urlscan.io logo urlscan.io
SecurityTrails logo

ww-amazon.de Open in urlscan Pro
2607:fad0:3801:4::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ww-amazon.de/
Effective URL: http://ww-amazon.de/page/bouncy.php?&bpae=GbhGd7cmpUx7j3O0qwYRcJTxSaVsyu1I9XCqOi6XshrWJ6CHPb5D9IUEY21DSdKX6IpiqoFfaX...
Submission: On May 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2607:fad0:3801:4::1, located in United States and belongs to LIQUIDWEB, US. The main domain is ww-amazon.de.
This is the only time ww-amazon.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2607:fad0:380... 32244 (LIQUIDWEB)
1 1 198.134.116.18 27257 (WEBAIR-IN...)
1 99.86.7.123 16509 (AMAZON-02)
3 2
Apex Domain
Subdomains		 Transfer
2 ww-amazon.de
ww-amazon.de
3 KB
1 adating.link
t.adating.link — Cisco Umbrella Rank: 373063
284 B
1 junmediadirect.com
click.junmediadirect.com — Cisco Umbrella Rank: 114304
219 B
3 3
Domain Requested by
2 ww-amazon.de ww-amazon.de
1 t.adating.link ww-amazon.de
1 click.junmediadirect.com 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
*.ajrkm.link
Amazon		 2021-07-01 -
2022-07-30		 a year crt.sh

This page contains 1 frames:

Frame: https://t.adating.link/165604/3785/22391?aff_sub=265753.ww-amazon.de&bo=2753,2754,2755,2756
Frame ID: 63C4580697403DDAF1CF8D0957C74A3A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ww-amazon.de/ Page URL
  2. http://ww-amazon.de/page/bouncy.php?&bpae=GbhGd7cmpUx7j3O0qwYRcJTxSaVsyu1I9XCqOi6XshrWJ6CHPb5D9I... Page URL

Page Statistics

3
Requests

33 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

4 kB
Transfer

3 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ww-amazon.de/ Page URL
  2. http://ww-amazon.de/page/bouncy.php?&bpae=GbhGd7cmpUx7j3O0qwYRcJTxSaVsyu1I9XCqOi6XshrWJ6CHPb5D9IUEY21DSdKX6IpiqoFfaXRwJ37fOuWdsHrCgyF84iNQ5m4c4moSuWEozXLUJHXp8fMJWiKOdKFOY4AEdBErSD4tkuQwkcG2CwOcc3Q%2BscfrYf%2BvorCDxhdIAEfs7wjRby9KQf%2F8It0l7wEtWWLCgt9KkXzmgMcA2jtyp2Z1bxtmzEcDy5n3xpS5art8uBnxZQ1CXVJvVn8jD1Rb1m3zg1DTfxsCxuMViJ8SG%2FyHDLtpdisfRP3dJlRLP5DEAhIdT95O9xpBJ1qmv5Kmq5F2%2BaB4qlIjto7EHSWV%2FoUWLdER%2FWB9b8fV1ypNnAcRFXLyJDHq9u4JPXwk4YnEqruJz3TPY4ePKPJ85JkKK07UwQrqC8SpQOiKIIGnAvfcSiUNS8IbuJUt37y9TIQ73VE%3D&redirectType=js&inIframe=false&inPopUp=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://click.junmediadirect.com/click?i=XfY5GvrfFfQ_0 HTTP 302
  • https://t.adating.link/165604/3785/22391?aff_sub=265753.ww-amazon.de&bo=2753,2754,2755,2756

