urlscan.io logo urlscan.io
SecurityTrails logo

amazon-services.care Open in urlscan Pro
104.248.158.247  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://amazon-services.care/customer/ap/bin/signin.php
Submission: On October 09 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 104.248.158.247, located in Wilmington, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is amazon-services.care.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 3rd 2018. Valid for: 3 months.
This is the only time amazon-services.care was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
6 104.248.158.247 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:20b... 16509 (AMAZON-02)
1 152.199.19.160 15133 (EDGECAST)
2 2600:9000:20b... 16509 (AMAZON-02)
4 107.23.205.142 14618 (AMAZON-AES)
20 7
6    104.248.158.247 (Wilmington, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: mail.amazon-services.care
amazon-services.care
2    2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
4    2600:9000:20bb:6c00:1d:d7f6:39c8:6281 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
images-na.ssl-images-amazon.com
1    152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ajax.aspnetcdn.com
2    2600:9000:20bb:6600:1d:d7f6:39c8:6281 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
images-na.ssl-images-amazon.com
4    107.23.205.142 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-205-142.compute-1.amazonaws.com
fls-na.amazon.com
Domain Requested by
6 images-na.ssl-images-amazon.com amazon-services.care
6 amazon-services.care amazon-services.care
4 fls-na.amazon.com images-na.ssl-images-amazon.com
2 ajax.googleapis.com amazon-services.care
1 ajax.aspnetcdn.com amazon-services.care
0 code.jquery.com Failed amazon-services.care
20 6

This site contains no links.

Subject Issuer Validity Valid
amazon-services.care
Let's Encrypt Authority X3		 2018-10-03 -
2019-01-01		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-09-25 -
2018-12-18		 3 months crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2018-05-30 -
2019-07-19		 a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2018-03-30 -
2020-03-30		 2 years crt.sh
fls-na.amazon.com
Amazon		 2018-05-10 -
2019-05-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://amazon-services.care/customer/ap/bin/signin.php
Frame ID: 4936C18B94A8F19708681C2E45BAC137
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Zepto$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

582 kB
Transfer

1345 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set signin.php
amazon-services.care/customer/ap/bin/ 		51 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-services.care/customer/ap/bin/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.158.247 Wilmington, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
mail.amazon-services.care
Software
Apache /
Resource Hash
a8ce9849b2c8105e22f22bc9802b496f29a0f0112881eefa770ad37321ed4af2

Request headers

Host
amazon-services.care
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 11:52:34 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=fhjp3s1u92b4smes85nccbg890; path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Oct 2018 10:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
609764
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
33593
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2019 10:29:50 GMT
jquery.min.mask.js
amazon-services.care/customer/ap/data/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon-services.care/customer/ap/data/js/jquery.min.mask.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.158.247 Wilmington, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
mail.amazon-services.care
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Cookie
PHPSESSID=fhjp3s1u92b4smes85nccbg890
Connection
keep-alive
Cache-Control
no-cache
Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 11:52:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
355
Content-Type
text/html; charset=iso-8859-1
signin.css
amazon-services.care/customer/ap/lib/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amazon-services.care/customer/ap/lib/css/signin.css
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.158.247 Wilmington, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
mail.amazon-services.care
Software
Apache /
Resource Hash
4f982c37795f3b1c2502c6e2a4224ea3b1bf6b5a32efdcf5d1c2713b6388ebb5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Cookie
PHPSESSID=fhjp3s1u92b4smes85nccbg890
Connection
keep-alive
Cache-Control
no-cache
Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 11:52:35 GMT
Last-Modified
Thu, 30 Aug 2018 23:22:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1551
jquery-ui.js
code.jquery.com/ui/1.9.2/ 		0
0
AmazonUI-392a1ef5cd0c3fedce0120819dd9a085255ad7aa._V2_.css
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-392a1ef5cd0c3fedce0120819dd9a085255ad7aa._V2_.css
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:6c00:1d:d7f6:39c8:6281 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
8624ffe350a41f011b0380ab7ed45c89d62c99abe067f2d7cfa3e4cab541ffee

