dolmen.com.co Open in urlscan Pro
162.240.102.229 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bradrianinvestments.co.ke/.well-known/pki-validation/.zabba.php
Effective URL:
https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Submission: On March 18 via api (March 18th 2024, 7:29:51 pm UTC) from EE — Scanned from CH

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 21 HTTP transactions. The main IP is 162.240.102.229, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is dolmen.com.co.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time dolmen.com.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	197.248.5.31 197.248.5.31	37061 (Safaricom) (Safaricom)
1 11	162.240.102.229 162.240.102.229	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	52.213.200.119 52.213.200.119	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
1	2600:9000:249... 2600:9000:2490:600:3:12d0:8d40:21	16509 (AMAZON-02) (AMAZON-02)
1	52.95.122.73 52.95.122.73	16509 (AMAZON-02) (AMAZON-02)
21	7

1 197.248.5.31 (Nairobi, Kenya) 1 redirects

ASN37061 (Safaricom, KE)
PTR: host31.safaricombusiness.co.ke

bradrianinvestments.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.240.102.229 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-1250426.dolmen.com.co

dolmen.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dolmen.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.200.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-200-119.eu-west-1.compute.amazonaws.com

fls-eu.amazon.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images-eu.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:600:3:12d0:8d40:21 (United States)

ASN16509 (AMAZON-02, US)

d35uxhjf90umnp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.122.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

unagi.amazon.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dolmen.com.co 1 redirects dolmen.com.co www.dolmen.com.co	918 KB
4	amazon.sa fls-eu.amazon.sa — Cisco Umbrella Rank: 320225 unagi.amazon.sa — Cisco Umbrella Rank: 330903	851 B
2	telegram.org api.telegram.org — Cisco Umbrella Rank: 24508	501 B
2	ssl-images-amazon.com images-eu.ssl-images-amazon.com — Cisco Umbrella Rank: 4346	111 KB
1	cloudfront.net d35uxhjf90umnp.cloudfront.net	12 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 464	28 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1217	24 KB
1	bradrianinvestments.co.ke 1 redirects bradrianinvestments.co.ke	281 B
21	8

	Domain	Requested by
10	dolmen.com.co	1 redirects dolmen.com.co
3	fls-eu.amazon.sa	dolmen.com.co
2	api.telegram.org	dolmen.com.co
2	images-eu.ssl-images-amazon.com	dolmen.com.co
1	unagi.amazon.sa	dolmen.com.co
1	www.dolmen.com.co
1	d35uxhjf90umnp.cloudfront.net	dolmen.com.co
1	m.media-amazon.com	dolmen.com.co
1	code.jquery.com	dolmen.com.co
1	bradrianinvestments.co.ke	1 redirects
21	10

This site contains links to these domains. Also see Links.

Domain
www.amazon.sa

Subject Issuer	Validity	Valid
www.siap.dolmen.com.co R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
fls-eu.amazon.com Amazon RSA 2048 M03	`2023-12-25` - `2025-01-23`	a year	crt.sh
m.media-amazon.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-28`	a year	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
unagi-eu.amazon.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Frame ID: 9CA0682AED330AB0A4CD663976630F8B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Die Zahlungsanweisungen für Ihre Rechnung eingeben

Page URL History Show full URLs

https://bradrianinvestments.co.ke/.well-known/pki-validation/.zabba.php HTTP 302
https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

7
IPs

5
Countries

1093 kB
Transfer

1464 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.sa/ref=ap_frn_logo

Search URL Search Domain Scan URL

URL: https://www.amazon.sa/gp/help/customer/display.html/ref=ap_cookie_error_help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bradrianinvestments.co.ke/.well-known/pki-validation/.zabba.php HTTP 302
https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-1710790186047&_ul=-1710790186047&rd_=-1710790186047&_rd=-1710790186047&fe_=-1176&lk_=-601&_lk=-601&co_=-601&_co=-263&sc_=-433&rq_=-263&rs_=-90&_rs=410&dl_=-88&di_=945&de_=945&_de=945&_dc=1844&ld_=1844&_ld=-1710790186047&ntd=0&ty=0&rc=0&hob=78&hoe=78&ld=1844&t=1710790187891&ctb=1&csmtags=aui|aui:aui_build_date:3.23.1-2023-11-28|aui:sw:page_proxy:no_ctrl&viz=visible:78&aftb=1 HTTP 301
https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-1710790186047&_ul=-1710790186047&rd_=-1710790186047&_rd=-1710790186047&fe_=-1176&lk_=-601&_lk=-601&co_=-601&_co=-263&sc_=-433&rq_=-263&rs_=-90&_rs=410&dl_=-88&di_=945&de_=945&_de=945&_dc=1844&ld_=1844&_ld=-1710790186047&ntd=0&ty=0&rc=0&hob=78&hoe=78&ld=1844&t=1710790187891&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:78&aftb=1

