www.ama-warning.online Open in urlscan Pro
82.117.252.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ama-warning.online/
Submission: On December 06 via automatic, source certstream-suspicious (December 6th 2022, 12:26:36 pm UTC) — Scanned from GB

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 82.117.252.170, located in Miami, United States and belongs to GREENFLOID-AS, US. The main domain is www.ama-warning.online.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.

This is the only time www.ama-warning.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	82.117.252.170 82.117.252.170	204957 (GREENFLOI...) (GREENFLOID-AS)
4	52.239.169.225 52.239.169.225	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2600:9000:223... 2600:9000:223d:7600:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
13	3

5 82.117.252.170 (Miami, United States)

ASN204957 (GREENFLOID-AS, US)
PTR: vds1069364.hosted-by-itldc.com

www.ama-warning.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.239.169.225 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

helloysupport.z13.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:7600:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ama-warning.online www.ama-warning.online	168 KB
4	windows.net helloysupport.z13.web.core.windows.net	57 KB
3	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 466	205 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 801	11 KB
13	4

	Domain	Requested by
5	www.ama-warning.online	www.ama-warning.online
4	helloysupport.z13.web.core.windows.net	www.ama-warning.online
3	m.media-amazon.com	www.ama-warning.online
1	images-na.ssl-images-amazon.com	www.ama-warning.online
13	4

This site contains no links.

Subject Issuer	Validity	Valid
ama4x0x0f000ffr30x000x.com R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.web.core.windows.net Microsoft RSA TLS CA 02	`2022-09-22` - `2023-09-22`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ama-warning.online/
Frame ID: 1D58AA91639084E2B9B3BE45B6903E74
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon.com. Spend less. Smile more.

