anrnz.amznfp.shop
Open in
urlscan Pro
23.224.171.134
Malicious Activity!
Public Scan
Submission: On December 17 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on December 17th 2021. Valid for: 3 months.
This is the only time anrnz.amznfp.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 23.224.171.134 23.224.171.134 | 40065 (CNSERVERS) (CNSERVERS) | |
1 | 52.175.28.82 52.175.28.82 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 206.119.69.94 206.119.69.94 | 395886 (KURUN-AS-) (KURUN-AS-) | |
1 | 2600:9000:213... 2600:9000:2138:ea00:1d:d7f6:39cf:a761 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.37.231.182 52.37.231.182 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.119.175.30 52.119.175.30 | 16509 (AMAZON-02) (AMAZON-02) | |
24 | 6 |
ASN16509 (AMAZON-02, US)
images-fe.ssl-images-amazon.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-231-182.us-west-2.compute.amazonaws.com
fls-fe.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
amznfp.shop
anrnz.amznfp.shop |
389 KB |
1 |
amazon-adsystem.com
aax-fe.amazon-adsystem.com |
455 B |
1 |
amazon.com
fls-fe.amazon.com |
149 B |
1 |
ssl-images-amazon.com
images-fe.ssl-images-amazon.com |
20 KB |
1 |
yyhqdq.bar
anrnz.yyhqdq.bar |
144 B |
1 |
sohu.com
pv.sohu.com |
233 B |
24 | 6 |
Domain | Requested by | |
---|---|---|
19 | anrnz.amznfp.shop |
anrnz.amznfp.shop
|
1 | aax-fe.amazon-adsystem.com |
anrnz.amznfp.shop
|
1 | fls-fe.amazon.com |
anrnz.amznfp.shop
|
1 | images-fe.ssl-images-amazon.com |
anrnz.amznfp.shop
|
1 | anrnz.yyhqdq.bar |
anrnz.amznfp.shop
|
1 | pv.sohu.com |
anrnz.amznfp.shop
|
24 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
anrnz.amznfp.shop R3 |
2021-12-17 - 2022-03-17 |
3 months | crt.sh |
www.sohu.com Secure Site CA G2 |
2021-08-09 - 2022-09-03 |
a year | crt.sh |
anrnz.yyhqdq.bar R3 |
2021-12-07 - 2022-03-07 |
3 months | crt.sh |
Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2021-03-23 - 2022-03-22 |
a year | crt.sh |
fls-fe.amazon.com Amazon |
2021-07-01 - 2022-06-02 |
a year | crt.sh |
aax-fe.amazon-adsystem.com Amazon |
2021-02-22 - 2022-02-08 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://anrnz.amznfp.shop/
Frame ID: DF6B4FB9B95B5D14B1A06CC87C3CCE57
Requests: 7 HTTP requests in this frame
Frame:
https://anrnz.amznfp.shop/static/web/index.html
Frame ID: B36A926A3429C4DFB1C95D722C373426
Requests: 16 HTTP requests in this frame
Frame:
https://aax-fe.amazon-adsystem.com/s/iu3?d=amazon.co.jp&slot=navFooter&a2=010180be0e20c6fb70ec1f0b3eddecccc326bd3a0bb7fbc014fca072ac20b1cde7a9&old_oo=0&ts=1636892798798&s=AY7SRyVkb2RN0rA85yZ5Y1BL26SMB09f9LIvQgT38nD6&gdpr_consent=&gdpr_consent_avl=&cb=1636892798798
Frame ID: 92201D0AF95A48933560BB9B2CE2B261
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
anrnz.amznfp.shop/ |
2 KB 992 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cityjson
pv.sohu.com/ |
74 B 233 B |
Script
text/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.10294a29f8fa37b34cd40e2b7c1a516a.css
anrnz.amznfp.shop/static/css/ |
139 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.3ad1d5771e9b13dbdad2.js
anrnz.amznfp.shop/static/js/ |
858 B 591 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.a192244aa621c98c3306.js
anrnz.amznfp.shop/static/js/ |
431 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.615dfc46cf1f3434b393.js
anrnz.amznfp.shop/static/js/ |
102 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
anrnz.amznfp.shop/static/web/ Frame B36A |
78 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
anrnz.yyhqdq.bar/ |
45 B 144 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ea87ae6f5b0442fa0d27ceb0fb29347.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
132 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
