amazon-xl.top
Open in
urlscan Pro
45.88.5.253
Malicious Activity!
Public Scan
Submission: On November 22 via automatic, source openphish
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on November 22nd 2020. Valid for: a year.
This is the only time amazon-xl.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 45.88.5.253 45.88.5.253 | 40676 (AS40676) (AS40676) | |
12 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
amazon-xl.top
amazon-xl.top |
202 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | amazon-xl.top |
amazon-xl.top
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
amazon-xl.top TrustAsia TLS RSA CA |
2020-11-22 - 2021-11-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazon-xl.top/amazon/login/login.php
Frame ID: 0189E9BD91607A0BE99D80A17D60E94B
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
amazon-xl.top/amazon/login/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61ccss.css
amazon-xl.top/amazon/login/static/css/ |
133 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01Scss.css
amazon-xl.top/amazon/login/static/css/ |
49 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11Hcss.css
amazon-xl.top/amazon/login/static/css/ |
2 KB 914 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
amazon-xl.top/amazon/login/static/js/ |
156 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
amazon-xl.top/amazon/login/static/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sire.form.js
amazon-xl.top/amazon/login/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21Qcss.css
amazon-xl.top/amazon/login/static/css/ |
79 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219css.css
amazon-xl.top/amazon/login/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sm-smile-sprite-global-1.png
amazon-xl.top/amazon/login/static/picture/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sm-smile-sprite-global-1.png
amazon-xl.top/amazon/login/static/image/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_2x-a3d92a.png
amazon-xl.top/amazon/login/static/image/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon Japan (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| inputNull1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amazon-xl.top/ | Name: PHPSESSID Value: g0etqmjh04810ali0d3e8ojuu0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon-xl.top
45.88.5.253
11eba57b5417362f44b4cd0c9b613eecd5716222b14f8317997c7772b322480c
2726b276dab1228ed7e29aef6370fccd6801ed15d3bde151684d3120d36a29d4
465c2a9824f70ca7950230859a2ac72673c455d109994e1465fd6f0e2cf27245
768163ea85bed1a02f74c76a990471969bf40e1b0a2ab522d743dfa1e8872b64
7ac7d3edb543cef54c17951395f8e75f644d0b91bb1fe4ae337590ec22e52673
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
9b0aefe54ebbd7be0754858d3cfb57d7d73ffa32875cfbaa77e440f2b1ca474d
9c441acfd95a33ab228828376dda482631e0a8a0153d60794abbf16b32d247b0
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a
f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a
f5b6e0ff10a1f98ca5f76330837e57d20ca904b94123540bdb966bebff747a89