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww-amazon.de/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww-amazon.de/
Protocol
HTTP/1.1
Server
2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 May 2022 16:40:48 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Primary Request bouncy.php
ww-amazon.de/page/ 		685 B
969 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ww-amazon.de/page/bouncy.php?&bpae=GbhGd7cmpUx7j3O0qwYRcJTxSaVsyu1I9XCqOi6XshrWJ6CHPb5D9IUEY21DSdKX6IpiqoFfaXRwJ37fOuWdsHrCgyF84iNQ5m4c4moSuWEozXLUJHXp8fMJWiKOdKFOY4AEdBErSD4tkuQwkcG2CwOcc3Q%2BscfrYf%2BvorCDxhdIAEfs7wjRby9KQf%2F8It0l7wEtWWLCgt9KkXzmgMcA2jtyp2Z1bxtmzEcDy5n3xpS5art8uBnxZQ1CXVJvVn8jD1Rb1m3zg1DTfxsCxuMViJ8SG%2FyHDLtpdisfRP3dJlRLP5DEAhIdT95O9xpBJ1qmv5Kmq5F2%2BaB4qlIjto7EHSWV%2FoUWLdER%2FWB9b8fV1ypNnAcRFXLyJDHq9u4JPXwk4YnEqruJz3TPY4ePKPJ85JkKK07UwQrqC8SpQOiKIIGnAvfcSiUNS8IbuJUt37y9TIQ73VE%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: ww-amazon.de
URL: http://ww-amazon.de/
Protocol
HTTP/1.1
Server
2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://ww-amazon.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 May 2022 16:40:49 GMT
Keep-Alive
timeout=5, max=99
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
22391
t.adating.link/165604/3785/
Redirect Chain
  • http://click.junmediadirect.com/click?i=XfY5GvrfFfQ_0
  • https://t.adating.link/165604/3785/22391?aff_sub=265753.ww-amazon.de&bo=2753,2754,2755,2756
0
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adating.link/165604/3785/22391?aff_sub=265753.ww-amazon.de&bo=2753,2754,2755,2756
Requested by
Host: ww-amazon.de
URL: http://ww-amazon.de/page/bouncy.php?&bpae=GbhGd7cmpUx7j3O0qwYRcJTxSaVsyu1I9XCqOi6XshrWJ6CHPb5D9IUEY21DSdKX6IpiqoFfaXRwJ37fOuWdsHrCgyF84iNQ5m4c4moSuWEozXLUJHXp8fMJWiKOdKFOY4AEdBErSD4tkuQwkcG2CwOcc3Q%2BscfrYf%2BvorCDxhdIAEfs7wjRby9KQf%2F8It0l7wEtWWLCgt9KkXzmgMcA2jtyp2Z1bxtmzEcDy5n3xpS5art8uBnxZQ1CXVJvVn8jD1Rb1m3zg1DTfxsCxuMViJ8SG%2FyHDLtpdisfRP3dJlRLP5DEAhIdT95O9xpBJ1qmv5Kmq5F2%2BaB4qlIjto7EHSWV%2FoUWLdER%2FWB9b8fV1ypNnAcRFXLyJDHq9u4JPXwk4YnEqruJz3TPY4ePKPJ85JkKK07UwQrqC8SpQOiKIIGnAvfcSiUNS8IbuJUt37y9TIQ73VE%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-123.fra6.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://ww-amazon.de/page/bouncy.php?&bpae=GbhGd7cmpUx7j3O0qwYRcJTxSaVsyu1I9XCqOi6XshrWJ6CHPb5D9IUEY21DSdKX6IpiqoFfaXRwJ37fOuWdsHrCgyF84iNQ5m4c4moSuWEozXLUJHXp8fMJWiKOdKFOY4AEdBErSD4tkuQwkcG2CwOcc3Q%2BscfrYf%2BvorCDxhdIAEfs7wjRby9KQf%2F8It0l7wEtWWLCgt9KkXzmgMcA2jtyp2Z1bxtmzEcDy5n3xpS5art8uBnxZQ1CXVJvVn8jD1Rb1m3zg1DTfxsCxuMViJ8SG%2FyHDLtpdisfRP3dJlRLP5DEAhIdT95O9xpBJ1qmv5Kmq5F2%2BaB4qlIjto7EHSWV%2FoUWLdER%2FWB9b8fV1ypNnAcRFXLyJDHq9u4JPXwk4YnEqruJz3TPY4ePKPJ85JkKK07UwQrqC8SpQOiKIIGnAvfcSiUNS8IbuJUt37y9TIQ73VE%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 18 May 2022 16:40:50 GMT
server
nginx/1.19.0
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
BA7xL_3VqyaxAjSE_SjTBnrJVWMlmxX4AFhSLEQIjGAMv5r-ppiW-A==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront

Redirect headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
https://t.adating.link/165604/3785/22391?aff_sub=265753.ww-amazon.de&bo=2753,2754,2755,2756
Pragma
no-cache

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.junmediadirect.com
t.adating.link
ww-amazon.de
198.134.116.18
2607:fad0:3801:4::1
99.86.7.123
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855