18 16276 (OVH)
18 9
4    52.216.1.179 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    104.111.231.90 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-231-90.deploy.static.akamaitechnologies.com
www.discover.com
2    91.214.6.22 (United Kingdom)

ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US)
www.hsbc.co.uk
1    66.128.58.228 (Frisco, United States)

ASN7819 (GLOBAL-IP-NETWORKS - Global IP Networks INC, US)
www.i1.creditdonkey.com
2    50.63.202.88 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-63-202-88.ip.secureserver.net
www.paydaypayyau.com
2    184.168.221.67 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-221-67.ip.secureserver.net
www.paydaypayyau.com
2    50.63.202.80 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-63-202-80.ip.secureserver.net
www.paydaypayyau.com
3    52.216.232.229 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
5    52.216.96.197 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.0.18 (MontrĂ©al, Canada)

ASN16276 (OVH, FR)
PTR: ns500308.ip-192-99-0.net
s4.histats.com
Domain Requested by
12 s3.amazonaws.com s3.amazonaws.com
6 www.paydaypayyau.com 5 redirects s3.amazonaws.com
2 www.hsbc.co.uk 1 redirects s3.amazonaws.com
1 s4.histats.com s10.histats.com
1 s10.histats.com s3.amazonaws.com
1 www.i1.creditdonkey.com s3.amazonaws.com
1 www.discover.com s3.amazonaws.com
18 7

This site contains no links.

Subject Issuer Validity Valid
www.discover.com
DigiCert SHA2 Extended Validation Server CA		 2019-03-13 -
2021-03-19		 2 years crt.sh
www.hsbc.co.uk
DigiCert SHA2 Extended Validation Server CA		 2018-10-22 -
2019-09-08		 a year crt.sh

This page contains 1 frames:

Primary Page: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Frame ID: 6783AEA0FBBD3A196CE562676A799101
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /AmazonS3/i

Page Statistics

18
Requests

11 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

9
IPs

5
Countries

163 kB
Transfer

162 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/processing_contactless.jpg HTTP 301
  • https://www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/processing_contactless.jpg
Request Chain 4
  • http://www.paydaypayyau.com/_js/2k16pf19961.js HTTP 302
  • http://www.paydaypayyau.com/cYTYQ/_js/2k16pf19961.js HTTP 302
  • http://www.paydaypayyau.com/NSbWM/cYTYQ/_js/2k16pf19961.js HTTP 302
  • http://www.paydaypayyau.com/NSbWM/cYTYQ/_js/2k16pf19961.js HTTP 302
  • http://www.paydaypayyau.com/cYTYQ/_js/2k16pf19961.js HTTP 302
  • http://www.paydaypayyau.com/_js/2k16pf19961.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request discover-card-fraud-customer-service-number.html
s3.amazonaws.com/shifty4idsafe/ 		23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.1.179 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1c490c71aad7e4cab7bea55269abda7f69d122464619378820038d061760980a

Request headers

Host
s3.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-id-2
UgG51wK9CxRe0xUfx2jW5nao/xWEGZ9R/hB6wg9R0pKeFiiTdRgEUvoN6LBAvuyyIofDAQY58q4=
x-amz-request-id
F8CA3365F9C50124
Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 14:48:42 GMT
ETag
"769f93c98a4e670bf93b06b99779cbf5"
x-amz-meta-s3b-last-modified
20161104T095532Z
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
23167
Server
AmazonS3
rssicon.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		604 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/rssicon.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.1.179 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
250b26ceb1371d95af6cf247079bcba1b3bce9f2a5d80bfe229a1cc9c2bc0995

