yqvhfgs.6fhci0.cn Open in urlscan Pro
103.60.220.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://yqvhfgs.6fhci0.cn/
Submission Tags: phishing
Submission: On July 11 via api (July 11th 2020, 2:13:47 am UTC) from JP

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 11 HTTP transactions. The main IP is 103.60.220.55, located in Hong Kong and belongs to HKKFGL-AS-AP HK Kwaifong Group Limited, HK. The main domain is yqvhfgs.6fhci0.cn.

This is the only time yqvhfgs.6fhci0.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
6	103.60.220.55 103.60.220.55	133115 (HKKFGL-AS...) (HKKFGL-AS-AP HK Kwaifong Group Limited)
3	13.224.189.99 13.224.189.99	16509 (AMAZON-02) (AMAZON-02)
2	183.131.168.119 183.131.168.119	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
11	3

6 103.60.220.55 (Hong Kong)

ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK)

yqvhfgs.6fhci0.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.131.168.119 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

images-cn.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	6fhci0.cn yqvhfgs.6fhci0.cn	114 KB
5	ssl-images-amazon.com images-na.ssl-images-amazon.com images-cn.ssl-images-amazon.com	66 KB
11	2

	Domain	Requested by
6	yqvhfgs.6fhci0.cn	yqvhfgs.6fhci0.cn
3	images-na.ssl-images-amazon.com	yqvhfgs.6fhci0.cn
2	images-cn.ssl-images-amazon.com	yqvhfgs.6fhci0.cn
11	3

This site contains links to these domains. Also see Links.

Domain
www.amazon.co.jp

Subject Issuer	Validity	Valid
Images-na.ssl-images-amazon.com DigiCert SHA2 Secure Server CA	`2020-04-23` - `2021-04-24`	a year	crt.sh
images-cn-8.ssl-images-amazon.com DigiCert SHA2 High Assurance Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://yqvhfgs.6fhci0.cn/
Frame ID: 5990C49E30F9FA14EFC8D130EF2AE281
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

11
Requests

45 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

179 kB
Transfer

326 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.co.jp/ap/forgotpassword?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=jpflex&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2Famazonprime%3F_encoding%3DUTF8%26ref%3Dnav_signin&prevRID=KQT34XHM7G6DQSDPEJGH&openid.assoc_handle=jpflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: パスワードを忘れた場合

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/ap/register?showRememberMe=true&openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2Famazonprime%3F_encoding%3DUTF8%26ref%3Dnav_signin&prevRID=KQT34XHM7G6DQSDPEJGH&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=jpflex&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: Amazonアカウントを作成