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 19 Jul 2018 21:09:31 GMT
content-encoding
gzip
last-modified
Sat, 09 Apr 2016 01:17:44 GMT
server
Server
age
7051383
status
200
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
00522df1-d61f-4060-aeaf-549be8d81c27
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
8JeReWFBViIPzCNl6VCKcPGLCSoauuwoPC7sEuLizJZlouQnyyt4jg==
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
expires
Wed, 14 Jul 2038 21:09:31 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Oct 2018 10:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
609786
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30399
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2019 10:29:28 GMT
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8E87) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 09 Oct 2018 11:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
30394
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 19:27:49 GMT
server
ECAcc (frc/8E87)
etag
"80288516b793d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.placeholder.mask.js
amazon-services.care/customer/ap/lib/js/ 		138 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon-services.care/customer/ap/lib/js/jquery.placeholder.mask.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.158.247 Wilmington, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
mail.amazon-services.care
Software
Apache /
Resource Hash
348941c6390e600fda2b3928ef4a01ccc18e393e97237adb23525c79fca94438

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Cookie
PHPSESSID=fhjp3s1u92b4smes85nccbg890
Connection
keep-alive
Cache-Control
no-cache
Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 11:52:35 GMT
Last-Modified
Fri, 31 Aug 2018 00:01:14 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
141152
fwcim._CB342128453_.js
images-na.ssl-images-amazon.com/images/G/01/x-locale/common/login/ 		383 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/x-locale/common/login/fwcim._CB342128453_.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:6c00:1d:d7f6:39c8:6281 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
c854c61bda66041aa3f86a791e9606bddcd87ad170a6476c25207f27b966d8e9

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Dec 2017 14:08:06 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2017 16:18:16 GMT
server
Server
age
25566997
status
200
x-cache
Hit from cloudfront
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
98e59f09-671d-493a-9b61-625e16d2b98f
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
5vfuovFsjUM7rqjm28W7wamFTjtqdl7LCw40PIJnApSAvQiniCeGMw==
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
expires
Wed, 02 Dec 2037 06:23:04 GMT
jquery.bootstrap.js
amazon-services.care/customer/ap/lib/js/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazon-services.care/customer/ap/lib/js/jquery.bootstrap.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.158.247 Wilmington, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
mail.amazon-services.care
Software
Apache /
Resource Hash
95520b3fc7b83d93a13a4fbdf0b8e58c9552d9a6e3d5d9fadb737442b23e6d9a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Cookie
PHPSESSID=fhjp3s1u92b4smes85nccbg890
Connection
keep-alive
Cache-Control
no-cache
Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 11:52:35 GMT
Last-Modified
Thu, 30 Aug 2018 15:28:42 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
40869
AmazonUI-c88d6c48b96b59022b205b2b00cb20ac875b50b6._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 		291 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-c88d6c48b96b59022b205b2b00cb20ac875b50b6._V2_.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:6600:1d:d7f6:39c8:6281 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
d3b0ff5dbab889c479a4785c9ffbc07ca907409f5a9f9b750624b2f75838718c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Origin
https://amazon-services.care

Response headers

date
Thu, 19 Jul 2018 21:09:32 GMT
content-encoding
gzip
last-modified
Sat, 09 Apr 2016 02:45:29 GMT
server
Server
age
7076207
status
200
x-cache
Hit from cloudfront
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
d3162005-0e25-4ff4-86ec-9e319e2a1d1a
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
qp3cr0Oo6n148iKvbv-0bK7PB9dhHBMxmLvs048CrBjQkpTfZ6vruQ==
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
expires
Wed, 14 Jul 2038 14:15:49 GMT
AuthenticationPortalAssets-834f82e89cb8e4ba60e6bd45bf663349801105cd._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AuthenticationPortalAssets-834f82e89cb8e4ba60e6bd45bf663349801105cd._V2_.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:6600:1d:d7f6:39c8:6281 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
cc7d3872bb55a26897f7b6d815891b40497337c1ce9da092f18f60bbcfea6ac0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Origin
https://amazon-services.care

Response headers

date
Mon, 01 Jan 2018 08:17:07 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2016 21:41:25 GMT
server
Server
age
24291329
status
200
x-cache
Hit from cloudfront
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
c0e64fb3-fb7e-407b-8cf6-6ecdace8a71c
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
4fPll6SHnG3U1PJp92ajDmh5B-dn4VwXWLrUNAlrtuHiKYDEvlSPNQ==
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
expires
Sun, 27 Dec 2037 08:17:07 GMT
AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:6c00:1d:d7f6:39c8:6281 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a