Page Statistics

13
Requests

62 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

441 kB
Transfer

449 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.ama-warning.online/	9 KB 2 KB	512ms 157ms	Document text/html	82.117.252.170 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 82.117.252.170 Miami, United States, ASN204957 (GREENFLOID-AS, US), Reverse DNS vds1069364.hosted-by-itldc.com Software nginx/1.20.2 / Resource Hash `9ce1345529d4ff9bb1d2d48f63294ded1186f95d87edeca970f59298739856d2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 06 Dec 2022 12:26:30 GMT Server nginx/1.20.2 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	style.css www.ama-warning.online/css/	7 KB 2 KB	156ms 155ms	Stylesheet text/css	82.117.252.170 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://www.ama-warning.online/css/style.css Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 82.117.252.170 Miami, United States, ASN204957 (GREENFLOID-AS, US), Reverse DNS vds1069364.hosted-by-itldc.com Software nginx/1.20.2 / Resource Hash `309dba645699b49ba39552ee52f9b305c778bd2d02e3eb0da447d24eeac6d549` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Content-Encoding gzip Last-Modified Tue, 06 Dec 2022 12:08:17 GMT Server nginx/1.20.2 ETag "1d0d-5ef27a8c4361e-gzip" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1678
GET H/1.1	200 OK	def.png helloysupport.z13.web.core.windows.net/	4 KB 4 KB	794ms 324ms	Image image/png	52.239.169.225 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://helloysupport.z13.web.core.windows.net/def.png Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.169.225 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 29 Nov 2022 18:17:12 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 d6L/xVRfh1UddHgSAd6bOw== ETag "0x8DAD235EFC97AB3" Content-Type image/png x-ms-request-id cbfecbaf-301e-0062-386d-09e042000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 3834
GET H/1.1	200 OK	cross.png helloysupport.z13.web.core.windows.net/	43 KB 43 KB	739ms 282ms	Image image/png	52.239.169.225 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://helloysupport.z13.web.core.windows.net/cross.png Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.169.225 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 29 Nov 2022 18:17:12 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 RIeliL8qB+PRk21wXFzu/Q== ETag "0x8DAD235EFEF25C9" Content-Type image/png x-ms-request-id 835bfb29-301e-005d-556d-0928e1000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 44098
GET H/1.1	200 OK	virus-images.jpg helloysupport.z13.web.core.windows.net/	8 KB 8 KB	739ms 279ms	Image image/jpeg	52.239.169.225 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://helloysupport.z13.web.core.windows.net/virus-images.jpg Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.169.225 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 29 Nov 2022 18:17:13 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 X8VZokLw6goCPxCDCIfSrw== ETag "0x8DAD235F05F3CB2" Content-Type image/jpeg x-ms-request-id 3d19bc89-001e-001b-716d-091c66000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 8196
GET H/1.1	200 OK	microsoft.png helloysupport.z13.web.core.windows.net/	1 KB 1 KB	737ms 277ms	Image image/png	52.239.169.225 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://helloysupport.z13.web.core.windows.net/microsoft.png Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.239.169.225 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 29 Nov 2022 18:17:12 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 vytGBZD7udjpYRpukAa4Fg== ETag "0x8DAD235EFF42E18" Content-Type image/png x-ms-request-id ac0d7d0e-f01e-0020-346d-0959c2000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 1045
GET H/1.1	200 OK	block-img-1.jpg www.ama-warning.online/img/	31 KB 32 KB	444ms 305ms	Image image/jpeg	82.117.252.170 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ama-warning.online/img/block-img-1.jpg Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 82.117.252.170 Miami, United States, ASN204957 (GREENFLOID-AS, US), Reverse DNS vds1069364.hosted-by-itldc.com Software nginx/1.20.2 / Resource Hash `218cc9c02a16b4a18e826f4b89cce7ae1535098f3b9d950f976c0804747767d2` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 06 Dec 2022 12:08:17 GMT Server nginx/1.20.2 ETag "7d09-5ef27a8c4361e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 32009
GET H/1.1	200 OK	block-img-2.jpg www.ama-warning.online/img/	47 KB 47 KB	605ms 304ms	Image image/jpeg	82.117.252.170 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ama-warning.online/img/block-img-2.jpg Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 82.117.252.170 Miami, United States, ASN204957 (GREENFLOID-AS, US), Reverse DNS vds1069364.hosted-by-itldc.com Software nginx/1.20.2 / Resource Hash `6fd4d945bca24ce9408651022ed3d316010ba7b6976d0618c02f59d395c5a52d` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 06 Dec 2022 12:08:17 GMT Server nginx/1.20.2 ETag "bc2b-5ef27a8c4361e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 48171
GET H/1.1	200 OK	block-img-3.png www.ama-warning.online/img/	85 KB 85 KB	643ms 341ms	Image image/png	82.117.252.170 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ama-warning.online/img/block-img-3.png Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 82.117.252.170 Miami, United States, ASN204957 (GREENFLOID-AS, US), Reverse DNS vds1069364.hosted-by-itldc.com Software nginx/1.20.2 / Resource Hash `f4df61a092bf94e2a8a54bbb4602f4f52c2ccc66df0d6a9a5f50f99f5e21bea7` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Tue, 06 Dec 2022 12:26:30 GMT Last-Modified Tue, 06 Dec 2022 12:08:17 GMT Server nginx/1.20.2 ETag "153be-5ef27a8c4361e" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 86974
GET H2	200	Fuji_D2_45M_en_US_1x._CB418309979_.jpg images-na.ssl-images-amazon.com/images/G/01/AmazonExports/Fuji/2020/October/	11 KB 11 KB	236ms 64ms	Image image/jpeg	2600:9000:223d:7600:1d:d7f6:39d2:2dc1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01/AmazonExports/Fuji/2020/October/Fuji_D2_45M_en_US_1x._CB418309979_.jpg Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:7600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `724ea5d7c4b4b3969a2b7795744700dfcc5194e865e569265e5bf07b24868864` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Sat, 03 Sep 2022 11:16:04 GMT via 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 age 8125826 edge-cache-tag x-cache-743,/images/G/01/AmazonExports/Fuji/2020/October/Fuji_D2_45M_en_US_1x x-cache Hit from cloudfront x-nginx-cache-status MISS content-length 11120 surrogate-key x-cache-743 /images/G/01/AmazonExports/Fuji/2020/October/Fuji_D2_45M_en_US_1x last-modified Sat, 31 Oct 2020 00:39:19 GMT server Server content-type image/jpeg access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 57d1c8a4-b67a-43bd-8081-124aaa999fad accept-ranges bytes timing-allow-origin https://www.amazon.com x-amz-cf-id bs5jyEwQgEyH6RycnyHb6sMM-Ahxmm8WU8ye4hqIKucvfGXcUErufw== expires Fri, 29 Aug 2042 11:16:04 GMT
GET H2	200	nav-sprite-global-1x-hm-dsk-reorg._CB405937547_.png m.media-amazon.com/images/G/01/gno/sprites/	10 KB 11 KB	292ms 181ms	Image image/png	2600:9000:223d:7600:1d:d7f6:39d2:2dc1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/G/01/gno/sprites/nav-sprite-global-1x-hm-dsk-reorg._CB405937547_.png Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:7600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `d290bad14b077af43c094f8f42a92186f8bb08fad041fae1c550ff5bb72cd12b` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 26 May 2022 09:44:07 GMT via 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 age 16771343 edge-cache-tag x-cache-231,/images/G/01/gno/sprites/nav-sprite-global-1x-hm-dsk-reorg x-cache Hit from cloudfront x-nginx-cache-status HIT content-length 10630 surrogate-key x-cache-231 /images/G/01/gno/sprites/nav-sprite-global-1x-hm-dsk-reorg last-modified Thu, 13 Aug 2020 18:47:14 GMT server Server content-type image/png access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id bad4557f-c1f6-4f80-a597-e07fd20c8345 accept-ranges bytes timing-allow-origin https://www.amazon.com x-amz-cf-id 9BaVnslcrRnXw31k3i62-pfTEI9y3Qpapa_G-HBpxbknfUBItURBeA== expires Sun, 11 May 2042 09:01:55 GMT
GET H2	200	fe2UeLQmJ11kKHN.png m.media-amazon.com/images/S/sash/	58 KB 58 KB	294ms 185ms	Image image/png	2600:9000:223d:7600:1d:d7f6:39d2:2dc1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/S/sash/fe2UeLQmJ11kKHN.png Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:7600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Sat, 21 May 2022 01:49:44 GMT via 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 age 17231806 edge-cache-tag x-cache-111,/images/S/sash/fe2UeLQmJ11kKHN x-cache Hit from cloudfront x-nginx-cache-status HIT content-length 59234 surrogate-key x-cache-111 /images/S/sash/fe2UeLQmJ11kKHN last-modified Fri, 06 May 2022 16:03:28 GMT server Server content-type image/png access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 5168bfd1-2730-4b85-9a1f-e098d2b50399 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id mwLyMI2uSzik9vwDRFBQH8sIPAD1-KmOCeLnit_a38NxuYZ32UfnhQ== expires Sun, 11 May 2042 13:56:05 GMT
GET H2	200	71YIDh9SEtL._SX3000_.jpg m.media-amazon.com/images/I/	135 KB 135 KB	169ms 64ms	Image image/jpeg	2600:9000:223d:7600:1d:d7f6:39d2:2dc1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/I/71YIDh9SEtL._SX3000_.jpg Requested by Host: www.ama-warning.online URL: https://www.ama-warning.online/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:7600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `924916543fedbaed2d1163900aa5fbfe13d3fded34345648bbfc890305092f01` Request headers accept-language en-GB,en;q=0.9 Referer https://www.ama-warning.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Tue, 29 Nov 2022 08:00:09 GMT via 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P3 age 620781 edge-cache-tag x-cache-840,/images/I/71YIDh9SEtL x-cache Hit from cloudfront x-nginx-cache-status MISS content-length 137902 surrogate-key x-cache-840 /images/I/71YIDh9SEtL last-modified Fri, 07 Oct 2022 22:20:48 GMT server Server content-type image/jpeg access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 05f6922f-7875-4c69-973c-bfb6758b4755 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id W8sK4Zgsjlt8MHHaFMDipqws1ulbcWMCO_5jf5hP0iHzBFs_-0vF4A== expires Mon, 24 Nov 2042 08:00:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| fullscreen