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response yqvhfgs.6fhci0.cn/	9 KB 9 KB	1137ms 488ms	Document text/html	103.60.220.55 HKKFGL-AS-AP HK K...
General Check archive.org Show headers Download Go to Full URL http://yqvhfgs.6fhci0.cn/ Protocol HTTP/1.1 Server 103.60.220.55 , Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK), Reverse DNS Software / Resource Hash `55917e3a1ae3f319915a0f02d70b29a4df44b23131120aad56f7dbcb1f002780` Request headers Host yqvhfgs.6fhci0.cn Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Set-Cookie Token_ID=tNM4fU3z50GL3T91k9 Content-Type text/html Content-Length 9047 Connection keep-alive
GET H/1.1	200 OK	main.js Show response yqvhfgs.6fhci0.cn/static/main/	2 KB 2 KB	518ms 489ms	Script application/x-javascript	103.60.220.55 HKKFGL-AS-AP HK K...
General Check archive.org Show headers Download Go to Full URL http://yqvhfgs.6fhci0.cn/static/main/main.js Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/ Protocol HTTP/1.1 Server 103.60.220.55 , Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK), Reverse DNS Software / Resource Hash `eee06bcd42379695b1c8ff17a057de23ebb7d77f8ee91081762e3e33e7baf2bb` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Content-Length 2442 Content-Type application/x-javascript
GET H2	200	61ECVh+vn2L._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,314YUrkEzTL.css_.css images-na.ssl-images-amazon.com/images/I/	134 KB 23 KB	147ms 50ms	Stylesheet text/css	13.224.189.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/61ECVh+vn2L._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,314YUrkEzTL.css_.css?AUIClients/AmazonUI Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.189.99 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `dcd0056093ab95e17042b51793826382dc9bb170f402757db08a338d77ac149e` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 27 Mar 2020 00:43:36 GMT content-encoding gzip age 9634108 edge-cache-tag x-cache-119,/images/I/61ECVh+vn2L status 200 x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-119 /images/I/61ECVh+vn2L last-modified Tue, 10 Jul 2018 19:36:49 GMT server Server content-type text/css; charset=utf-8 via 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront) cache-control max-age=630720000,public x-amz-ir-id efb58fe9-5dde-4720-a6af-9a2daf238b00 x-amz-cf-pop FRA2-C1 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id oFcv7pPzn3DRkJsa2CD8ttTN4cUXwdiExpRfaeb-zQTFjRrA26lWVw== expires Fri, 16 Mar 2040 14:04:59 GMT
GET H2	200	01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css images-na.ssl-images-amazon.com/images/I/	46 KB 9 KB	178ms 82ms	Stylesheet text/css	13.224.189.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css?AUIClients/AuthenticationPortalAssets Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.189.99 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 01 Jul 2020 15:21:13 GMT content-encoding gzip age 858042 edge-cache-tag x-cache-296,/images/I/01SdjaY0ZsL status 200 x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-296 /images/I/01SdjaY0ZsL last-modified Sat, 30 May 2015 02:58:48 GMT server Server content-type text/css via 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront) cache-control max-age=630720000,public x-amz-ir-id 1d5576dc-5fd6-495c-9191-9c35127ad98e x-amz-cf-pop FRA2-C1 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id MSVtfuJDtmuLjm-ujQiJkLCLfeUiNx2WCvR4g2ftW1mEyJmB4yEA7A== expires Tue, 26 Jun 2040 03:52:45 GMT
GET H2	200	11E08O3eXDL.css images-na.ssl-images-amazon.com/images/I/	2 KB 1 KB	172ms 75ms	Stylesheet text/css	13.224.189.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/11E08O3eXDL.css?AUIClients/CVFAssets Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.189.99 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 30 Mar 2020 03:20:19 GMT content-encoding gzip age 9092119 edge-cache-tag x-cache-509,/images/I/11E08O3eXDL status 200 x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-509 /images/I/11E08O3eXDL last-modified Fri, 27 Mar 2020 19:40:05 GMT server Server content-type text/css; charset=utf-8 via 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront) cache-control max-age=630720000,public x-amz-ir-id 993d2c9c-72b2-42a2-8dad-b459f42cf3e0 x-amz-cf-pop FRA2-C1 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id ZZ2gPNnEaqSSZZ8-wqq_VGsYLc8jg1XySQ1P35iM6S-lnvOCKePRjQ== expires Thu, 22 Mar 2040 20:38:08 GMT
GET H/1.1	200 OK	jquery.loadmask.css yqvhfgs.6fhci0.cn/static/main/	3 KB 3 KB	259ms 258ms	Stylesheet text/css	103.60.220.55 HKKFGL-AS-AP HK K...
General Check archive.org Show headers Download Go to Full URL http://yqvhfgs.6fhci0.cn/static/main/jquery.loadmask.css Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/static/main/main.js Protocol HTTP/1.1 Server 103.60.220.55 , Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK), Reverse DNS Software / Resource Hash `1d268f01306f97ee5bbba5026055beb466fb07702e59761be7727345c9cf7a9a` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Content-Length 2730 Content-Type text/css
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response yqvhfgs.6fhci0.cn/static/main/	90 KB 91 KB	257ms 256ms	Script application/x-javascript	103.60.220.55 HKKFGL-AS-AP HK K...
General Check archive.org Show headers Download Go to Full URL http://yqvhfgs.6fhci0.cn/static/main/jquery-1.9.1.min.js Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/static/main/main.js Protocol HTTP/1.1 Server 103.60.220.55 , Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK), Reverse DNS Software / Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Content-Length 92629 Content-Type application/x-javascript