35c374b52ac44f3e903ade16b5bac859.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11jtoe0ckcl.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
2 KB 923 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jq.js
anrnz.amznfp.shop/static/web/js/ Frame B36A |
81 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b5e6bd6fd09847328b87928c7d7059af.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
69 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41c6lallmfl.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01+72+wcc9l.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
1 KB 485 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c0455e5835e437d8f919a73680b97a7.css
anrnz.amznfp.shop/static/web/Css/ Frame B36A |
29 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sprite-global-1x_blueheaven-account._cb658093862_.png
anrnz.amznfp.shop/static/web/Picture/ Frame B36A |
264 B 264 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yyds.js
anrnz.amznfp.shop/static/web/js/ Frame B36A |
3 KB 888 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-nav-sprite-global-2x_blueheaven-account._CB658093862_.png
images-fe.ssl-images-amazon.com/images/G/09/gno/sprites/ Frame B36A |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mpgmt0r6ietyiee.png
anrnz.amznfp.shop/static/web/Images/ Frame B36A |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rzrqqdi0arm6dap.png
anrnz.amznfp.shop/static/web/Images/ Frame B36A |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uedata
anrnz.amznfp.shop/ap/ Frame B36A |
264 B 264 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A1VC38T7YXB528:358-8756057-9286504:29ANGBCF76Q47AG3F9ME$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.217562.0%26id%3D29ANGBCF76Q47AG3F9ME%26ifr%3D1%26m%3D1%26sc%3D29ANGBCF76Q47AG3F9ME%26ue%3D2%26ns%3D139%2...
fls-fe.amazon.com/1/batch/1/OP/ Frame B36A |
43 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iu3
aax-fe.amazon-adsystem.com/s/ Frame 9220 |
65 B 455 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| returnCitySN function| webpackJsonp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aax-fe.amazon-adsystem.com
anrnz.amznfp.shop
anrnz.yyhqdq.bar
fls-fe.amazon.com
images-fe.ssl-images-amazon.com
pv.sohu.com
206.119.69.94
23.224.171.134
2600:9000:2138:ea00:1d:d7f6:39cf:a761
52.119.175.30
52.175.28.82
52.37.231.182
09b48f4538c0a15e0fb897b46bd95d577be6df4abe9d5f9db8a35f12ad557091
0ccc5ee5b3895d4774462fda3e9598881a5fa985c5dfed5129249731bb26fc27
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
149f93e8452624fd48e208f936dbd68662656ded8077a563d5b6aa44d5394084
1b33512efb3dc711dc91d88c5f1c9466b26b28ea049f0d0fe5e1986b9996ca93
2589a7bfaf12de9699977cac47492faefb6768877a4e504bfa858a2e800f37d9
2aa0a8327baecc491072fa6aac39f78b8d25dfe426a6645277f29f6ec74bf3f5
3b48af9153e92423d79f2d3bdc3e0b15e482ceb87e5c3ce3af5bd6f593cead9d
40f51b726e4b18aabccd169135f5fe8769452c6669b420cbf42c574c6ada986c
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
4a0920960b01ef97699119da5c1691f354f88255cc11bdc08ed3f8af622521ae
565b8e86ef6b44cc856d9df0e9835e8da91bb616033984d93723e6dd2aefa44a
69ee26f6fa1d091acce4ea3c3d552d2ce045cf775501ed3c3c87e5604c00f79b
6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782
70897f9d5a7108c744491d925537239876920a8fb8a6262dfbe41f530bd24b47
9f839ce74847a909729d5cc5b6bbfb87b3ce5ae1106778049ea19a53209abab8
a1fa3306eb5574c19e000a6f097c74df0d000abf1d6db68ebe6a345cd90ab124
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
af95220603e195a2caf92f1a48ea4d51d98a5b6c20fd0c0fb545a483aede63d2
cf039dfda9848d0ad83681727400748c5198fda577feec44e64dc852ed964945
daa0f1453b43cb3b89c2d55fc37e906c09bc046738e6f4d589a168a278c0f53a
e6d9250acc6d245117ba61120c4bf4ea202122fbd0af87fe0ff0b538dd67e983
ffa6572d007fcfaf3da181aa1cb25e023bc026f339f6e892379239986e4cd11d