abazon.cf
Open in
urlscan Pro
2606:4700:3031::ac43:d75c
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On January 15 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2022. Valid for: a year.
This is the only time abazon.cf was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2606:4700:303... 2606:4700:3031::ac43:d75c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:303... 2606:4700:3037::6815:4e07 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 204.12.213.60 204.12.213.60 | 32097 (WII) (WII) | |
1 | 18.66.139.96 18.66.139.96 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 2a04:4e42:200... 2a04:4e42:200::272 | 54113 (FASTLY) (FASTLY) | |
2 | 2a04:4e42:600... 2a04:4e42:600::272 | 54113 (FASTLY) (FASTLY) | |
32 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-96.fra60.r.cloudfront.net
emojiguide.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 805 |
2 MB |
6 |
abazon.cf
abazon.cf |
24 KB |
4 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 844 |
184 KB |
2 |
media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 570 |
25 KB |
1 |
emojiguide.org
emojiguide.org |
2 KB |
1 |
nicepng.com
www.nicepng.com — Cisco Umbrella Rank: 53660 |
9 KB |
32 | 6 |
Domain | Requested by | |
---|---|---|
18 | images-na.ssl-images-amazon.com |
abazon.cf
|
6 | abazon.cf |
abazon.cf
|
4 | use.fontawesome.com |
abazon.cf
use.fontawesome.com |
2 | m.media-amazon.com |
abazon.cf
|
1 | emojiguide.org |
abazon.cf
|
1 | www.nicepng.com |
abazon.cf
|
32 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-14 - 2023-01-14 |
a year | crt.sh |
nicepng.com R3 |
2021-11-24 - 2022-02-22 |
3 months | crt.sh |
emojiguide.org Amazon |
2021-05-09 - 2022-06-07 |
a year | crt.sh |
images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2021-08-09 - 2022-07-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://abazon.cf/
Frame ID: DD1B84CE1B071DFE0899D3287B120130
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
amazonDetected technologies
Flickity (JavaScript Libraries) ExpandDetected patterns
- /flickity(?:\.pkgd)?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
abazon.cf/ |
45 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flickity.css
abazon.cf/path/to/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.15.2/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
abazon.cf/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16-167642_amazon-logo-amazon-logo-white-text.png
www.nicepng.com/png/full/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qmtba11gyrtbr.png
emojiguide.org/images/emoji/r/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71esVJ4wBUL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
154 KB 154 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71rEM316brL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
221 KB 221 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81yT7t7PvRL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
232 KB 232 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
613Y4WSR6aL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51VwWpVNS9L._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51P3wjaKhFL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51zIJ1YnCCL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81eRAX3sB6L._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
97 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71E4%2BsnQjrL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
221 KB 221 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71tk2rkxmPL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
132 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61nh-s3n0YL._AC_SL1000_.jpg
images-na.ssl-images-amazon.com/images/I/ |
65 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
717mmm0oqnL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
156 KB 156 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61PlVVOd3QL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
99 KB 99 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71kuSzYG5pL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
177 KB 177 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
91fAU6mxFsL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
358 KB 359 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71trhuzbhML._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
119 KB 119 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81fstJkUlaL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
196 KB 196 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
71esVJ4wBUL._AC_SS450_.jpg
m.media-amazon.com/images/I/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61VxKu-OfEL._AC_SL1500_.jpg
images-na.ssl-images-amazon.com/images/I/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flickity.pkgd.min.js
abazon.cf/path/to/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
abazon.cf/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.js
abazon.cf/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DeliveryStaticPackard-pin_desktop_1x-c944b6819f9e5642fdfd4ff3d1109d60d66d8f87._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ |
301 B 610 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.2/webfonts/ |
78 KB 79 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.2/webfonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.2/webfonts/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abazon.cf
emojiguide.org
images-na.ssl-images-amazon.com
m.media-amazon.com
use.fontawesome.com
www.nicepng.com
18.66.139.96
204.12.213.60
2606:4700:3031::ac43:d75c
2606:4700:3037::6815:4e07
2a04:4e42:200::272
2a04:4e42:600::272
02eed066c630276afb391b8d76e9e8a4514a4ad95d4ca3af9b1fea6bfd5909b6
21413f46ad94e16bc8fc962504331ec03f2c456ba5a59294420956456aea3faa
28041c52d8046b683406d24eed1c27955cb3661ed599a9a936ae239fc579e6fd
2e0af4fb2f8ae5691d77667fcb8777bae67ae12d0e0ae8d788d89b6f4203d36c
389a767fac4a09144f240207ec2e367510e48eead79c7305b3bbcea13e79fd2c
38e3fb77cd1eada3f1cf7735274bcfe12a4554046de9ea3096ae5ca65c411fa9
3d1db0b105a87ad50dbbfd08eb0f694332db57d12300a9bbde2b3b3af457ea1f
3ddcaa97f690ee3afdaf45a47228e2f2849d87fde701a1228652784caa8862a8
43f6fe1f9953010cc25099fea6727c13c78de8f6d864f0481df30cfe81e37726
48043af580c6201d2f4a5e72a9e364251da54624ca993f34b79f012ab964181a
4c5e56d9cce1e995b1dafe486b47e94c15a9215cbbe6982325d8c0a6986d1018
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
5d74acbbb76a0952ad340b5967f999b883482d237619cd09d8029a7803daf386
642da2f66a25e1f7dc7c91b1370842e4c6a6beee00256f30915a352d222938c8
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
a23480a93e37885cccf032b54f94f4a0ed35ce184b0c80598f9bb98e7f532819
a77c7a30ed2f1b3b312e6778017deb3482fadf557e7b769d27dd99654d31f847
a91e81541b50371cf95b8edd3d813b4f457f8c69c5e8c445cc293c6503ecd501
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
c4dab74c33c0a6da6fd3d40bfde7b288033e5a181ab62d087b3f6a77e0b9b094
c7936653217a299c6b4d6145e66ab4ca109a9ffbd836c36af65dc583006601a6
c8a1111ee6e632351996bd362c21b364e3e653becf58f3170967adb6047c96a5
ce13a4cd6d049e1d6d92a99cc661b206ab862eddaa6465b0a99ac1ecc21c8328
cf23c31ca823d9f51b687d5f2c8aa869752e81391e9d16f375e241ae6cb65b04
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d83396ba83b883e3dfb3a2056e6164b031be5a0fb971232bdb99be3c20478798
e69c8e050aba947de88507ba4e06c33d1d8072fa3d882a9ba8a863087a588496
f5b4173e3c01c5c545fe146b29ac1f7a73f70b67b86e7cc1a2b1f0b259637b80
f69b41b512790e4830ed5684482e693a2a922bdc05de2e62f656c8e34e81ef51