amnpmg.com
Open in
urlscan Pro
23.247.42.134
Malicious Activity!
Public Scan
Effective URL: https://amnpmg.com/index.php/index/Login/index.html
Submission: On April 09 via api from US — Scanned from JP
Summary
TLS certificate: Issued by R3 on March 18th 2023. Valid for: 3 months.
This is the only time amnpmg.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online) Amazon Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 23.247.42.134 23.247.42.134 | 46573 (LAYER-HOST) (LAYER-HOST) | |
2 | 2600:9000:21e... 2600:9000:21ee:6800:1d:d7f6:39d2:2dc1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:213... 2600:9000:2138:3c00:10:1731:ff49:ac01 | 16509 (AMAZON-02) (AMAZON-02) | |
20 | 3 |
ASN16509 (AMAZON-02, US)
images-fe.ssl-images-amazon.com | |
m.media-amazon.com |
ASN16509 (AMAZON-02, US)
images-cn.ssl-images-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
amnpmg.com
1 redirects
amnpmg.com |
186 KB |
2 |
ssl-images-amazon.com
images-fe.ssl-images-amazon.com — Cisco Umbrella Rank: 22727 images-cn.ssl-images-amazon.com — Cisco Umbrella Rank: 149731 |
82 KB |
1 |
media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 510 |
13 KB |
20 | 3 |
Domain | Requested by | |
---|---|---|
18 | amnpmg.com |
1 redirects
amnpmg.com
|
1 | m.media-amazon.com |
amnpmg.com
|
1 | images-cn.ssl-images-amazon.com |
amnpmg.com
|
1 | images-fe.ssl-images-amazon.com |
amnpmg.com
|
20 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
amnpmg.com R3 |
2023-03-18 - 2023-06-16 |
3 months | crt.sh |
images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2022-10-26 - 2023-10-14 |
a year | crt.sh |
images-cn.ssl-images-amazon.com Amazon RSA 2048 M01 |
2023-02-23 - 2023-12-12 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://amnpmg.com/index.php/index/Login/index.html
Frame ID: D5EC84B51A35CAADA0D9CBB49920761C
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
AmazonログインPage URL History Show full URLs
- https://amnpmg.com/ Page URL
-
https://amnpmg.com/index123.php?t=7e8d92a7a10191b45aeea4019756e2766565262a6818b637d0b81266dccfefad
HTTP 302
https://amnpmg.com/index.php Page URL
- https://amnpmg.com/index.php/index/Login/index.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: パスワードを忘れた方
Search URL Search Domain Scan URL
Title: 利用規約
Search URL Search Domain Scan URL
Title: プライバシー規約
Search URL Search Domain Scan URL
Title: 新しいAmazonのアカウントを作成
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://amnpmg.com/ Page URL
-
https://amnpmg.com/index123.php?t=7e8d92a7a10191b45aeea4019756e2766565262a6818b637d0b81266dccfefad
HTTP 302
https://amnpmg.com/index.php Page URL
- https://amnpmg.com/index.php/index/Login/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://amnpmg.com/index123.php?t=7e8d92a7a10191b45aeea4019756e2766565262a6818b637d0b81266dccfefad HTTP 302
- https://amnpmg.com/index.php
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
amnpmg.com/ |
1 KB 1008 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.23238u92u82.js
amnpmg.com/vendor/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
amnpmg.com/ Redirect Chain
|
108 B 135 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
amnpmg.com/index.php/index/Login/ |
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61ccss.css
amnpmg.com/Amazonsignin_files/ |
136 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01Scss.css
amnpmg.com/Amazonsignin_files/ |
51 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11Hcss.css
amnpmg.com/Amazonsignin_files/ |
2 KB 926 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layui.css
amnpmg.com/static/js/plugins/layui/css/ |
72 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Feng.js
amnpmg.com/static/js/common/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
amnpmg.com/static/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.min.js
amnpmg.com/static/js/plugins/layer/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21Qcss.css
amnpmg.com/Amazonsignin_files/ |
79 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219css.css
amnpmg.com/Amazonsignin_files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sm-smile-sprite-global-1x_blueheaven._CB485919093_.png
amnpmg.com/Amazonsignin_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.45b4330.gif
amnpmg.com/img/ |
65 KB 65 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.css
amnpmg.com/static/js/plugins/layer/skin/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sprite-global-2x_blueheaven-account._CB658093862_.png
images-fe.ssl-images-amazon.com/images/G/09/gno/sprites/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_2x-a3d92a134e6afaec4974bceac0812b73d0b635c1._V2_.png
images-cn.ssl-images-amazon.com/images/G/01/AUIClients/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InternationalCustomerPreferencesNavAssets-icp_sprite-0b528ccc99b2eed18447291de6df851bc2c6fe68._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jilu
amnpmg.com/index/login/ |
0 66 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online) Amazon Japan (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| Feng function| $ function| jQuery object| layer function| jilu function| checkpost3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.amnpmg.com/ | Name: 62345ba76168db0033ce8ae6a90ce5a762956614 Value: Lv%2Fp7%2Fn4QlcZYSyOiAMPsQ%3D%3D |
|
.amnpmg.com/ | Name: _amkc Value: aca8e685-4500-4e6b-be2b-a9440b33efba |
|
amnpmg.com/ | Name: PHPSESSID Value: 2035068aaa781cedecab570d6ab88169 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amnpmg.com
images-cn.ssl-images-amazon.com
images-fe.ssl-images-amazon.com
m.media-amazon.com
23.247.42.134
2600:9000:2138:3c00:10:1731:ff49:ac01
2600:9000:21ee:6800:1d:d7f6:39d2:2dc1
05abc4447dee2c67da9fba6a37cfe40d59b31f6850a08c9c87f25a2ad6bab183
2ef3895f54f3f35bc04a24a2290b35afb0c1b0da93a2b5b54938f55a249c9c4e
3b48af9153e92423d79f2d3bdc3e0b15e482ceb87e5c3ce3af5bd6f593cead9d
4291f24cfd31872276064368ee11e6787ab0debe8e014a4f78cbe00f71885d82
465c2a9824f70ca7950230859a2ac72673c455d109994e1465fd6f0e2cf27245
69a549ff7ac8ad8b8a130c2d9e1fe5bc3fffebcd6a2e2f95128760ba8e16eb52
756433c76c09df52de9a89d8887f94d991a291b4e3a6db4a86e9859888f5a54f
883b375ac1962c650077b01e672a03092160dc53ecb599e48e35639efbf16522
8afa0e13c86a1d3d734fca7fcfc18729cea51c1cea92c42f4ac363c7a7262edf
a6ba71883887aa143687e857f428cffae68b942ab6b46ce50a0446eb971d7027
a75dd9dbb839047dff4d49527f40be3fb82dec9fee73cf3204569452bb89f6c1
ae9da3c9a568a7b3602dc54e10c324166db3abe1d3a6892770d6ce6a7cc8c1c6
b62740a5165f55700d7e3b8a2386d35e30e7b663438f2a5cfc1108132b01f1db
b81163a7a0df4e956108a2117a43f06a5f10d85eb3198fe5397f293cff9fb22c
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56ac82fab1c5b5fa17fbeb9780ff44d748c6702e19a757385d83e1fc36c3c6a
f5b6e0ff10a1f98ca5f76330837e57d20ca904b94123540bdb966bebff747a89