GET H/1.1	200 OK	jquery.loadmask.min.js Show response yqvhfgs.6fhci0.cn/static/main/	6 KB 6 KB	512ms 485ms	Script application/x-javascript	103.60.220.55 HKKFGL-AS-AP HK K...
General Check archive.org Show headers Download Go to Full URL http://yqvhfgs.6fhci0.cn/static/main/jquery.loadmask.min.js Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/static/main/main.js Protocol HTTP/1.1 Server 103.60.220.55 , Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK), Reverse DNS Software / Resource Hash `64dae557f43e49f0a7f30c3012ea5d135f60dd149330cd909b2e671376c701fd` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Content-Length 5636 Content-Type application/x-javascript
GET H/1.1	200 OK	jquery.cookie.js Show response yqvhfgs.6fhci0.cn/static/main/	3 KB 3 KB	516ms 488ms	Script application/x-javascript	103.60.220.55 HKKFGL-AS-AP HK K...
General Check archive.org Show headers Download Go to Full URL http://yqvhfgs.6fhci0.cn/static/main/jquery.cookie.js Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/static/main/main.js Protocol HTTP/1.1 Server 103.60.220.55 , Hong Kong, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK), Reverse DNS Software / Resource Hash `b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8` Request headers Referer http://yqvhfgs.6fhci0.cn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Content-Length 3121 Content-Type application/x-javascript
GET H/1.1	200 OK	AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png images-cn.ssl-images-amazon.com/images/G/01/AUIClients/	27 KB 28 KB	791ms 246ms	Image image/png	183.131.168.119 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://images-cn.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/static/main/jquery-1.9.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.168.119 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software PWS/8.3.1.0.8 / Resource Hash `437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5` Request headers Referer https://images-na.ssl-images-amazon.com/images/I/61ECVh+vn2L._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,314YUrkEzTL.css_.css?AUIClients/AmazonUI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 11 Jul 2020 02:13:29 GMT Age 1 Edge-Cache-Tag x-cache-950,/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013 X-Via 1.1 PSfjqzdx7nj29:1 (W), 1.1 hdx46:8 (W), 1.1 zhjhzh16:14 (W) Connection keep-alive Content-Length 27972 Surrogate-key x-cache-950 /images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013 Last-Modified Fri, 22 Sep 2017 00:23:19 GMT Server PWS/8.3.1.0.8 X-Ws-Request-Id 5f092049_hzh76_65619-50906 Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=630720000,public X-Amz-IR-Id 215d17e0-0228-4a13-8364-e891fa292abf Timing-Allow-Origin https://www.amazon.com Expires Sun, 01 Jul 2040 22:37:16 GMT
GET H/1.1	200 OK	AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea._V2_.png images-cn.ssl-images-amazon.com/images/G/01/AUIClients/	4 KB 4 KB	1255ms 246ms	Image image/png	183.131.168.119 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://images-cn.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea._V2_.png Requested by Host: yqvhfgs.6fhci0.cn URL: http://yqvhfgs.6fhci0.cn/static/main/jquery-1.9.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.168.119 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software PWS/8.3.1.0.8 / Resource Hash `a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483` Request headers Referer https://images-na.ssl-images-amazon.com/images/I/61ECVh+vn2L._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,314YUrkEzTL.css_.css?AUIClients/AmazonUI User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 11 Jul 2020 02:13:29 GMT Age 1 Edge-Cache-Tag x-cache-515,/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea X-Via 1.1 PSbjwjBGP2fy236:7 (W), 1.1 PSfjqzdx7nj29:8 (W), 1.1 PSzjjhdx6bf111:4 (W), 1.1 hzh76:0 (W) Connection keep-alive Content-Length 3589 Surrogate-key x-cache-515 /images/G/01/AUIClients/AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea Last-Modified Tue, 06 Oct 2015 22:39:54 GMT Server PWS/8.3.1.0.8 X-Ws-Request-Id 5f092049_hzh76_65619-50934 Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=630720000,public X-Amz-IR-Id a4a71e3d-739a-4165-9fd6-d90043cf7e7c Timing-Allow-Origin https://www.amazon.com Expires Fri, 29 Jun 2040 14:24:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| ue_t0 function| postvalue function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images-cn.ssl-images-amazon.com
images-na.ssl-images-amazon.com
yqvhfgs.6fhci0.cn
103.60.220.55
13.224.189.99
183.131.168.119
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381
1d268f01306f97ee5bbba5026055beb466fb07702e59761be7727345c9cf7a9a
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
55917e3a1ae3f319915a0f02d70b29a4df44b23131120aad56f7dbcb1f002780
64dae557f43e49f0a7f30c3012ea5d135f60dd149330cd909b2e671376c701fd
8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
dcd0056093ab95e17042b51793826382dc9bb170f402757db08a338d77ac149e
eee06bcd42379695b1c8ff17a057de23ebb7d77f8ee91081762e3e33e7baf2bb

yqvhfgs.6fhci0.cn Open in urlscan Pro 103.60.220.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

11 Requests

45 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

179 kBTransfer

326 kBSize

0 Cookies

2 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

yqvhfgs.6fhci0.cn Open in urlscan Pro
103.60.220.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

45 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

179 kB
Transfer

326 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!