amaazon.co.jp.dulxcr.cn Open in urlscan Pro
155.94.205.249  Malicious Activity! Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response amaazon.co.jp.dulxcr.cn/	658 B 811 B	816ms 236ms	Document text/html	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash b13f6ec2529c0a5158e31ec93e1bd1072962ced3d3708d5f1f231aa4f246963e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language jp-JP,jp;q=0.9 Response headers server nginx date Sat, 13 Nov 2021 06:14:41 GMT content-type text/html content-length 658 last-modified Thu, 02 Sep 2021 23:40:24 GMT etag "613160e8-292" strict-transport-security max-age=31536000 accept-ranges bytes
GET H2	200	app.6d2caa6cca41ac53624199ae78e34326.css amaazon.co.jp.dulxcr.cn/static/css/	4 MB 762 KB	473ms 472ms	Stylesheet text/css	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/css/app.6d2caa6cca41ac53624199ae78e34326.css Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 8e8676918678dacb21c03713440b1958a98672d47a5eff7f3cf7d79f8fd7351d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:41 GMT content-encoding gzip last-modified Sun, 20 Jun 2021 11:23:08 GMT server nginx etag W/"60cf251c-420568" vary Accept-Encoding content-type text/css cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:41 GMT
GET H2	200	manifest.32fe08875ed3ca164371.js Show response amaazon.co.jp.dulxcr.cn/static/js/	2 KB 1 KB	945ms 944ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/manifest.32fe08875ed3ca164371.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash f2b7bb90aa441ccaf5349c683f499dbeff828944bd7351dcab8928e75058aada Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:41 GMT content-encoding gzip last-modified Sun, 20 Jun 2021 11:23:08 GMT server nginx etag W/"60cf251c-6f8" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:41 GMT
GET H2	200	vendor.8942a87b5a70d06cf6ea.js Show response amaazon.co.jp.dulxcr.cn/static/js/	233 KB 92 KB	946ms 945ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/vendor.8942a87b5a70d06cf6ea.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:41 GMT content-encoding gzip last-modified Sun, 20 Jun 2021 11:23:08 GMT server nginx etag W/"60cf251c-3a533" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:41 GMT
GET H2	200	app.11d26497eb1356c36e30.js Show response amaazon.co.jp.dulxcr.cn/static/js/	7 KB 2 KB	946ms 945ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/app.11d26497eb1356c36e30.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 7b2dfdedde733db3cdfa710a97a591de27aedbf20c9be7f2e80bd22b70f14b48 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:41 GMT content-encoding gzip last-modified Sun, 20 Jun 2021 11:23:08 GMT server nginx etag W/"60cf251c-1dc8" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:41 GMT
GET H2	200	yubinbango.js Show response amaazon.co.jp.dulxcr.cn/static/js/	3 KB 2 KB	946ms 945ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/yubinbango.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 929b718a075eddc4f14a9e9ac9bddd89919f1b071f9b495b7305825918bb0122 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:41 GMT content-encoding gzip last-modified Fri, 03 Sep 2021 07:07:26 GMT server nginx etag W/"6131c9ae-cdb" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:41 GMT
GET H2	200	init.js Show response amaazon.co.jp.dulxcr.cn/static/js/	1 KB 686 B	946ms 946ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/init.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 8132539b7cb4ab43545f0dc1d65cad0c823fc2301620baa6e7c00ed113e9e70a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:41 GMT content-encoding gzip last-modified Sat, 04 Sep 2021 07:36:16 GMT server nginx etag W/"613321f0-5b5" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:41 GMT
GET H2	200	9.d0207aec845f19b3d6aa.js Show response amaazon.co.jp.dulxcr.cn/static/js/	861 B 1 KB	236ms 236ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/9.d0207aec845f19b3d6aa.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/static/js/manifest.32fe08875ed3ca164371.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 072f201e2a84805e62b8b7d792938f0241d0fc6a34b040c0f19ff94f2a55f00b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:43 GMT last-modified Sun, 20 Jun 2021 11:23:08 GMT server nginx etag "60cf251c-35d" strict-transport-security max-age=31536000 content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 861 expires Sat, 13 Nov 2021 18:14:43 GMT
