www.amazon.co.adminuer.xyz Open in urlscan Pro
173.82.245.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_se...
Submission: On December 27 via automatic, source openphish (December 27th 2021, 12:24:35 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 173.82.245.15, located in Los Angeles, United States and belongs to MULTA-ASN1, US. The main domain is www.amazon.co.adminuer.xyz.
TLS certificate: Issued by R3 on December 27th 2021. Valid for: 3 months.

This is the only time www.amazon.co.adminuer.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
14	173.82.245.15 173.82.245.15	35916 (MULTA-ASN1) (MULTA-ASN1)
3	2a04:4e42:400... 2a04:4e42:400::272	54113 (FASTLY) (FASTLY)
17	2

14 173.82.245.15 (Los Angeles, United States)

ASN35916 (MULTA-ASN1, US)
PTR: pzrcen.ml

www.amazon.co.adminuer.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::272 (United States)

ASN54113 (FASTLY, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	adminuer.xyz www.amazon.co.adminuer.xyz	202 KB
3	ssl-images-amazon.com images-na.ssl-images-amazon.com	15 KB
17	2

	Domain	Requested by
14	www.amazon.co.adminuer.xyz	www.amazon.co.adminuer.xyz
3	images-na.ssl-images-amazon.com	www.amazon.co.adminuer.xyz
17	2

This site contains no links.

Subject Issuer	Validity	Valid
www.amazon.co.adminuer.xyz R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2021-08-09` - `2022-07-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888
Frame ID: E922A6E6E3505783301713D1EBE21F0A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your Αmazon Account

