amazon-b.top
Open in
urlscan Pro
2.58.228.140
Malicious Activity!
Public Scan
Submission: On October 21 via manual from CH
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on October 21st 2020. Valid for: a year.
This is the only time amazon-b.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2.58.228.140 2.58.228.140 | 40676 (AS40676) (AS40676) | |
12 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
amazon-b.top
amazon-b.top |
202 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | amazon-b.top |
amazon-b.top
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
amazon-b.top TrustAsia TLS RSA CA |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazon-b.top/amazon/login/login.php
Frame ID: 34B9A22D7154D51A372B55F3DA9DACB1
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
amazon-b.top/amazon/login/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61ccss.css
amazon-b.top/amazon/login/static/css/ |
133 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01Scss.css
amazon-b.top/amazon/login/static/css/ |
49 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11Hcss.css
amazon-b.top/amazon/login/static/css/ |
2 KB 914 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
amazon-b.top/amazon/login/static/js/ |
156 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
amazon-b.top/amazon/login/static/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sire.form.js
amazon-b.top/amazon/login/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21Qcss.css
amazon-b.top/amazon/login/static/css/ |
79 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219css.css
amazon-b.top/amazon/login/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sm-smile-sprite-global-1.png
amazon-b.top/amazon/login/static/picture/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sm-smile-sprite-global-1.png
amazon-b.top/amazon/login/static/image/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_2x-a3d92a.png
amazon-b.top/amazon/login/static/image/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon Japan (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amazon-b.top/ | Name: PHPSESSID Value: jm9pvo54g6notjvp5eripba9c6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon-b.top
2.58.228.140
11eba57b5417362f44b4cd0c9b613eecd5716222b14f8317997c7772b322480c
2726b276dab1228ed7e29aef6370fccd6801ed15d3bde151684d3120d36a29d4
431b0f299a481e1d6edfd4ccccd0f0860f75cb9c5a7bfb3d011c102bfc81ffae
465c2a9824f70ca7950230859a2ac72673c455d109994e1465fd6f0e2cf27245
768163ea85bed1a02f74c76a990471969bf40e1b0a2ab522d743dfa1e8872b64
7ac7d3edb543cef54c17951395f8e75f644d0b91bb1fe4ae337590ec22e52673
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
9c441acfd95a33ab228828376dda482631e0a8a0153d60794abbf16b32d247b0
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a
f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a
f5b6e0ff10a1f98ca5f76330837e57d20ca904b94123540bdb966bebff747a89