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request registerfe46.php Show response
dolmen.com.co/wp-content/amazo/www.amazozz/ap/
Redirect Chain

https://bradrianinvestments.co.ke/.well-known/pki-validation/.zabba.php
https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php

101 KB
101 KB

1085ms
172ms

Document
text/html

162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 6b9b424663557e906676e674e40b59564b04d84782b80d27b72ae211b5b19796

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-CH,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 19:29:45 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 19:30:08 GMT
Keep-Alive: timeout=5, max=100
Location: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 73ms
21ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://dolmen.com.co/
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2708682
x-cache: HIT, HIT
content-length: 24606
x-served-by: cache-lga21954-LGA, cache-fra-eddf8230138-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710790186.022854,VS0,VE0
etag: W/"28feccc0-11abc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 17, 134120

GET
H/1.1 200
OK 710hicIoD5Lbff5.css
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 134 KB
134 KB 501ms
169ms Stylesheet
text/css 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/710hicIoD5Lbff5.css?AUIClients/AmazonRTL
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 12294d71e342aae78acb0501fe8043a20e26218fda46b45f04b562ed79a5880b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:45 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 137307

GET
H/1.1 200
OK 01SdjaY0ZsL._RC_31jdWD%2bJB%2bL.css%2c51ndJ60shfL.css_7e0c.css
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 57 KB
57 KB 509ms
170ms Stylesheet
text/css 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC_31jdWD%2bJB%2bL.css%2c51ndJ60shfL.css_7e0c.css?AUIClients/AuthenticationPortalAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: fccb6bdf1465e9629f69a143ab791809b9686cbe35bbe6466c2498024fae1c9c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:45 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:24 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 58622

GET
H/1.1 200
OK 21PFuszay6Lc8b6.css
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 4 KB
5 KB 517ms
173ms Stylesheet
text/css 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/21PFuszay6Lc8b6.css?AUIClients/CVFAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 058d9ee2e22b801b2bf14ba5c17eb0ec0cc758fdf56c972d6eec7f83000d6329

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:45 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4534

GET
H2 200 A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0
fls-eu.amazon.sa/1/batch/1/OP/ 43 B
150 B 151ms
41ms Image
image/gif 52.213.200.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.200.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-200-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:46 GMT
x-amzn-requestid: 4842675c-5fdc-4ff7-bcf5-09ac9798c184
content-length: 43
content-type: image/gif

GET
H2 200 61xzeOOI6-L._RC%7C11Y+5x+kkTL.js,01rpauTep4L.js,71d9+41yctL.js_.js Show response
images-eu.ssl-images-amazon.com/images/I/ 310 KB
85 KB 137ms
26ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://images-eu.ssl-images-amazon.com/images/I/61xzeOOI6-L._RC%7C11Y+5x+kkTL.js,01rpauTep4L.js,71d9+41yctL.js_.js?AUIClients/AmazonRTL
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Server /
Resource Hash: c15464cfd8f30e640563d03479defb5ed8b9ef8b2b84337a6be06b0ab5799bb8

Request headers

Referer: https://dolmen.com.co/
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:47 GMT
content-encoding: br
akamai-cache-status: Miss from child, Hit from parent
akamai-grn: 0.867d1302.1710790187.bd108132
x-cache: Hit from akamai
x-nginx-cache-status: HIT
server-timing: provider;desc="ak"
content-length: 86066
surrogate-key: x-cache-031 /images/I/61xzeOOI6-L
last-modified: Fri, 23 Sep 2022 18:30:09 GMT
server: Server
content-type: application/x-javascript
access-control-allow-origin: *
peer-cache: Hit
cache-control: public, max-age=630720000
x-amz-ir-id: d4a7ba96-3fe7-4ca5-be2c-2ccad217ef56
timing-allow-origin: https://dolmen.com.co/
expires: Sun, 13 Mar 2044 19:29:47 GMT

GET
H2 200 21ZMwVh4T0L._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61RM99J+cHL.js_.js Show response
images-eu.ssl-images-amazon.com/images/I/ 104 KB
26 KB 160ms
49ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://images-eu.ssl-images-amazon.com/images/I/21ZMwVh4T0L._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,61RM99J+cHL.js_.js?AUIClients/AuthenticationPortalAssets&klvnhO/g
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Server /
Resource Hash: 59b2f30c7c1a73c404de7e8fcda5e81776d6a59a0e83333daa27c1b04ffbdea3

