amz-conn4.shop Open in urlscan Pro
143.244.188.212 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/redirect.html?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
Effective URL:
https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
Submission: On November 07 via manual (November 7th 2023, 5:29:26 am UTC) from ZA — Scanned from JP

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 143.244.188.212, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is amz-conn4.shop.
TLS certificate: Issued by R3 on November 6th 2023. Valid for: 3 months.

This is the only time amz-conn4.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	52.95.181.17 52.95.181.17	16509 (AMAZON-02) (AMAZON-02)
2	35.189.157.144 35.189.157.144	15169 (GOOGLE) (GOOGLE)
13	143.244.188.212 143.244.188.212	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
16	3

1 52.95.181.17 (Osaka, Japan)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-northeast-3.amazonaws.com

aws-service3-1.s3.ap-northeast-3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.189.157.144 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 144.157.189.35.bc.googleusercontent.com

ap.zchh.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.244.188.212 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

amz-conn4.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	amz-conn4.shop amz-conn4.shop	274 KB
2	zchh.lol ap.zchh.lol	633 B
1	amazonaws.com aws-service3-1.s3.ap-northeast-3.amazonaws.com	2 KB
16	3

	Domain	Requested by
13	amz-conn4.shop	aws-service3-1.s3.ap-northeast-3.amazonaws.com amz-conn4.shop
2	ap.zchh.lol	aws-service3-1.s3.ap-northeast-3.amazonaws.com amz-conn4.shop
1	aws-service3-1.s3.ap-northeast-3.amazonaws.com
16	3

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.ap-northeast-3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-22`	10 months	crt.sh
ap.zchh.lol R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
amz-conn5.shop R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
Frame ID: 48E97E4622691A552FEEEB10C61AE829
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon

Page URL History Show full URLs

https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/redirect.html?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434b... Page URL
https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

276 kB
Transfer

919 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/redirect.html?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa Page URL
https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK redirect.html Show response
aws-service3-1.s3.ap-northeast-3.amazonaws.com/ 1 KB
2 KB 133ms
25ms Document
text/html 52.95.181.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/redirect.html?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.181.17 Osaka, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-northeast-3.amazonaws.com
Software: AmazonS3 /
Resource Hash: de452313c34c9a219f75dd83817ba93ca890c9fbbb3a63bd2875702f4889dde9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 1490
Content-Type: text/html
Date: Tue, 07 Nov 2023 05:29:22 GMT
ETag: "947dc3649d614d39c4861cddaa1920cd"
Last-Modified: Sun, 05 Nov 2023 07:30:54 GMT
Server: AmazonS3
x-amz-id-2: ZF8FWJ+3ZbpzCEywyiDOJNBSW0NFKTwOp/ZnGNOqTIFCv5lVA9Ma2c2KeuPP5hkQOT+IpMHmdOA=
x-amz-request-id: GYPCJJC6Z8SPHW2K
x-amz-server-side-encryption: AES256

GET
H2 200 nextWeb
ap.zchh.lol/api.rotator/ 68 B
333 B 193ms
54ms XHR
application/json 35.189.157.144
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ap.zchh.lol/api.rotator/nextWeb?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Requested by

Host: aws-service3-1.s3.ap-northeast-3.amazonaws.com
URL: https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/redirect.html?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.189.157.144 Tokyo, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

144.157.189.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 05:29:21 GMT
strict-transport-security: max-age=31536000
server: nginx
access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
content-type: application/json; charset=utf-8

GET
H2 200 Primary Request / Show response
amz-conn4.shop/ 807 B
523 B 1367ms
840ms Document
text/html 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

74f3bd1b2501c6c46fbee98badeb1500daf0b1ec0879b610b61604dc7fa21cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://aws-service3-1.s3.ap-northeast-3.amazonaws.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 05:29:23 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 01.css
amz-conn4.shop/static/css/ 46 KB
10 KB 167ms
159ms Stylesheet
text/css 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/css/01.css

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-b81a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 11.css
amz-conn4.shop/static/css/ 2 KB
1 KB 168ms
161ms Stylesheet
text/css 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/css/11.css

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-996"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 215.css
amz-conn4.shop/static/css/ 118 KB
20 KB 323ms
317ms Stylesheet
text/css 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/css/215.css

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f16cd29b0e93538198074a71b516d1e1980862a8e1b1e34d2786f32f887e196c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-1d9c4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 219.css
amz-conn4.shop/static/css/ 5 KB
2 KB 325ms
319ms Stylesheet
text/css 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/css/219.css

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

465c2a9824f70ca7950230859a2ac72673c455d109994e1465fd6f0e2cf27245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-152d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 app.fd3bbdeb1c2349cbc1aa0739dcfe4e72.css
amz-conn4.shop/static/css/ 332 KB
62 KB 480ms
475ms Stylesheet
text/css 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/css/app.fd3bbdeb1c2349cbc1aa0739dcfe4e72.css

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

dfa51ca87d9a993a69fb28789259d0316de5511c539fc3792ae6624912d5c7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-52ec7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 manifest.9bd198c6c6d048133796.js Show response
amz-conn4.shop/static/js/ 2 KB
1 KB 481ms
476ms Script
application/javascript 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/js/manifest.9bd198c6c6d048133796.js