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:20:14 GMT
Server
AmazonS3
x-amz-request-id
0FBAD54E7BE51FC1
ETag
"871c7441a0c8cc141ffb159107509309"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
604
x-amz-id-2
hIfykigqvAcAtLMf68PXh4kdrn/SpyVwhpZi0S/3ejItWf26dSAOL8u36zHrpIb0F0fXo8wCbmI=
x-amz-meta-s3b-last-modified
20090218T023830Z
card-art-garnet.png
www.discover.com/credit-cards/images/rewards/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.discover.com/credit-cards/images/rewards/card-art-garnet.png
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.231.90 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-231-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a8e829f3badfa854384484230a4aabd0be793c90adfdf1ea115764617088f9e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options
nosniff
Last-Modified
Fri, 27 Oct 2017 17:57:30 GMT
Date
Thu, 21 Mar 2019 14:12:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66330
X-XSS-Protection
1; mode=block
Expires
Fri, 22 Mar 2019 14:12:12 GMT
processing_contactless.jpg
www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/
Redirect Chain
  • http://www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/processing_contactless.jpg
  • https://www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/processing_contactless.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/processing_contactless.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.214.6.22 , United Kingdom, ASN26415 (VERISIGN-INC - VeriSign Global Registry Services, US),
Reverse DNS
Software
/
Resource Hash
97061675b9b30dbb1f6ce380285d75d39ab982458d29117ac27ceab65c2c7672
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:11 GMT
Content-Type
image/jpeg
Last-Modified
Tue, 04 Mar 2014 12:53:41 GMT
Vary
User-Agent
Content-Language
en-US
Connection
Keep-Alive
Strict-Transport-Security
max-age=16070400; includeSubDomains
S
gbl07-hbeu-ukpib07311B
Keep-Alive
timeout=5, max=100
Content-Length
9836

Redirect headers

Date
Thu, 21 Mar 2019 14:12:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://www.hsbc.co.uk/1/PA_esf-ca-app-content/content/pws/content/personal/customer-support/card-services/using-your-card/contactless/images/processing_contactless.jpg
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
279
calendar-flip.jpg
www.i1.creditdonkey.com/image/1/550w/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.i1.creditdonkey.com/image/1/550w/calendar-flip.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
66.128.58.228 Frisco, United States, ASN7819 (GLOBAL-IP-NETWORKS - Global IP Networks INC, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
e7ce3683740c00c4b94ee04f86b8b739e644a3775bd8fbd6e1e3d9cdb41110e0

Request headers

Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:11:55 GMT
Last-Modified
Thu, 21 Mar 2019 14:11:55 GMT
Server
Microsoft-IIS/8.0
ETag
"9OGKJU+jFwYW/awe0EDKLA=="
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
content-disposition
inline;filename=calendar-flip.jpg
Content-Length
30928
Expires
Thu, 28 Mar 2019 14:11:55 GMT
2k16pf19961.js
www.paydaypayyau.com/_js/
Redirect Chain
  • http://www.paydaypayyau.com/_js/2k16pf19961.js
  • http://www.paydaypayyau.com/cYTYQ/_js/2k16pf19961.js
  • http://www.paydaypayyau.com/NSbWM/cYTYQ/_js/2k16pf19961.js
  • http://www.paydaypayyau.com/NSbWM/cYTYQ/_js/2k16pf19961.js
  • http://www.paydaypayyau.com/cYTYQ/_js/2k16pf19961.js
  • http://www.paydaypayyau.com/_js/2k16pf19961.js
495 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.paydaypayyau.com/_js/2k16pf19961.js
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
50.63.202.80 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-202-80.ip.secureserver.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
97ecf14bd56dbb8e4e694e31884f7ba06d90f764a6f4bd7c78333c4b47d58549

Request headers

Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Mar 2019 14:12:13 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
Age
0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Content-Length
463
Expires
-1

Redirect headers

Location
/_js/2k16pf19961.js
Pragma
no-cache
cache-control
no-cache
Connection
close
style.css
s3.amazonaws.com/shifty4idsafe/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/shifty4idsafe/style.css
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.232.229 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
eb5058cb79772f113b9af7f9ac6b69335cc7519ccc7557ea1e8ac40a22008c67

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Tue, 22 Nov 2016 06:15:52 GMT
Server
AmazonS3
x-amz-request-id
EEA4530BB2475C2E
ETag
"c0ef7b62afc6fcb3d29c3caab9d394a0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
5472
x-amz-id-2
9mAGQ1pwQQTV9iryUt6nNErMUYB+EvsF5+qQJ/xmFGt8oZw+z5cDAOCMRTpjEYfbxx1nl/V0qAg=
x-amz-meta-s3b-last-modified
20090218T023830Z
bkg.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		472 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/bkg.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.232.229 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
34008af95de810583699c0eee191c0e8d97f210f048c3c5cd48143f55fb3eb46

