www.amazon.esp.bravaidea.com
Open in
urlscan Pro
131.255.104.66
Malicious Activity!
Public Scan
Submission: On February 25 via automatic, source openphish
Summary
This is the only time www.amazon.esp.bravaidea.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 131.255.104.66 131.255.104.66 | 3549 (LVLT-3549) (LVLT-3549 - Level 3 Parent) | |
7 | 54.192.202.61 54.192.202.61 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 54.86.18.207 54.86.18.207 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 107.23.205.142 107.23.205.142 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 2 | 52.94.232.32 52.94.232.32 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 34.239.40.46 34.239.40.46 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
24 | 6 |
ASN3549 (LVLT-3549 - Level 3 Parent, LLC, US)
PTR: 131.255-104-66.dyn.yupity.net
www.amazon.esp.bravaidea.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-202-61.fra50.r.cloudfront.net
images-na.ssl-images-amazon.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-18-207.compute-1.amazonaws.com
fls-na.amazon.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-205-142.compute-1.amazonaws.com
fls-na.amazon.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s.amazon-adsystem.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-239-40-46.compute-1.amazonaws.com
fls-na.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
bravaidea.com
www.amazon.esp.bravaidea.com |
294 KB |
7 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com |
174 KB |
4 |
amazon.com
fls-na.amazon.com |
1 KB |
2 |
amazon-adsystem.com
1 redirects
s.amazon-adsystem.com |
704 B |
24 | 4 |
Domain | Requested by | |
---|---|---|
12 | www.amazon.esp.bravaidea.com |
www.amazon.esp.bravaidea.com
|
7 | images-na.ssl-images-amazon.com |
www.amazon.esp.bravaidea.com
|
4 | fls-na.amazon.com |
www.amazon.esp.bravaidea.com
images-na.ssl-images-amazon.com |
2 | s.amazon-adsystem.com |
1 redirects
www.amazon.esp.bravaidea.com
|
24 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2018-05-30 - 2019-07-19 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://www.amazon.esp.bravaidea.com/AWS/mobil/signin.php?https://www.amazon.com/gp/product/B00DBYBNEE/ref=nav_prime_try_btn
Frame ID: F78C2EDF395C7C330A7559E6B6FE7940
Requests: 22 HTTP requests in this frame
Frame:
http://www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/iu3.html
Frame ID: 4F6A8D5DC6125284D5A879F575E165AE
Requests: 1 HTTP requests in this frame
Frame:
http://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c3ee02b8aa16837b6ab974fd4ccaf5cf5277ad53ebd5f798d95103249704dcba&old_oo=0&cb=1482357766557&dcc=t
Frame ID: 23D65F88E3014FFB3BEBD079C0A226B4
Requests: 1 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Interest-Based Ads
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- http://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c3ee02b8aa16837b6ab974fd4ccaf5cf5277ad53ebd5f798d95103249704dcba&old_oo=0&cb=1482357766557 HTTP 302
- http://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c3ee02b8aa16837b6ab974fd4ccaf5cf5277ad53ebd5f798d95103249704dcba&old_oo=0&cb=1482357766557&dcc=t
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
signin.php
www.amazon.esp.bravaidea.com/AWS/mobil/ |
85 KB 85 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js.download
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUI-4d9fe782128796a75d80fd4278326655b3e465b5._V2_.css
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
118 KB 118 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUI-061bbe73b85d3ca352867949ac154ba49d823994._V2_.js.download
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AuthenticationPortalAssets-253c330cc117c7baf9daf5318cd1f0a849ac774b._V2_.js.download
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FWCIMAssets-6cd9b9548d51ff660b6128f579a62611fae659cb._V2_.js.download
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
41Y08c0fWmL._RC-01K9In6Wg+L.js_.js.download
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
51ckpz45NQL._RC-31kFOWfG4QL.css_.css