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8bee81c28905a2fd9ff1d471c2ca0025c1556cf92591cf1fafd58fb52bf6b3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-6c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 vendor.99dcf295b95bb423f0dc.js Show response
amz-conn4.shop/static/js/ 179 KB
68 KB 481ms
477ms Script
application/javascript 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/js/vendor.99dcf295b95bb423f0dc.js

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

70ab6a6f5032c67524b92981d0f84949aefff9ff36bae0d5f7ab9cb07f993fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-2cba7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 app.662774afa7c330049e41.js Show response
amz-conn4.shop/static/js/ 23 KB
11 KB 481ms
478ms Script
application/javascript 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/js/app.662774afa7c330049e41.js

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

09b2b91fba77b0a998f86aedcf26463cb08ce2dc2aa7a19c7605bad9daf5e90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-5bee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:23 GMT

GET
H2 200 61.css
amz-conn4.shop/static/css/ 133 KB
27 KB 239ms
239ms Stylesheet
text/css 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/css/61.css

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/static/js/app.662774afa7c330049e41.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6ddb4b71a1c2e640de24d5890722a00ce64279969c27be948b1d25537134d3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:24 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-2156c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:24 GMT

POST
H2 200 visit Show response
ap.zchh.lol/api.lead/ 36 B
300 B 53ms
53ms XHR
application/json 35.189.157.144
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ap.zchh.lol/api.lead/visit

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/static/js/vendor.99dcf295b95bb423f0dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.189.157.144 Tokyo, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

144.157.189.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b1b877d0b5324d6a35bc602258788e41606ec33cd5afb93abbc7d5fa18d442dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://amz-conn4.shop/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 07 Nov 2023 05:29:24 GMT
strict-transport-security: max-age=31536000
server: nginx
access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
content-type: application/json; charset=utf-8

GET
H2 200 4.464593d9ecd1af78dfa1.js Show response
amz-conn4.shop/static/js/ 9 KB
3 KB 186ms
185ms Script
application/javascript 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amz-conn4.shop/static/js/4.464593d9ecd1af78dfa1.js

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/static/js/manifest.9bd198c6c6d048133796.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7b53be66d84ed74b3c9fe9fddbf5b7172535e2ebce25be8204b0f869e66bff0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/?id=84d5f3f634a56275aa7dea98142838843db9d48a13b233c5a667ba7434ba8daa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:24 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: W/"65476a52-2371"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 07 Nov 2023 17:29:24 GMT

GET
H2 200 icon.png
amz-conn4.shop/static/img/ 60 KB
61 KB 159ms
159ms Image
image/png 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amz-conn4.shop/static/img/icon.png

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/static/css/61.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/static/css/61.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:24 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: "65476a52-f1dd"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61917
expires: Thu, 07 Dec 2023 05:29:24 GMT

GET
H2 200 icon2.png
amz-conn4.shop/static/img/ 7 KB
7 KB 162ms
161ms Image
image/png 143.244.188.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amz-conn4.shop/static/img/icon2.png

Requested by

Host: amz-conn4.shop
URL: https://amz-conn4.shop/static/css/61.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.188.212 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5ad2ea1ac285aacee78ec964213ff95cdeb6428d6fad55cbc0a7f9dc3437c9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://amz-conn4.shop/static/css/61.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:29:24 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 Nov 2023 10:11:30 GMT
server: nginx
etag: "65476a52-1b91"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7057
expires: Thu, 07 Dec 2023 05:29:24 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| webpackJsonp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amz-conn4.shop
ap.zchh.lol
aws-service3-1.s3.ap-northeast-3.amazonaws.com
143.244.188.212
35.189.157.144
52.95.181.17
09b2b91fba77b0a998f86aedcf26463cb08ce2dc2aa7a19c7605bad9daf5e90f
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381
465c2a9824f70ca7950230859a2ac72673c455d109994e1465fd6f0e2cf27245
5ad2ea1ac285aacee78ec964213ff95cdeb6428d6fad55cbc0a7f9dc3437c9e9
6ddb4b71a1c2e640de24d5890722a00ce64279969c27be948b1d25537134d3fc
70ab6a6f5032c67524b92981d0f84949aefff9ff36bae0d5f7ab9cb07f993fad
74f3bd1b2501c6c46fbee98badeb1500daf0b1ec0879b610b61604dc7fa21cf1
7b53be66d84ed74b3c9fe9fddbf5b7172535e2ebce25be8204b0f869e66bff0b
8bee81c28905a2fd9ff1d471c2ca0025c1556cf92591cf1fafd58fb52bf6b3bd
8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa
b1b877d0b5324d6a35bc602258788e41606ec33cd5afb93abbc7d5fa18d442dc
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a
de452313c34c9a219f75dd83817ba93ca890c9fbbb3a63bd2875702f4889dde9
dfa51ca87d9a993a69fb28789259d0316de5511c539fc3792ae6624912d5c7e3
f16cd29b0e93538198074a71b516d1e1980862a8e1b1e34d2786f32f887e196c

amz-conn4.shop Open in urlscan Pro 143.244.188.212 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

276 kBTransfer

919 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

amz-conn4.shop Open in urlscan Pro
143.244.188.212 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

276 kB
Transfer

919 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!