urlscan.io logo urlscan.io
SecurityTrails logo

amazon-yq.top Open in urlscan Pro
45.254.25.189  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://amazon-yq.top/
Effective URL: https://amazon-yq.top/amazon/
Submission Tags: phishing spamreports malicious Search All
Submission: On January 25 via api from BG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 45.254.25.189, located in China and belongs to AS40676, US. The main domain is amazon-yq.top.
TLS certificate: Issued by TrustAsia TLS RSA CA on January 25th 2021. Valid for: a year.
This is the only time amazon-yq.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 45.254.25.189 40676 (AS40676)
1 122.228.91.87 134771 (CHINATELE...)
1 183.131.207.66 136190 (CHINATELE...)
4 3
Apex Domain
Subdomains		 Transfer
4 amazon-yq.top
amazon-yq.top
1 KB
2 51.la
js.users.51.la
ia.51.la
3 KB
4 2
Domain Requested by
4 amazon-yq.top 2 redirects
1 ia.51.la amazon-yq.top
1 js.users.51.la amazon-yq.top
4 3

This site contains no links.

Subject Issuer Validity Valid
amazon-yq.top
TrustAsia TLS RSA CA		 2021-01-25 -
2022-01-24		 a year crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2020-08-27 -
2022-04-19		 2 years crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2020-08-27 -
2022-05-16		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://amazon-yq.top/amazon/
Frame ID: D220344B25B8B9D42A7093673F175DDC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://amazon-yq.top/ HTTP 301
    https://amazon-yq.top/ Page URL
  2. https://amazon-yq.top/amazon HTTP 301
    https://amazon-yq.top/amazon/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

4 kB
Transfer

6 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amazon-yq.top/ HTTP 301
    https://amazon-yq.top/ Page URL
  2. https://amazon-yq.top/amazon HTTP 301
    https://amazon-yq.top/amazon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://amazon-yq.top/ HTTP 301
  • https://amazon-yq.top/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
amazon-yq.top/
Redirect Chain
  • http://amazon-yq.top/
  • https://amazon-yq.top/
428 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-yq.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.254.25.189 , China, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
10937ea98001e8ddc2a54a5bc50487831ec97128a6a6dff01b3ae028aac9ca83

Request headers

:method
GET
:authority
amazon-yq.top
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 25 Jan 2021 05:59:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
PHPSESSID=j83ok1e35hu6lefdngk5q26ed2; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 25 Jan 2021 05:59:47 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://amazon-yq.top/
20061003.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/20061003.js
Requested by
Host: amazon-yq.top
URL: https://amazon-yq.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
a0ebf877af84b85208378fe25550ce89aadf4d46fb670bfec66c240e89028fef

Request headers

Referer
https://amazon-yq.top/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id
20061003
Date
Mon, 25 Jan 2021 05:59:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1447
Transfer-Encoding
chunked
X-Via
1.1 PSjshasx4me65:1 (Cdn Cache Server V2.0)[106 200 2], 1.1 zhoudxin206:2 (Cdn Cache Server V2.0)[129 200 2], 1.1 ianxin167:8 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Request-Id
00000177380A7B6F90159ABCE0D5B47E
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSrAGkgTHqsflqU56s71zBa0zwP3C6Yt
Last-Modified
Thu May 23 22:15:40 CST 2019
Server
nginx/1.14.0
ETag
"20159e9e6317a442496d10b75d9bd487"
X-Ws-Request-Id
600e5e5a_zhdx119_25684-38351
Content-Type
application/javascript;charset=UTF-8
version-id
G001116AE50C2910FFFF90060063999D
go1
ia.51.la/ 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia.51.la/go1?id=20061003&rt=1611554394456&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1611554394456&tt=...&kw=&cu=https%253A%252F%252Famazon-yq.top%252F&pu=
Requested by
Host: amazon-yq.top
URL: https://amazon-yq.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash

Request headers

Referer
https://amazon-yq.top/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 05:59:55 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Primary Request /
amazon-yq.top/amazon/
Redirect Chain
  • https://amazon-yq.top/amazon
  • https://amazon-yq.top/amazon/
644 B
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-yq.top/amazon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.254.25.189 , China, ASN40676 (AS40676, US),
Reverse DNS
Software
nginx /
Resource Hash
a340a6b3a9d2109ce0f4196811ac4caa86eeed8c3fefeadf5bb7d16bc5cfff9c

Request headers

:method
GET
:authority
amazon-yq.top
:scheme
https
:path
/amazon/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://amazon-yq.top/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=j83ok1e35hu6lefdngk5q26ed2; __tins__20061003=%7B%22sid%22%3A%201611554394456%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201611556194456%7D; __51cke__=; __51laig__=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://amazon-yq.top/

Response headers

server
nginx
date
Mon, 25 Jan 2021 05:59:55 GMT
content-type
text/html
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
nginx
date
Mon, 25 Jan 2021 05:59:55 GMT
content-type
text/html
content-length
162
location
https://amazon-yq.top/amazon/

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| browser

4 Cookies

Domain/Path Name / Value
amazon-yq.top/ Name: __51laig__
Value: 1
amazon-yq.top/ Name: __51cke__
Value:
amazon-yq.top/ Name: __tins__20061003
Value: %7B%22sid%22%3A%201611554394456%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201611556194456%7D
amazon-yq.top/ Name: PHPSESSID
Value: j83ok1e35hu6lefdngk5q26ed2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-yq.top
ia.51.la
js.users.51.la
122.228.91.87
183.131.207.66
45.254.25.189
10937ea98001e8ddc2a54a5bc50487831ec97128a6a6dff01b3ae028aac9ca83
a0ebf877af84b85208378fe25550ce89aadf4d46fb670bfec66c240e89028fef
a340a6b3a9d2109ce0f4196811ac4caa86eeed8c3fefeadf5bb7d16bc5cfff9c