www.amozan.ga Open in urlscan Pro
2606:4700:3032::6815:221c  Malicious Activity! Public Scan

Submitted URL: https://www.updatesu.gq/
Effective URL: https://www.amozan.ga/
Submission: On June 12 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3032::6815:221c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.amozan.ga.
TLS certificate: Issued by E1 on June 12th 2022. Valid for: 3 months.
This is the only time www.amozan.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
8 3
Apex Domain
Subdomains
Transfer
6 amozan.ga
www.amozan.ga
668 KB
1 updatesu.gq
www.updatesu.gq
662 B
8 2
Domain Requested by
6 www.amozan.ga www.updatesu.gq
www.amozan.ga
1 www.updatesu.gq
8 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-12 -
2023-06-12
a year crt.sh
*.amozan.ga
E1
2022-06-12 -
2022-09-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.amozan.ga/
Frame ID: 8E1C3695F2E36DC4230EF53A634663E7
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.updatesu.gq/ Page URL
  2. https://www.amozan.ga/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

669 kB
Transfer

4469 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.updatesu.gq/ Page URL
  2. https://www.amozan.ga/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.updatesu.gq/
140 B
662 B
Document
General
Full URL
https://www.updatesu.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71a0858769e89b33-FRA
content-encoding
br
content-type
text/html
date
Sun, 12 Jun 2022 06:27:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sun, 12 Jun 2022 06:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FTvPQNtBmEoYYEe%2BcUCIDdtuFFV%2B5BhKtzcd3r1Ja4qtHnjpdv0QrAO3VmMWUZd7raDw5G0%2BKOjj05eSlK5Gp9HQy4kaneEbfeX4GCRdNWmabTmkrChlsynKFlGgH5p%2Fdt7W%2FmhXVawJNEUknQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
Primary Request /
www.amozan.ga/
546 B
818 B
Document
General
Full URL
https://www.amozan.ga/
Requested by
Host: www.updatesu.gq
URL: https://www.updatesu.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:221c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eda57e28213521c8ba51dc26def50db16af5c140cc5f824dcb4930fa5bc0d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.updatesu.gq/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71a0858a6b4e9b7a-FRA
content-encoding
br
content-type
text/html
date
Sun, 12 Jun 2022 06:27:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sat, 19 Jun 2021 23:23:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1X8bCqKLhpXUwlkUmIWhyMlUmFYhNt4jRVC2YZYK8V0KEL1kFoj%2BIYyJMy36AOxgvTIkJSFSGNmHZy4rWZ0WKCrW8Ev8j2GLa14ba2tH3BqZOuNG20G6Q7O1lgW3AauOAuHmRTwtCBRinxe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
app.6d2caa6cca41ac53624199ae78e34326.css
www.amozan.ga/static/css/
4 MB
580 KB
Stylesheet
General
Full URL
https://www.amozan.ga/static/css/app.6d2caa6cca41ac53624199ae78e34326.css
Requested by
Host: www.amozan.ga
URL: https://www.amozan.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:221c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8676918678dacb21c03713440b1958a98672d47a5eff7f3cf7d79f8fd7351d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.amozan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:27:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 19 Jun 2021 23:23:08 GMT
server
cloudflare
etag
W/"60ce7c5c-420568"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSccC9sKIUIXek%2B%2BXOWnkFstq9bEKcbvWGhcrPhtKj1%2Bfa48zK1cT2OSXr4mB873ooPPzpLFPkbQAOrMHFWUlaHjC7NYCfrax8rwYzkjgxj4qwKu40ZbMjv%2FEsaB3pReITjU8Xujd30N3JZ3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
71a0858cdebc9b7a-FRA
expires
Sun, 12 Jun 2022 18:27:37 GMT
manifest.32fe08875ed3ca164371.js
www.amozan.ga/static/js/
2 KB
1 KB
Script
General
Full URL