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-sprite-32-v6._CB276078445_.png
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUI-061bbe73b85d3ca352867949ac154ba49d823994._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
294 KB 92 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationPortalAssets-253c330cc117c7baf9daf5318cd1f0a849ac774b._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
78 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FWCIMAssets-6cd9b9548d51ff660b6128f579a62611fae659cb._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
24 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUI-061bbe73b85d3ca352867949ac154ba49d823994._V2_.js.download
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global-sprite-32-v6._CB276078445_.png
images-na.ssl-images-amazon.com/images/G/01/gno/sprites/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iu3.html
www.amazon.esp.bravaidea.com/AWS/mobil/Amazon%20Sign%20In_files/ Frame 4F6A |
375 B 616 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
csm-features:impression-tracking
fls-na.amazon.com/1/action-impressions/1/OP/csm/action/ |
43 B 347 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41Y08c0fWmL._RC%7C01K9In6Wg+L.js_.js
images-na.ssl-images-amazon.com/images/I/ |
31 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uedata
www.amazon.esp.bravaidea.com/ap/ |
326 B 326 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATVPDKIKX0DER:156-3869560-0198813:2JYNX9KVK2XFVM8MNTQB$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.417.186%26id%3D2JYNX9KVK2XFVM8MNTQB%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3D2JYNX9...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATVPDKIKX0DER:156-3869560-0198813:2JYNX9KVK2XFVM8MNTQB$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.417.186%26id%3D2JYNX9KVK2XFVM8MNTQB%26ctb%3D1%26sc0%3Diss-init-aw%26bb0%3D2054%26cf0%3D2054%26be0%3D2054%...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 224 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iu3
s.amazon-adsystem.com/ Frame 23D6 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 293 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl number| ue_fcsn number| ue_urt string| ue_fpf number| ue_tbpv number| ue_swi function| ue_viz number| ue_hoe object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart object| amzn number| nav_t_after_preload_JS function| $Nav string| _navbarSpriteUrl number| nav_t_upnav_begin object| navmet number| nav_t_after_ANI number| nav_t_after_config_declaration number| nav_t_after_searchbar number| nav_t_after_navbar number| nav_t_end_nav function| cf object| ue_mbl string| ue_pty string| ue_spty function| _uess object| jQuery16407462439388226929 boolean| isEmailFieldClearedOnSignInPage boolean| isPrepopulateEnabled function| prepopulateEmailAndPassword object| fwcim1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.amazon.esp.bravaidea.com/ | Name: csm-hit Value: s-2JYNX9KVK2XFVM8MNTQB|1551117448117 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fls-na.amazon.com
images-na.ssl-images-amazon.com
s.amazon-adsystem.com
www.amazon.esp.bravaidea.com
107.23.205.142
131.255.104.66
34.239.40.46
52.94.232.32
54.192.202.61
54.86.18.207
0dcfd6753b0d267dda865d7fe71a6a8cc0e8ec63c911dd7ef5243b9073f2e044
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a
486ae70c7a7986e7ddb9a397c0e89e7d9a54c68a27f7f698799269fb517b6b18
51a68dff3b6a64e827c5d683acd15962fbf694cc435e184f37a559b98154013a
55fb0d899302d13dccd6130480e52af7f174ea67865a81e8abf17beebc782845
620686b54850ae47e8a84e80ce1e76c0fe5e4765baef42e7f55066db6b435e2a
72c6622420107db61a3190b181bbd7de840c637e9a3293350097a05538a95ac1
8c6e78292b26aff7da0ac43c34edadbff263b2780f9fae78b9cb12d11b7ee0f7
92572ff2713daee1de2a1e0cc914d1b42bef21f0e5001721bd8bc19b79f1a643
94a8a6f3b1c6d30381f7e737d9d74953424d5b9703c42b82e2429b27b3985a40
9d01a01c6a5c84cb4a09eb5b01c58ec6d5ef0082787fc64888e7e182852888b3
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a5d44b414308cd457bfff616a99b9e0e7905545d53b423625434bf3bb23c2a
ef9336661b4f33b1160cab9443d244681a448858818424fa075c8e42efa58b65