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

helloysupport.z13.web.core.windows.net
images-na.ssl-images-amazon.com
m.media-amazon.com
www.ama-warning.online
2600:9000:223d:7600:1d:d7f6:39d2:2dc1
52.239.169.225
82.117.252.170
218cc9c02a16b4a18e826f4b89cce7ae1535098f3b9d950f976c0804747767d2
2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b
309dba645699b49ba39552ee52f9b305c778bd2d02e3eb0da447d24eeac6d549
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
6fd4d945bca24ce9408651022ed3d316010ba7b6976d0618c02f59d395c5a52d
724ea5d7c4b4b3969a2b7795744700dfcc5194e865e569265e5bf07b24868864
924916543fedbaed2d1163900aa5fbfe13d3fded34345648bbfc890305092f01
9ce1345529d4ff9bb1d2d48f63294ded1186f95d87edeca970f59298739856d2
d290bad14b077af43c094f8f42a92186f8bb08fad041fae1c550ff5bb72cd12b
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
f4df61a092bf94e2a8a54bbb4602f4f52c2ccc66df0d6a9a5f50f99f5e21bea7

www.ama-warning.online Open in urlscan Pro 82.117.252.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

62 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

441 kBTransfer

449 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

www.ama-warning.online Open in urlscan Pro
82.117.252.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

62 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

441 kB
Transfer

449 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!