Request headers

Referer
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-392a1ef5cd0c3fedce0120819dd9a085255ad7aa._V2_.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 09 Aug 2017 03:10:12 GMT
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
last-modified
Fri, 27 May 2016 17:30:51 GMT
server
Server
age
6158874
status
200
x-cache
Hit from cloudfront
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
content-length
25262
x-amz-cf-id
jHt5SJN5iu--Qhbz-MQzoZrMILCpn5BalleHk7yWoSmluryeX98swQ==
expires
Wed, 18 May 2033 03:33:20 GMT
uedata
amazon-services.care/ap/ 		326 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazon-services.care/ap/uedata?ld&v=0.417.0&id=AZMV2X01D0YX7QJ5H3F3&m=1&sc=AZMV2X01D0YX7QJ5H3F3&ue=676&bb=1295&pc=1549&tc=-734&na_=-734&ul_=-1539085954718&_ul=-1539085954718&rd_=-1539085954718&_rd=-1539085954718&fe_=-732&lk_=-731&_lk=-708&co_=-708&_co=-289&sc_=-503&rq_=-289&rs_=-6&_rs=404&dl_=-4&di_=1440&de_=1440&_de=1447&_dc=1548&ld_=1548&_ld=-1539085954718&ntd=-1&ty=0&rc=0&hob=674&hoe=676&ld=1550&t=1539085956268&ctb=1&rt=__ld:11-8-2-0-4-4-0&ec=1&ecf=0&csmtags=aui|aui:aui_build_date:3.16.5.2-2016-04-15|aui:aui_build_date:3.17.16.3-2017-10-11&viz=visible:675&aftb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.158.247 Wilmington, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
mail.amazon-services.care
Software
Apache /
Resource Hash
51a68dff3b6a64e827c5d683acd15962fbf694cc435e184f37a559b98154013a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://amazon-services.care/customer/ap/bin/signin.php
Cookie
PHPSESSID=fhjp3s1u92b4smes85nccbg890; csm-hit=s-AZMV2X01D0YX7QJ5H3F3|1539085956013
Connection
keep-alive
Cache-Control
no-cache
Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 09 Oct 2018 11:52:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
326
Content-Type
text/html; charset=iso-8859-1
ATVPDKIKX0DER:186-0132680-4400652:AZMV2X01D0YX7QJ5H3F3$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.417.0%26id%3DAZMV2X01D0YX7QJ5H3F3%26m%3D1%26sc%3DAZMV2X01D0YX7QJ5H3F3%26ue%3D676%26bb%3D1295%26pc%3D1549%...
fls-na.amazon.com/1/batch/1/OP/ 		43 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:186-0132680-4400652:AZMV2X01D0YX7QJ5H3F3$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.417.0%26id%3DAZMV2X01D0YX7QJ5H3F3%26m%3D1%26sc%3DAZMV2X01D0YX7QJ5H3F3%26ue%3D676%26bb%3D1295%26pc%3D1549%26tc%3D-734%26na_%3D-734%26ul_%3D-1539085954718%26_ul%3D-1539085954718%26rd_%3D-1539085954718%26_rd%3D-1539085954718%26fe_%3D-732%26lk_%3D-731%26_lk%3D-708%26co_%3D-708%26_co%3D-289%26sc_%3D-503%26rq_%3D-289%26rs_%3D-6%26_rs%3D404%26dl_%3D-4%26di_%3D1440%26de_%3D1440%26_de%3D1447%26_dc%3D1548%26ld_%3D1548%26_ld%3D-1539085954718%26ntd%3D-1%26ty%3D0%26rc%3D0%26hob%3D674%26hoe%3D676%26ld%3D1550%26t%3D1539085956268%26ctb%3D1%26rt%3D__ld%3A11-8-2-0-4-4-0%26ec%3D1%26ecf%3D0%26csmtags%3Daui%7Caui%3Aaui_build_date%3A3.16.5.2-2016-04-15%7Caui%3Aaui_build_date%3A3.17.16.3-2017-10-11%26viz%3Dvisible%3A675%26aftb%3D1:1551
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.205.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-205-142.compute-1.amazonaws.com
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 09 Oct 2018 11:52:36 GMT
x-amzn-requestid
d0ad0be5-cbb9-11e8-9134-33217c78f68c
content-length
43
content-type
image/gif
ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js
Requested by
Host: amazon-services.care
URL: https://amazon-services.care/customer/ap/bin/signin.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:6c00:1d:d7f6:39c8:6281 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
8c6e78292b26aff7da0ac43c34edadbff263b2780f9fae78b9cb12d11b7ee0f7

