nztagovect-nz.xyz
Open in
urlscan Pro
23.160.193.97
Malicious Activity!
Public Scan
Submission: On May 17 via automatic, source openphish — Scanned from NZ
Summary
TLS certificate: Issued by R3 on May 16th 2023. Valid for: 3 months.
This is the only time nztagovect-nz.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 23.160.193.97 23.160.193.97 | 397270 (NETINF-TR...) (NETINF-TRANSIT-AS) | |
1 | 13.35.17.50 13.35.17.50 | 16509 (AMAZON-02) (AMAZON-02) | |
15 | 3 |
ASN397270 (NETINF-TRANSIT-AS, US)
PTR: unknown.ip-xfer.net
nztagovect-nz.xyz |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-17-50.sin5.r.cloudfront.net
images-cn.ssl-images-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
nztagovect-nz.xyz
nztagovect-nz.xyz |
289 KB |
1 |
ssl-images-amazon.com
images-cn.ssl-images-amazon.com — Cisco Umbrella Rank: 440177 |
28 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
14 | nztagovect-nz.xyz |
nztagovect-nz.xyz
|
1 | images-cn.ssl-images-amazon.com |
nztagovect-nz.xyz
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
amazonzasfsda.top R3 |
2023-05-16 - 2023-08-14 |
3 months | crt.sh |
images-cn.ssl-images-amazon.com Amazon RSA 2048 M01 |
2023-02-23 - 2023-12-12 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nztagovect-nz.xyz/
Frame ID: AD29667073AD5B44A8AA76A6EF705784
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nztagovect-nz.xyz/ |
36 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
nztagovect-nz.xyz/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
nztagovect-nz.xyz/js/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
nztagovect-nz.xyz/js/ |
34 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.js
nztagovect-nz.xyz/js/la/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.8822e685.js
nztagovect-nz.xyz/js/ |
202 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.f076fe3a.js
nztagovect-nz.xyz/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.14b691ba.css
nztagovect-nz.xyz/css/ |
230 B 276 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.css
nztagovect-nz.xyz/js/la/theme/default/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
api.php
nztagovect-nz.xyz/api/ |
10 B 78 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
895.5d1e95b2.css
nztagovect-nz.xyz/css/ |
323 KB 76 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
895.059b9a04.js
nztagovect-nz.xyz/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sprite-global-1x_blueheaven-account._CB658093862_.f48c5c9f.png
nztagovect-nz.xyz/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mPGmT0r6IeTyIee.png
images-cn.ssl-images-amazon.com/images/S/sash/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe2UeLQmJ11kKHN.61985c38.png
nztagovect-nz.xyz/img/ |
58 KB 58 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| layer object| webpackChunkamazontb function| _ boolean| __VUE__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nztagovect-nz.xyz/ | Name: PHPSESSID Value: f055dbd271d621c6458be4bfb0a28adb |
|
nztagovect-nz.xyz/ | Name: thinkphp_show_page_trace Value: 0|0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
images-cn.ssl-images-amazon.com
nztagovect-nz.xyz
13.35.17.50
23.160.193.97
2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b
33c1c92944a084e89ac8cbfe15da3c741575cbddd50a0301b946fb6da8441a93
381390d097e3204dd614055627af55d529014c7dc25491a7af114f68aeac889c
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
66c5f74a1a2495983dc893d21a35876fcd42005650c5c3190ccceba491997c9e
6a4e49d2ecacb05d5cc6ae728fe8431c3a982b0ff43e6208a977d7b0b61cd4bd
83171ce6831197c0f77fd1ab8b4795a6064b60f0376341672e2e989a5b2cef19
846f676a751142fccaed31408d0ba2be2769208c71987a41a374b2855c90d71d
8e09b2662d710cf8a1752c1a1615d4110b9946c128900f6a5f9c2e1316da4416
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9aed1d0cad13f27bc401115f921abd1d92c0570dc2ce966ae1aea576ebcfed34
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
ccd2b4d3291236165abff9fb9aa683bf00eb4fe676e49532f7db78500cfcbe08
cffa3f02914eb7159952192c00a3bb99f910f33bd215bb061bf84b0b4ab67c90
d207d7942aa5bd788378f92aae9fd3aae7ec1245776f16b6680bc1e312db3f51
fde03dc107f1cfd899199f6bc9410e18fb317a3017e2431c884e05cf45c76205