Request headers

Referer: https://dolmen.com.co/
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:47 GMT
content-encoding: br
akamai-cache-status: Miss from child, Hit from parent
akamai-grn: 0.867d1302.1710790187.bd108131
x-cache: Hit from akamai
x-nginx-cache-status: HIT
server-timing: provider;desc="ak"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 26176
surrogate-key: x-cache-013 /images/I/21ZMwVh4T0L
last-modified: Mon, 10 Aug 2020 22:19:37 GMT
server: Server
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
peer-cache: Hit
cache-control: public, max-age=630720000
x-amz-ir-id: d348f56d-f175-4c52-8361-e53452d11867
timing-allow-origin: https://dolmen.com.co/
expires: Sun, 13 Mar 2044 19:29:47 GMT

GET
H/1.1 200
OK 01wGDSlxwdLf98e.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 521 B
775 B 171ms
170ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/01wGDSlxwdLf98e.js?AUIClients/AuthenticationPortalInlineAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:46 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 521

GET
H/1.1 200
OK 41zkUAGye%2bL088f.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 21 KB
21 KB 170ms
169ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/41zkUAGye%2bL088f.js?AUIClients/CVFAssets&uJU2Io3m
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 297c212cce971bf5e04f54d75ce2fe6c974c33f17792c35c762fd599b89d0936

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:46 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21069

GET
H/1.1 200
OK 8135BpGZX3Lf1d7.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 323 KB
323 KB 174ms
173ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/8135BpGZX3Lf1d7.js?AUIClients/SiegeClientSideEncryptionAUI
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 8eb684de5f6d7ea4079a9a79e5e29e84f80e6790ffadd0de13e9f16841ceeec6

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:46 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 330750

GET
H/1.1 200
OK 31jdfgcsPAL5973.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 14 KB
14 KB 174ms
174ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/31jdfgcsPAL5973.js?AUIClients/AmazonUIFormControlsJS
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: 2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:46 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:26 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14537

GET
H/1.1 200
OK 8178jsL3v3Lac85.js Show response
dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/ 260 KB
260 KB 340ms
170ms Script
application/javascript 162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/8178jsL3v3Lac85.js?AUIClients/FWCIMAssets
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: Apache /
Resource Hash: bdec81d204fb4893c23f31b2dd4cf8a110eec9c06638ac98a11569b2476e6d05

Request headers

Referer: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php
Origin: https://dolmen.com.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 18 Mar 2024 19:29:46 GMT
Last-Modified: Fri, 09 Feb 2024 18:55:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 266279

OPTIONS
H2 204 sendMessage
api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/ 0
0 96ms
30ms Preflight 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL: https://api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/sendMessage
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dolmen.com.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
access-control-max-age: 86400
date: Mon, 18 Mar 2024 19:29:47 GMT
server: nginx/1.18.0

POST
H2 200 sendMessage Show response
api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/ 255 B
501 B 88ms
88ms Fetch
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://api.telegram.org/bot6758185746:AAEBAln4IaxtHP66rzrnXDgnWf4Ss7vEBM0/sendMessage

Requested by

Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f21b4e506f40d2c8f8b4466b4d501a47e964e5e48b8ac0f39822cec755734b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dolmen.com.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Mon, 18 Mar 2024 19:29:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection
content-length: 255

GET
H2 200 mPGmT0r6IeTyIee.png
m.media-amazon.com/images/S/sash/ 27 KB
28 KB 133ms
22ms Image
image/png 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png

Requested by

Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/710hicIoD5Lbff5.css?AUIClients/AmazonRTL#not-trident.rtl-true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:47 GMT
strict-transport-security: max-age=86400
akamai-cache-status: Hit from child
akamai-grn: 0.867d1302.1710790187.bd108179
x-cache: Hit from akamai
x-nginx-cache-status: HIT
server-timing: provider;desc="ak"
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 27972
surrogate-key: x-cache-108 /images/S/sash/mPGmT0r6IeTyIee
last-modified: Tue, 17 Nov 2020 23:31:33 GMT
server: Server
content-type: image/png
access-control-allow-origin: *
peer-cache: Hit
cache-control: public, max-age=630274857
x-amz-ir-id: 60c5c3cb-0e05-45df-9336-9135292f45b8
accept-ranges: bytes
timing-allow-origin: https://dolmen.com.co/
expires: Tue, 08 Mar 2044 15:50:44 GMT