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

217 kB
Transfer

775 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request details.php Show response www.amazon.co.adminuer.xyz/b5f9a/	38 KB 8 KB	979ms 651ms	Document text/html	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `ea111433c02a4f3dc1b15bd076ae035e69606d8261b48284a830ec6724b55cbb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding content-encoding gzip content-length 8148 content-type text/html; charset=UTF-8 date Mon, 27 Dec 2021 12:24:30 GMT server Apache
GET H2	200	details-js.js Show response www.amazon.co.adminuer.xyz/js/	9 KB 4 KB	171ms 170ms	Script application/javascript	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/js/details-js.js Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `25637cdca66488dd13243f3d3649677eebe3a473c672e8785a2c89a7cdb6de2d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 15 Nov 2021 07:47:44 GMT server Apache etag "2334-5d0cf062d6800-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4069
GET H2	200	nav-hiden.css www.amazon.co.adminuer.xyz/css/	125 KB 20 KB	462ms 461ms	Stylesheet text/css	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/css/nav-hiden.css Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `2558804c25b156f25bef02b6097a020471ef71d6dc9a77f023508d4173e5a916` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 15 Nov 2021 07:47:44 GMT server Apache etag "1f31a-5d0cf062d6800-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 20019
GET H2	200	details-css.css www.amazon.co.adminuer.xyz/css/	19 KB 4 KB	475ms 474ms	Stylesheet text/css	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/css/details-css.css Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `7f195317f27500af4bf74a9af8b1deb25a15d6183d31773c92b979429444c6aa` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 15 Nov 2021 07:47:44 GMT server Apache etag "4bf7-5d0cf062d6800-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4194
GET H2	200	familly.css www.amazon.co.adminuer.xyz/css/	10 KB 3 KB	321ms 321ms	Stylesheet text/css	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/css/familly.css Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `1790d51f7cc313a6d973bdf56a4e46e6f343bb9d0837a6b3cd3b9d8f83f87e29` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 15 Nov 2021 07:47:44 GMT server Apache etag "2978-5d0cf062d6800-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2577
GET H2	200	details-css.min.css www.amazon.co.adminuer.xyz/css/	113 KB 19 KB	300ms 300ms	Stylesheet text/css	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/css/details-css.min.css Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `a88801e1e68900f66536fbb00138fca0eab027bfab0b3ee8e68f43420deafc5b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 15 Nov 2021 07:47:44 GMT server Apache etag "1c446-5d0cf062d6800-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 19169
GET H2	200	m3.png www.amazon.co.adminuer.xyz/b5f9a/img/	26 KB 26 KB	602ms 601ms	Image image/png	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.amazon.co.adminuer.xyz/b5f9a/img/m3.png Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `0829ed551189761bbe34e63b998ed05ed880b77d0353c6eed2c53cbea2dbf113` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache accept-ranges bytes etag "6845-5d41cce98f01c" content-length 26693 content-type image/png
GET H2	200	1111.gif www.amazon.co.adminuer.xyz/b5f9a/img/	1 KB 1 KB	472ms 472ms	Image image/gif	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.amazon.co.adminuer.xyz/b5f9a/img/1111.gif Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `2016f589634df2705698036db915cdfb4b48ec0217ac67eacbe85701bd2bd565` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache accept-ranges bytes etag "53a-5d41cce98f01c" content-length 1338 content-type image/gif
GET H2	200	done.png www.amazon.co.adminuer.xyz/b5f9a/img/	460 B 508 B	605ms 604ms	Image image/png	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.amazon.co.adminuer.xyz/b5f9a/img/done.png Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `a6eaea72dc489fcbe68a0e89cc241d59d9fb09907e016a748f52457ad62bc396` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache accept-ranges bytes etag "1cc-5d41cce98f404" content-length 460 content-type image/png
GET H2	200	details-css-secure.min.css www.amazon.co.adminuer.xyz/css/	113 KB 19 KB	452ms 451ms	Stylesheet text/css	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/css/details-css-secure.min.css Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `a88801e1e68900f66536fbb00138fca0eab027bfab0b3ee8e68f43420deafc5b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 15 Nov 2021 07:47:44 GMT server Apache etag "1c446-5d0cf062d6800-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 19169
GET H2	200	jquery.js Show response www.amazon.co.adminuer.xyz/b5f9a/	287 KB 86 KB	605ms 604ms	Script application/javascript	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/b5f9a/jquery.js Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `d5732912d03878a5cd3695dc275a6630fb3c255fa7c0b744ab08897824049327` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache etag "47b12-5d41cce98fbd4-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	jquery.maskedinput.js Show response www.amazon.co.adminuer.xyz/b5f9a/	10 KB 3 KB	473ms 472ms	Script application/javascript	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.amazon.co.adminuer.xyz/b5f9a/jquery.maskedinput.js Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT content-encoding gzip last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache etag "2902-5d41cce98ec34-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2660
GET H2	200	navAmazonLogoFooter._CB169459313_.gif images-na.ssl-images-amazon.com/images/G/01/gno/images/general/	1 KB 1 KB	161ms 119ms	Image image/gif	2a04:4e42:400::272 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._CB169459313_.gif Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `bde31848f3c02d44b188927f63b8724262cf12a30a2bef988f81698ecbbf5790` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin https://www.amazon.com date Mon, 27 Dec 2021 12:24:30 GMT last-modified Fri, 25 Feb 2011 23:52:54 GMT age 1361 x-cache HIT from fastly, HIT from fastly x-nginx-cache-status HIT access-control-allow-origin * expires Thu, 16 Dec 2021 03:54:09 GMT cache-control max-age=3600,public x-amz-ir-id a11e7250-ac56-4581-8cf4-d9a1562fedb0 accept-ranges bytes content-type image/gif content-length 1216 x-served-by cache-dca17757-DCA, cache-mxp6945-MXP
GET H2	200	log.png www.amazon.co.adminuer.xyz/b5f9a/img/	1 KB 2 KB	265ms 264ms	Image image/png	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.amazon.co.adminuer.xyz/b5f9a/img/log.png Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `765dd2ecce31f4944b9a329ac0bb16014e0d006a1aa3e4bb7e8d1d2ac4eb1b80` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache accept-ranges bytes etag "5d3-5d41cce98f01c" content-length 1491 content-type image/png
GET H2	200	m1.png www.amazon.co.adminuer.xyz/b5f9a/img/	7 KB 7 KB	264ms 264ms	Image image/png	173.82.245.15 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.amazon.co.adminuer.xyz/b5f9a/img/m1.png Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.82.245.15 Los Angeles, United States, ASN35916 (MULTA-ASN1, US), Reverse DNS pzrcen.ml Software Apache / Resource Hash `33c340129401ce17469be926a61e06e8a4d49321bc6add7d186cd3274a75bb18` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 12:24:31 GMT last-modified Mon, 27 Dec 2021 08:51:13 GMT server Apache accept-ranges bytes etag "1c13-5d41cce98f01c" content-length 7187 content-type image/png
GET H2	200	default_customer_icon._V331656993_.png images-na.ssl-images-amazon.com/images/G/01//x-locale/personalization/yourstore/hud/	5 KB 5 KB	20ms 20ms	Image image/png	2a04:4e42:400::272 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01//x-locale/personalization/yourstore/hud/default_customer_icon._V331656993_.png Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/css/familly.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `4b9493a939ee93609e5f601821d6c0fe55b8f2f0d3bbbffd69e3840de3796f16` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin https://www.amazon.com date Mon, 27 Dec 2021 12:24:31 GMT last-modified Wed, 14 Jan 2015 23:22:53 GMT age 4621823 x-cache HIT from fastly, HIT from fastly x-nginx-cache-status HIT access-control-allow-origin * expires Sat, 19 Oct 2041 04:44:58 GMT cache-control max-age=630720000,public x-amz-ir-id 69e56c0b-2a19-479e-9b41-55d3c781c56b accept-ranges bytes content-type image/png content-length 5203 x-served-by cache-dca17773-DCA, cache-mxp6945-MXP
GET H2	200	sprite-map._CB332026835_.png images-na.ssl-images-amazon.com/images/G/01/payments-portal/r1/issuer-images/	8 KB 8 KB	112ms 112ms	Image image/png	2a04:4e42:400::272 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01/payments-portal/r1/issuer-images/sprite-map._CB332026835_.png Requested by Host: www.amazon.co.adminuer.xyz URL: https://www.amazon.co.adminuer.xyz/b5f9a/details.php?cmd=_update-information&account_biling=71cebf579f7bb24ca0eb825fd1640ca6&lim_session=cf89932da7b75b80f2d91c6b25d212786ff8d888 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `7c79ef304a289b90f7ae0972e5c160fa8251b9ef571ff9d158b900c2702138c8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.amazon.co.adminuer.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin https://www.amazon.com date Mon, 27 Dec 2021 12:24:31 GMT last-modified Mon, 10 May 2021 06:42:12 GMT age 558 x-cache HIT from fastly, MISS from fastly x-nginx-cache-status EXPIRED access-control-allow-origin * expires Sat, 25 Dec 2021 17:27:56 GMT cache-control max-age=3600,public x-amz-ir-id b61b8093-8b02-43e7-b65c-1736aa9d1b7a accept-ranges bytes content-type image/png content-length 8215 x-served-by cache-dca17776-DCA, cache-mxp6945-MXP