GET H2	200	jump.php Show response amaazon.co.jp.dulxcr.cn/api/	2 B 372 B	633ms 632ms	XHR text/html	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/api/jump.php Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/static/js/vendor.8942a87b5a70d06cf6ea.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept application/json, text/plain, */* Referer https://amaazon.co.jp.dulxcr.cn/ Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Sat, 13 Nov 2021 06:14:43 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods * content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true strict-transport-security max-age=31536000 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	11.8b1570ce205b9a0d5ecb.js Show response amaazon.co.jp.dulxcr.cn/static/js/	10 KB 3 KB	237ms 237ms	Script application/javascript	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/static/js/11.8b1570ce205b9a0d5ecb.js Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/static/js/manifest.32fe08875ed3ca164371.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 13808eb742cb959916976fc77517718416198bec034766d8448e9ff2ac221b5b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:44 GMT content-encoding gzip last-modified Fri, 03 Sep 2021 16:23:48 GMT server nginx etag W/"61324c14-27bc" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 strict-transport-security max-age=31536000 expires Sat, 13 Nov 2021 18:14:44 GMT
GET H2	200	api_session.php Show response amaazon.co.jp.dulxcr.cn/api/	72 B 394 B	260ms 259ms	XHR text/html	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://amaazon.co.jp.dulxcr.cn/api/api_session.php Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/static/js/vendor.8942a87b5a70d06cf6ea.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash 1ce2268649d9a3248de72e925dde75b4300034b142ef78e013c6387eb25c8b09 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept application/json, text/plain, */* Referer https://amaazon.co.jp.dulxcr.cn/ap/signin/openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&1 Accept-Language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Sat, 13 Nov 2021 06:14:44 GMT content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods POST content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true strict-transport-security max-age=31536000 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.6a23b50.png amaazon.co.jp.dulxcr.cn/static/img/	26 KB 26 KB	238ms 237ms	Image image/png	155.94.205.249 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://amaazon.co.jp.dulxcr.cn/static/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.6a23b50.png Requested by Host: amaazon.co.jp.dulxcr.cn URL: https://amaazon.co.jp.dulxcr.cn/static/css/app.6d2caa6cca41ac53624199ae78e34326.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software nginx / Resource Hash e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language jp-JP,jp;q=0.9 Referer https://amaazon.co.jp.dulxcr.cn/static/css/app.6d2caa6cca41ac53624199ae78e34326.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 13 Nov 2021 06:14:44 GMT last-modified Fri, 09 Jul 2021 16:30:48 GMT server nginx etag "60e879b8-6607" strict-transport-security max-age=31536000 content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 26119 expires Mon, 13 Dec 2021 06:14:44 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483 Request headers Accept-Language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| t object| YubinBango object| n object| e number| mytimer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amaazon.co.jp.dulxcr.cn/	1969-12-31 23:59:59	Name: PHPSESSID Value: m94ivb9rm3rtpr5ebhspgg2u04

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amaazon.co.jp.dulxcr.cn
155.94.205.249
072f201e2a84805e62b8b7d792938f0241d0fc6a34b040c0f19ff94f2a55f00b
13808eb742cb959916976fc77517718416198bec034766d8448e9ff2ac221b5b
1ce2268649d9a3248de72e925dde75b4300034b142ef78e013c6387eb25c8b09
1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec
7b2dfdedde733db3cdfa710a97a591de27aedbf20c9be7f2e80bd22b70f14b48
8132539b7cb4ab43545f0dc1d65cad0c823fc2301620baa6e7c00ed113e9e70a
8e8676918678dacb21c03713440b1958a98672d47a5eff7f3cf7d79f8fd7351d
929b718a075eddc4f14a9e9ac9bddd89919f1b071f9b495b7305825918bb0122
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
b13f6ec2529c0a5158e31ec93e1bd1072962ced3d3708d5f1f231aa4f246963e
d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488
e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d
f2b7bb90aa441ccaf5349c683f499dbeff828944bd7351dcab8928e75058aada