GET
H2 200 index.js Show response
d35uxhjf90umnp.cloudfront.net/ 37 KB
12 KB 83ms
27ms Script
application/javascript 2600:9000:2490:600:3:12d0:8d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35uxhjf90umnp.cloudfront.net/index.js
Requested by: Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/images-eu.ssl-images-amazon.com/images/I/8178jsL3v3Lac85.js?AUIClients/FWCIMAssets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:600:3:12d0:8d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: .WCB9yvxzufrsvypRZW5w_pUwNZ4.SCn
content-encoding: gzip
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
date: Mon, 18 Mar 2024 01:10:41 GMT
last-modified: Tue, 27 Apr 2021 20:18:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 78409
x-amz-server-side-encryption: AES256
etag: W/"a216acbf4c266a507cb6c7de4d63d883"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6ASClSrDOOj65OeI7IM-JsmpmH4Ij18KS2Cr9GnX0zOjQAjGrqSIVw==

GET
H/1.1

404
Not Found

uedata
www.dolmen.com.co/ap/
Redirect Chain

https://dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-1710790186047...
https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-171079018...

0
0

2659ms
660ms

Image
text/html

162.240.102.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-1710790186047&_ul=-1710790186047&rd_=-1710790186047&_rd=-1710790186047&fe_=-1176&lk_=-601&_lk=-601&co_=-601&_co=-263&sc_=-433&rq_=-263&rs_=-90&_rs=410&dl_=-88&di_=945&de_=945&_de=945&_dc=1844&ld_=1844&_ld=-1710790186047&ntd=0&ty=0&rc=0&hob=78&hoe=78&ld=1844&t=1710790187891&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:78&aftb=1
Protocol: HTTP/1.1
Server: 162.240.102.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps-1250426.dolmen.com.co
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Redirect headers

Date: Mon, 18 Mar 2024 19:29:47 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-1710790186047&_ul=-1710790186047&rd_=-1710790186047&_rd=-1710790186047&fe_=-1176&lk_=-601&_lk=-601&co_=-601&_co=-263&sc_=-433&rq_=-263&rs_=-90&_rs=410&dl_=-88&di_=945&de_=945&_de=945&_dc=1844&ld_=1844&_ld=-1710790186047&ntd=0&ty=0&rc=0&hob=78&hoe=78&ld=1844&t=1710790187891&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:78&aftb=1
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DRS02...
fls-eu.amazon.sa/1/batch/1/OP/ 43 B
149 B 43ms
42ms Image
image/gif 52.213.200.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DRS02CM5QATK4ZTKSAQXF%26ue%3D78%26bb%3D933%26cf%3D936%26pc%3D1844%26tc%3D-3090%26na_%3D-3090%26ul_%3D-1710790186047%26_ul%3D-1710790186047%26rd_%3D-1710790186047%26_rd%3D-1710790186047%26fe_%3D-1176%26lk_%3D-601%26_lk%3D-601%26co_%3D-601%26_co%3D-263%26sc_%3D-433%26rq_%3D-263%26rs_%3D-90%26_rs%3D410%26dl_%3D-88%26di_%3D945%26de_%3D945%26_de%3D945%26_dc%3D1844%26ld_%3D1844%26_ld%3D-1710790186047%26ntd%3D0%26ty%3D0%26rc%3D0%26hob%3D78%26hoe%3D78%26ld%3D1844%26t%3D1710790187891%26ctb%3D1%26csmtags%3Daui%7Caui%3Aaui_build_date%3A3.23.1-2023-11-28%7Caui%3Asw%3Apage_proxy%3Ano_ctrl%26viz%3Dvisible%3A78%26aftb%3D1:1845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.200.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-200-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:47 GMT
x-amzn-requestid: e1477025-9db7-4120-a559-f75f9b8c7568
content-length: 43
content-type: image/gif

GET
H2 200 A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sc0%3Daui%3Asw%3Appft%3Acallback_ricb%26bb0%3D944%26pc0%3D945%26l...
fls-eu.amazon.sa/1/batch/1/OP/ 43 B
149 B 42ms
41ms Image
image/gif 52.213.200.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.261013.0%26id%3DRS02CM5QATK4ZTKSAQXF%26sc0%3Daui%3Asw%3Appft%3Acallback_ricb%26bb0%3D944%26pc0%3D945%26ld0%3D945%26t0%3D1710790186992%26ctb%3D1:1845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.200.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-200-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://dolmen.com.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 18 Mar 2024 19:29:47 GMT
x-amzn-requestid: 340a8173-9f3a-435d-9d48-d43c05629d31
content-length: 43
content-type: image/gif