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| addSlashes function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.amazon.co.adminuer.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: i4mb524gkmec9j7gkkp7kom9t7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images-na.ssl-images-amazon.com
www.amazon.co.adminuer.xyz
173.82.245.15
2a04:4e42:400::272
0829ed551189761bbe34e63b998ed05ed880b77d0353c6eed2c53cbea2dbf113
1790d51f7cc313a6d973bdf56a4e46e6f343bb9d0837a6b3cd3b9d8f83f87e29
2016f589634df2705698036db915cdfb4b48ec0217ac67eacbe85701bd2bd565
2558804c25b156f25bef02b6097a020471ef71d6dc9a77f023508d4173e5a916
25637cdca66488dd13243f3d3649677eebe3a473c672e8785a2c89a7cdb6de2d
33c340129401ce17469be926a61e06e8a4d49321bc6add7d186cd3274a75bb18
4b9493a939ee93609e5f601821d6c0fe55b8f2f0d3bbbffd69e3840de3796f16
765dd2ecce31f4944b9a329ac0bb16014e0d006a1aa3e4bb7e8d1d2ac4eb1b80
7c79ef304a289b90f7ae0972e5c160fa8251b9ef571ff9d158b900c2702138c8
7f195317f27500af4bf74a9af8b1deb25a15d6183d31773c92b979429444c6aa
a6eaea72dc489fcbe68a0e89cc241d59d9fb09907e016a748f52457ad62bc396
a88801e1e68900f66536fbb00138fca0eab027bfab0b3ee8e68f43420deafc5b
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
bde31848f3c02d44b188927f63b8724262cf12a30a2bef988f81698ecbbf5790
d5732912d03878a5cd3695dc275a6630fb3c255fa7c0b744ab08897824049327
ea111433c02a4f3dc1b15bd076ae035e69606d8261b48284a830ec6724b55cbb

www.amazon.co.adminuer.xyz Open in urlscan Pro 173.82.245.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

217 kBTransfer

775 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

www.amazon.co.adminuer.xyz Open in urlscan Pro
173.82.245.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

217 kB
Transfer

775 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!