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Dec 2017 10:04:17 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2016 14:16:22 GMT
server
Server
age
25495785
status
200
x-cache
Hit from cloudfront
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
84802e32-47e9-48da-8976-ad7c92a650ac
x-amz-cf-id
mGqlz6j6TqsVH5nfJJ39o_qdzuAyMJtgM5cwX4JYqzEClOBdrlpXKw==
via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
expires
Sat, 10 Oct 2037 13:40:23 GMT
/
fls-na.amazon.com/1/batch/1/OE/ 		0
165 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fls-na.amazon.com/1/batch/1/OE/
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.205.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-205-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
Origin
https://amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
date
Tue, 09 Oct 2018 11:52:36 GMT
access-control-allow-origin
*
x-amzn-requestid
d0ace517-cbb9-11e8-92d1-6d64535e0c55
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
fls-na.amazon.com/1/batch/1/OE/ 		0
165 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fls-na.amazon.com/1/batch/1/OE/
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.205.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-205-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
Origin
https://amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
date
Tue, 09 Oct 2018 11:52:37 GMT
access-control-allow-origin
*
x-amzn-requestid
d138f809-cbb9-11e8-8e26-81168caa73a1
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
/
fls-na.amazon.com/1/batch/1/OE/ 		0
164 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fls-na.amazon.com/1/batch/1/OE/
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.205.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-205-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amazon-services.care/customer/ap/bin/signin.php
Origin
https://amazon-services.care
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
date
Tue, 09 Oct 2018 11:52:38 GMT
access-control-allow-origin
*
x-amzn-requestid
d20940eb-cbb9-11e8-80b3-19ee393e5ae0
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
http://code.jquery.com/ui/1.9.2/jquery-ui.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| ue_t0 function| $ function| jQuery object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl number| ue_fcsn number| ue_urt string| ue_fpf number| ue_tbpv number| ue_swi function| ue_viz number| ue_hoe object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart object| amzn boolean| __fwcimLoaded object| fwcim boolean| __fwcimShimProfileReady object| Codex object| C object| global object| process function| Zepto object| jQuery164025418845073608476 boolean| isPrepopulateEnabled function| prepopulateEmailAndPassword

2 Cookies

Domain/Path Name / Value
amazon-services.care/ Name: csm-hit
Value: s-AZMV2X01D0YX7QJ5H3F3|1539085956013
amazon-services.care/ Name: PHPSESSID
Value: fhjp3s1u92b4smes85nccbg890

1 Console Messages

Source Level URL
Text
console-api error URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-6de53143c24524b5a545dadd24c090905a41635c._V2_.js(Line 18)
Message:
Error logged with the Track&Report JS errors API(http://tiny/1covqr6l8/wamazindeClieUserJava): {"m":"[CSM] Insecure content detected script : http://code.jquery.com/ui/1.9.2/jquery-ui.js","s":["function(){if(a.ue_err.erl){var c=a.ue_err.erl.length,d,b;for(d=0;d<c;d++)b=a.ue_err.erl[d],k(b.ex,b.info);ue_err.erl=[]}}","function(a,d){function w(a){if(a)return a.replace(/^\\s+|\\s+$/g,\"\")}function p(c,d){if(!c)return{};c.m&&c.m.message&&(c=c.m);var b=d.m||d.message||\"\",b=c.m&&c.m.message?b+c.m.message:c.m&&c.m.target&&c.m.target.tagName?b+(\"Error handler invoked by \"+c.m.target.tagName+\" tag\"):c.m?b+c.m:c.message?b+c.message:b+\"Unknown error\",b={m:b,f:c.f||c.sourceURL||c.fileName||c.filename||c.m&&c.m.target&&c.m.target.src,l:c.l||c.line||c.lineno||c.lineNumber,c:c.c?\"\"+c.c:c.c,s:[],t:a.ue.d(),name:c.name,type:c.type,\ncsm:h+\""],"t":1665,"csm":"v5 ueLogError callee","pageURL":"https://amazon-services.care/customer/ap/bin/signin.php","logLevel":"WARN","attribution":"#document/HTML/HEAD/SCRIPT[3]"}