https://www.amozan.ga/static/js/manifest.32fe08875ed3ca164371.js
Requested by
Host: www.amozan.ga
URL: https://www.amozan.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:221c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b7bb90aa441ccaf5349c683f499dbeff828944bd7351dcab8928e75058aada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.amozan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:27:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 19 Jun 2021 23:23:08 GMT
server
cloudflare
etag
W/"60ce7c5c-6f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qc%2BM9QnTBUbgN%2FUcahEBPTpiZlEvOt6r%2Fs7NflU3uCVlkpj0P6l5bWXFZ6Rmwat7q3VjQ%2F0OUajcXam1VWPTRC6oyh2WDxlRSZ3Ws6SnfzVlszcJjVciTdKB2lrzM7BOSy2LBu0ci70in68"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
71a0858cdebe9b7a-FRA
expires
Sun, 12 Jun 2022 18:27:37 GMT
vendor.8942a87b5a70d06cf6ea.js
www.amozan.ga/static/js/
233 KB
83 KB
Script
General
Full URL
https://www.amozan.ga/static/js/vendor.8942a87b5a70d06cf6ea.js
Requested by
Host: www.amozan.ga
URL: https://www.amozan.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:221c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.amozan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:27:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 19 Jun 2021 23:23:08 GMT
server
cloudflare
etag
W/"60ce7c5c-3a533"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlMOtmudFAKe9ZxKjFFpPZ%2BdAyjOfs%2BHJqayOzyRC14vWllhmSEAhh3dsveNEiU647croghqETlLOrOjMjf3zXR7a9gXiD6i8aSaM41e75jeiM4O%2F%2F0F%2FN9woYjktiEK7bZRKTmyLjBw%2Bfpx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
71a0858cdec09b7a-FRA
expires
Sun, 12 Jun 2022 18:27:37 GMT
app.11d26497eb1356c36e30.js
www.amozan.ga/static/js/
7 KB
2 KB
Script
General
Full URL
https://www.amozan.ga/static/js/app.11d26497eb1356c36e30.js
Requested by
Host: www.amozan.ga
URL: https://www.amozan.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:221c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b2dfdedde733db3cdfa710a97a591de27aedbf20c9be7f2e80bd22b70f14b48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.amozan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:27:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 19 Jun 2021 23:23:08 GMT
server
cloudflare
etag
W/"60ce7c5c-1dc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FFJkqGGOrQA071uwIoCOFV5lLazCWH0BFYphvIL0ptGP3HOkZQNkgJHpnQ1R7PWiFECF0ozPnX2x1bM6DhRSa2Al1ZTVJ2iSqQCN271A%2B5peuZOYOIfu%2F0jewoQWOZ03AD5nfsIztGE%2Fjw3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
71a0858cdec19b7a-FRA
expires
Sun, 12 Jun 2022 18:27:37 GMT
9.d0207aec845f19b3d6aa.js
www.amozan.ga/static/js/
861 B
1 KB
Script
General
Full URL
https://www.amozan.ga/static/js/9.d0207aec845f19b3d6aa.js
Requested by
Host: www.amozan.ga
URL: https://www.amozan.ga/static/js/manifest.32fe08875ed3ca164371.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:221c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072f201e2a84805e62b8b7d792938f0241d0fc6a34b040c0f19ff94f2a55f00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.amozan.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 06:27:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 19 Jun 2021 23:23:08 GMT
server
cloudflare
etag
W/"60ce7c5c-35d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLlXsTGBqF3L4VzdJ22e8HBIq9WU%2BGltf2OfTVXdTZaTVOjRe9xPkpF6cNIOoeysC61VTnSU8POBnhYN8HMcpowfAEsRnyxZ93zBBcimDIEeAJXAFnp%2BiaSG9aU6hendLlS2bv0jMlqOSbZe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
71a085972d0392c9-FRA
expires
Sun, 12 Jun 2022 18:27:39 GMT
jump.php
www.amozan.ga/api/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.amozan.ga
URL
https://www.amozan.ga/api/jump.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000