POST
H/1.1 200
OK com.amazon.csm.csa.prod
unagi.amazon.sa/1/events/ 2 B
403 B 172ms
54ms Ping
application/json 52.95.122.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unagi.amazon.sa/1/events/com.amazon.csm.csa.prod

Requested by

Host: dolmen.com.co
URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.122.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://dolmen.com.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 18 Mar 2024 19:29:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 92A8N1YR76QSR9R6NKR7
x-amzn-RequestId: 2d70a1c0-4777-434d-a3ec-55fe787f2f82
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Connection: keep-alive
Content-Length: 22

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dolmen.com.co/	1970-01-21 03:37:10	Name: csm-hit Value: tb:s-RS02CM5QATK4ZTKSAQXF\|1710790186980&t:1710790186980

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php(Line 126) Message: Mixed Content: The page at 'https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php' was loaded over HTTPS, but requested an insecure element 'http://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php(Line 224) Message: Mixed Content: The page at 'https://dolmen.com.co/wp-content/amazo/www.amazozz/ap/registerfe46.php' was loaded over HTTPS, but requested an insecure element 'http://fls-eu.amazon.sa/1/batch/1/OP/A17E79C6D8DWNP:258-7245983-9612804:RS02CM5QATK4ZTKSAQXF$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DRS02CM5QATK4ZTKSAQXF:0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.dolmen.com.co/ap/uedata?ld&v=0.261013.0&id=RS02CM5QATK4ZTKSAQXF&sw=1600&sh=1200&vw=1600&vh=1200&m=1&sc=RS02CM5QATK4ZTKSAQXF&ue=78&bb=933&cf=936&pc=1844&tc=-3090&na_=-3090&ul_=-1710790186047&_ul=-1710790186047&rd_=-1710790186047&_rd=-1710790186047&fe_=-1176&lk_=-601&_lk=-601&co_=-601&_co=-263&sc_=-433&rq_=-263&rs_=-90&_rs=410&dl_=-88&di_=945&de_=945&_de=945&_dc=1844&ld_=1844&_ld=-1710790186047&ntd=0&ty=0&rc=0&hob=78&hoe=78&ld=1844&t=1710790187891&ctb=1&csmtags=auiaui:aui_build_date:3.23.1-2023-11-28aui:sw:page_proxy:no_ctrl&viz=visible:78&aftb=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
bradrianinvestments.co.ke
code.jquery.com
d35uxhjf90umnp.cloudfront.net
dolmen.com.co
fls-eu.amazon.sa
images-eu.ssl-images-amazon.com
m.media-amazon.com
unagi.amazon.sa
www.dolmen.com.co
162.240.102.229
197.248.5.31
2001:67c:4e8:f004::9
2600:9000:2490:600:3:12d0:8d40:21
2a02:26f0:480:f::213:7ec6
2a04:4e42:400::649
52.213.200.119
52.95.122.73
058d9ee2e22b801b2bf14ba5c17eb0ec0cc758fdf56c972d6eec7f83000d6329
12294d71e342aae78acb0501fe8043a20e26218fda46b45f04b562ed79a5880b
297c212cce971bf5e04f54d75ce2fe6c974c33f17792c35c762fd599b89d0936
2e5c4e5dd76d19bd957864a5485880b7dd5381be31835dc30dbb276d82652a89
432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
59b2f30c7c1a73c404de7e8fcda5e81776d6a59a0e83333daa27c1b04ffbdea3
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
6b9b424663557e906676e674e40b59564b04d84782b80d27b72ae211b5b19796
8eb684de5f6d7ea4079a9a79e5e29e84f80e6790ffadd0de13e9f16841ceeec6
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
bdec81d204fb4893c23f31b2dd4cf8a110eec9c06638ac98a11569b2476e6d05
c15464cfd8f30e640563d03479defb5ed8b9ef8b2b84337a6be06b0ab5799bb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
f21b4e506f40d2c8f8b4466b4d501a47e964e5e48b8ac0f39822cec755734b42
fccb6bdf1465e9629f69a143ab791809b9686cbe35bbe6466c2498024fae1c9c

dolmen.com.co Open in urlscan Pro 162.240.102.229 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

50 %IPv6

8 Domains

10 Subdomains

7 IPs

5 Countries

1093 kBTransfer

1464 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

69 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

dolmen.com.co Open in urlscan Pro
162.240.102.229 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

7
IPs

5
Countries

1093 kB
Transfer

1464 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!