Submission: On December 03 via automatic , source phishtank
Summary
The main IP is 154.202.49.23, located in United States and belongs to CNSERVERS - CNSERVERS LLC, US. The main domain is amazeanen.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 3rd 2019. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!
Verdict: Malicious (Score: 55/100) Show Details
-
urlscan - Score: 100
phishingPhishing against Amazon Japan (Online)
-
phishtank
- Score: 10 (URL submitted from phishtank)
- phishing
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 154.202.49.23 154.202.49.23 | 40065 (CNSERVERS) (CNSERVERS - CNSERVERS LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
11 | 2 |
Domain Subdomains |
Transfer | |
---|---|---|
10 |
amazeanen.com
|
47 KB |
1 |
gstatic.com
|
2 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | amazeanen.com |
amazeanen.com
|
1 | www.gstatic.com |
amazeanen.com
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
Subject / Issuer | Validity | Valid |
---|---|---|
amazeanen.com Sectigo RSA Domain Validation Secure Server CA |
2019-12-03 - 2020-12-02 |
a year |
*.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months |
Screenshot

Detected technologies

Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Stats
0
Requests
0
Ad-blocked
0
Malicious
0
%
HTTPS
0
%
IPv6
0
Domains
0
Subdomains
0
IPs
0
Countries
0
kB
Transfer
0
kB
Size
0
Cookies
0 Outgoing links
These are links going to different origins than the main page. For each link, only the first name is shown.
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
![]() |
4 KB 2 KB |
Document text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
/indexcss |
141 KB 32 KB |
Stylesheet text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
/indexcss |
4 KB 2 KB |
Stylesheet text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translateelement.css
/indexcss |
18 KB 5 KB |
Stylesheet text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.jpg
/indexcss |
5 KB 5 KB |
Image image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_002.js.%E4%B8%8B%E8%BD%BD
/indexcss |
0 0 |
Script text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main_003.js.%E4%B8%8B%E8%BD%BD
/indexcss |
0 0 |
Script text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js.%E4%B8%8B%E8%BD%BD
/indexcss |
0 0 |
Script text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translate_24dp.png
/indexcss |
825 B 1 KB |
Image image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js.%E4%B8%8B%E8%BD%BD
/indexcss |
0 0 |
Script text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x |
2 KB 2 KB |
Image image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Redirect requests
There were HTTP redirects (301, 302) for the following requests:
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan - Score: 100
Categories:Tags:
Phishing against: Amazon Japan (Online)
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators of compromise (IoCs)
This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.
amazeanen.com www.gstatic.com 154.202.49.23 2a00:1450:4001:81f::2003 0a700c72c5db3eaab6ce5246d7b378fa51b92e01a01f321cbb55c963a6c6d02c 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213 5d293ecdf4caefa49b3806f60b23a519ebd6385534101ce0f1a4ad7b4d2ade82 5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30 c4b6ed2645519ec2c128badb2a2e7720052f8441ffa94c4f0bceca02311004da d1ceaf656e761b0d78fd70cf16a0f466d3558ea12921dc555ed341b73d24598a ecdb1fa5ffa0fb7c2700cf803057c80fb5c48a4446635ad8b71e89169b5644c1