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:19:14 GMT
Server
AmazonS3
x-amz-request-id
2067E211F2F49464
ETag
"bba71ad60063f770df131658e50d697a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
472
x-amz-id-2
DZpMIccWhidNU9RSx48V74i2S8tUwUMk3pP/hV9Xj4muazt5RlwY8nCM4Fim5eRuWxX/6EATpo0=
x-amz-meta-s3b-last-modified
20090218T023830Z
toppattern.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/toppattern.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.1.179 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e2626262127158fcf9a2af9ea862f047cebd4fd5e2b2783fc822a0203b320516

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:21:11 GMT
Server
AmazonS3
x-amz-request-id
15D1B5FB870FFAB7
ETag
"2df51b7364cd14a53bd439380da111f3"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1844
x-amz-id-2
ucbT4zJOb9COH59HK4SwveEcDKUC9NayKKLWIsTqF3t3Si+LVKqOZf9BAHJIwG+B/qJ06qEtJkM=
x-amz-meta-s3b-last-modified
20090218T023830Z
searchbar.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/searchbar.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.96.197 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1e3834b47bc8e971ff4bb772ad82466c8620a2131fc5c58ba652d89b45609a54

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:20:14 GMT
Server
AmazonS3
x-amz-request-id
6CECB87C0075225D
ETag
"a8fd733a1a3e63a42bcf759c7b677129"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10616
x-amz-id-2
e3ITFoc3pqN2++lHi8w04jzzPmEaGBP9a40pQuhS7ZH64brOfO8ElmRzs0pDccsduZsmM7Dh6kA=
x-amz-meta-s3b-last-modified
20090218T023830Z
toppattern2.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/toppattern2.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.96.197 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a3409acfeda652a909eff3f65a1a7519b7a173517b02dfca5595a8b2b7dd7a6d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:21:11 GMT
Server
AmazonS3
x-amz-request-id
9B766CE1552DDF3E
ETag
"0ab763186ca233542e1d1a90dcdee837"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1294
x-amz-id-2
c2Fl95/BMQq1tDVTB30cchUfyoeI5ulDZtskhChlNucZh3YQv5gheUzsuJDtSr/Jx96rhoiR9RI=
x-amz-meta-s3b-last-modified
20090218T023830Z
lmenu.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/lmenu.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.232.229 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9f168adede954484562879eded86212e887587a0a4dce5a65eec6ce5da6b9c18

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:19:14 GMT
Server
AmazonS3
x-amz-request-id
F9AA67E5665F748E
ETag
"bc2913815d272fafdad7b86da8a57f29"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1791
x-amz-id-2
d4KZb9N9cZQ6/0W8+S011vhC2GM/lE5MZ96A3ac/W/pPeszf1X6BTs9i+/1vFGDwmrucibt+Cuk=
x-amz-meta-s3b-last-modified
20090218T023830Z
wraper.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		500 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/wraper.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.1.179 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
98a3db322db9dbeee03de6304c7fbfb3460ab1ac4f0fe65eb2cef4e15161bd60

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:21:10 GMT
Server
AmazonS3
x-amz-request-id
67A20BFE6E3F5C1A
ETag
"de3789bdd194f291e6167ea15bd8a19e"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
500
x-amz-id-2
5dseCEfWBOa0Wa2pjRE2w9YGk+TiaoT+KzzchKWMJWsxxvw2g+LzUtjSCrCUPkR2YLCfQK+QCU4=
x-amz-meta-s3b-last-modified
20090218T023830Z
sidebar.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		360 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/sidebar.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.96.197 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6350edadb51ba61b7b226c723e25486aed36967e5ece9ef8cc41346751e8bc01

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:20:15 GMT
Server
AmazonS3
x-amz-request-id
91E64BA97C77F63E
ETag
"155eaba26a0fb89f9f0a4e7fdd3b116f"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
360
x-amz-id-2
Nf4s7aDE9XPjJBqklU/EMARu1xt9KUt8TjbHesuuxSxS4NWWH/KBQ3Q2BzWYcnNzCekNumxu19k=
x-amz-meta-s3b-last-modified
20090218T023830Z
widgetheader.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/widgetheader.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.96.197 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dd9c420660e9fe5f42a90c72dd3b3ed42b17e343cfc94b98ed9f8c03dc302e40

