amuzonz-io.shop - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 107.150.7.68, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is amuzonz-io.shop.
TLS certificate: Issued by R3 on August 9th 2021. Valid for: 3 months.

This is the only time amuzonz-io.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 5	107.150.7.68 107.150.7.68	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2	2a02:26f0:6c0... 2a02:26f0:6c00:293::108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2

5 107.150.7.68 (Los Angeles, United States) 3 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 107.150.7.68.static.quadranet.com

amuzonz-io.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:293::108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	amuzonz-io.shop 3 redirects amuzonz-io.shop	4 KB
2	ssl-images-amazon.com images-na.ssl-images-amazon.com	40 KB
4	2

	Domain	Requested by
5	amuzonz-io.shop	3 redirects amuzonz-io.shop
2	images-na.ssl-images-amazon.com	amuzonz-io.shop images-na.ssl-images-amazon.com
4	2

This site contains no links.

Subject Issuer	Validity	Valid
www.amuzonz-io.shop R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
images-fe.ssl-images-amazon.com GeoTrust RSA CA 2018	`2020-06-24` - `2021-09-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://amuzonz-io.shop/87198/
Frame ID: 12D1F750D62E91A7F6E8692D0897BF1F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://amuzonz-io.shop/ HTTP 301
https://amuzonz-io.shop/ Page URL
https://amuzonz-io.shop/pc.php HTTP 302
https://amuzonz-io.shop/87198 HTTP 301
https://amuzonz-io.shop/87198/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

4
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

44 kB
Transfer

148 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://amuzonz-io.shop/ HTTP 301
https://amuzonz-io.shop/ Page URL
https://amuzonz-io.shop/pc.php HTTP 302
https://amuzonz-io.shop/87198 HTTP 301
https://amuzonz-io.shop/87198/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://amuzonz-io.shop/ HTTP 301
https://amuzonz-io.shop/

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response amuzonz-io.shop/ Redirect Chain http://amuzonz-io.shop/ https://amuzonz-io.shop/	866 B 416 B	520ms 186ms	Document text/html	107.150.7.68 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amuzonz-io.shop/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.150.7.68 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 107.150.7.68.static.quadranet.com Software Apache / Resource Hash `e27f419a5bc8ee943bfcc0a4fadb7da1b9c88fa949fbb844f7e54196bfc139ef` Request headers :method GET :authority amuzonz-io.shop :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 13:01:15 GMT server Apache vary Accept-Encoding content-encoding gzip content-length 320 content-type text/html; charset=UTF-8 Redirect headers Date Fri, 13 Aug 2021 13:01:15 GMT Server Apache Location https://amuzonz-io.shop/ Content-Length 297 Connection close Content-Type text/html; charset=iso-8859-1
GET H2	200	Primary Request / Show response amuzonz-io.shop/87198/ Redirect Chain https://amuzonz-io.shop/pc.php https://amuzonz-io.shop/87198 https://amuzonz-io.shop/87198/	11 KB 3 KB	265ms 264ms	Document text/html	107.150.7.68 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amuzonz-io.shop/87198/ Requested by Host: amuzonz-io.shop URL: https://amuzonz-io.shop/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.150.7.68 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS 107.150.7.68.static.quadranet.com Software Apache / Resource Hash `10be514f3eb2eb76d1c97019eee8542452edc10d3eef776f52a0a8af3ddb35e6` Request headers :method GET :authority amuzonz-io.shop :scheme https :path /87198/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://amuzonz-io.shop/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://amuzonz-io.shop/ Response headers date Fri, 13 Aug 2021 13:01:16 GMT server Apache vary Accept-Encoding content-encoding gzip content-length 3265 content-type text/html; charset=UTF-8 Redirect headers date Fri, 13 Aug 2021 13:01:16 GMT server Apache location https://amuzonz-io.shop/87198/ content-length 304 content-type text/html; charset=iso-8859-1
GET H2	200	AmazonUI-af9e9b82cae7003c8a1d2f2e239005b802c674a4._V2_.css images-na.ssl-images-amazon.com/images/G/01/AUIClients/	113 KB 16 KB	24ms 7ms	Stylesheet text/css	2a02:26f0:6c00:293::108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-af9e9b82cae7003c8a1d2f2e239005b802c674a4._V2_.css Requested by Host: amuzonz-io.shop URL: https://amuzonz-io.shop/87198/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:293::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash `02f9e4f6271092d6fa6ac1854427e1ab744a58b9b7f58a02afe29f81a914baec` Request headers Referer https://amuzonz-io.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin https://www.amazon.com date Fri, 13 Aug 2021 13:01:15 GMT content-encoding br surrogate-key x-cache-680 /images/G/01/AUIClients/AmazonUI-af9e9b82cae7003c8a1d2f2e239005b802c674a4 last-modified Wed, 28 Jul 2021 20:40:41 GMT server Akamai Resource Optimizer vary Accept-Encoding x-cache Hit from akamai x-nginx-cache-status MISS access-control-allow-origin * cache-control public, max-age=630656185 x-amz-ir-id fa7faa01-eb9a-40f9-9c31-e4dd357093a4 content-type text/css; charset=utf-8 content-length 15809 expires Wed, 07 Aug 2041 19:17:40 GMT
GET H2	200	AmazonUIBaseCSS-sprite_1x-8fe8c701c7a6f38368f97a8a3f04d5f25875be4d._V2_.png images-na.ssl-images-amazon.com/images/G/01/AUIClients/	24 KB 24 KB	12ms 12ms	Image image/png	2a02:26f0:6c00:293::108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-8fe8c701c7a6f38368f97a8a3f04d5f25875be4d._V2_.png Requested by Host: images-na.ssl-images-amazon.com URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-af9e9b82cae7003c8a1d2f2e239005b802c674a4._V2_.css#AUIClients/AmazonUI.fr.rendering_engine-not-trident.secure.min Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:293::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Server / Resource Hash `84ea8004fab8c9fd2911393bcc36020df3ba4f83e2762425fbe0e79653a8b3f2` Request headers Referer https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-af9e9b82cae7003c8a1d2f2e239005b802c674a4._V2_.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin https://www.amazon.com date Fri, 13 Aug 2021 13:01:15 GMT surrogate-key x-cache-314 /images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-8fe8c701c7a6f38368f97a8a3f04d5f25875be4d last-modified Tue, 20 Oct 2015 02:26:17 GMT server Server x-cache Hit from akamai x-nginx-cache-status MISS access-control-allow-origin * cache-control public, max-age=630720000 x-amz-ir-id 696ec1f4-08c9-49e5-bf0f-370914d1a2bd accept-ranges bytes content-type image/png content-length 24594 expires Thu, 08 Aug 2041 13:01:15 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amuzonz-io.shop
images-na.ssl-images-amazon.com
107.150.7.68
2a02:26f0:6c00:293::108
02f9e4f6271092d6fa6ac1854427e1ab744a58b9b7f58a02afe29f81a914baec
10be514f3eb2eb76d1c97019eee8542452edc10d3eef776f52a0a8af3ddb35e6
84ea8004fab8c9fd2911393bcc36020df3ba4f83e2762425fbe0e79653a8b3f2
e27f419a5bc8ee943bfcc0a4fadb7da1b9c88fa949fbb844f7e54196bfc139ef

amuzonz-io.shop Open in urlscan Pro 107.150.7.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

50 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

44 kBTransfer

148 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

Indicators

amuzonz-io.shop Open in urlscan Pro
107.150.7.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

44 kB
Transfer

148 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!