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:21:11 GMT
Server
AmazonS3
x-amz-request-id
4754E33A12400A1A
ETag
"37b712f2028c5add0b841cfc40729942"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
858
x-amz-id-2
BU0H8MxfkL3Ubo+bV3gPyxnGcK6QyvHQNUMtl18PiFIcyozgxkGQJa6rgmcvyjVUXVIqe1UVh+Y=
x-amz-meta-s3b-last-modified
20090218T023830Z
footer.jpg
s3.amazonaws.com/shifty4idsafe/img/ 		355 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s3.amazonaws.com/shifty4idsafe/img/footer.jpg
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
52.216.96.197 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
44ddfd9217a48ad72757de14b2d21caabe88ddd508f5622058b8518a7b28c7c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s3.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://s3.amazonaws.com/shifty4idsafe/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:12 GMT
Last-Modified
Mon, 21 Nov 2016 12:19:14 GMT
Server
AmazonS3
x-amz-request-id
987AA9B929483C10
ETag
"cd2b37c470d145393bde652e3a7852d3"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
355
x-amz-id-2
wBh8CGeD7QH5pJ5gI/oOZIwddmX7thdePvbGyCTGPRQMC6127LIYmAHBv605iphsRu/UU+74PzY=
x-amz-meta-s3b-last-modified
20090218T023830Z
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:04:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4747
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4525
0.php
s4.histats.com/stats/ 		51 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3539178&@f16&@g1&@h1&@i1&@j1553177533989&@k0&@l1&@mBarclays%20shared%20services%20fraud%20hotline%2C%20identity%20theft%20protection%20enhanced%20x128%2C%20discover%20card%20fraud%20customer%20service%20number&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-193838856&@b3:1553177534&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fs3.amazonaws.com%2Fshifty4idsafe%2Fdiscover-card-fraud-customer-service-number.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
192.99.0.18 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500308.ip-192-99-0.net
Software
/
Resource Hash
9e817391412d49b23d3d92ca72df7f7676b0e30f8a4da4a6a3ee024c71e1d3c6

Request headers

Referer
http://s3.amazonaws.com/shifty4idsafe/discover-card-fraud-customer-service-number.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Mar 2019 14:12:14 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s10.histats.com
s3.amazonaws.com
s4.histats.com
www.discover.com
www.hsbc.co.uk
www.i1.creditdonkey.com
www.paydaypayyau.com
104.111.231.90
184.168.221.67
192.99.0.18
46.105.201.240
50.63.202.80
50.63.202.88
52.216.1.179
52.216.232.229
52.216.96.197
66.128.58.228
91.214.6.22
1c490c71aad7e4cab7bea55269abda7f69d122464619378820038d061760980a
1e3834b47bc8e971ff4bb772ad82466c8620a2131fc5c58ba652d89b45609a54
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
250b26ceb1371d95af6cf247079bcba1b3bce9f2a5d80bfe229a1cc9c2bc0995
34008af95de810583699c0eee191c0e8d97f210f048c3c5cd48143f55fb3eb46
44ddfd9217a48ad72757de14b2d21caabe88ddd508f5622058b8518a7b28c7c4
5a8e829f3badfa854384484230a4aabd0be793c90adfdf1ea115764617088f9e
6350edadb51ba61b7b226c723e25486aed36967e5ece9ef8cc41346751e8bc01
97061675b9b30dbb1f6ce380285d75d39ab982458d29117ac27ceab65c2c7672
97ecf14bd56dbb8e4e694e31884f7ba06d90f764a6f4bd7c78333c4b47d58549
98a3db322db9dbeee03de6304c7fbfb3460ab1ac4f0fe65eb2cef4e15161bd60
9e817391412d49b23d3d92ca72df7f7676b0e30f8a4da4a6a3ee024c71e1d3c6
9f168adede954484562879eded86212e887587a0a4dce5a65eec6ce5da6b9c18
a3409acfeda652a909eff3f65a1a7519b7a173517b02dfca5595a8b2b7dd7a6d
dd9c420660e9fe5f42a90c72dd3b3ed42b17e343cfc94b98ed9f8c03dc302e40
e2626262127158fcf9a2af9ea862f047cebd4fd5e2b2783fc822a0203b320516
e7ce3683740c00c4b94ee04f86b8b739e644a3775bd8fbd6e1e3d9cdb41110e0
eb5058cb79772f113b9af7f9ac6b69335cc7519ccc7557ea1e8ac40a22008c67