amazon-tha.top
Open in
urlscan Pro
202.162.109.191
Public Scan
URL:
https://amazon-tha.top/index/user/login.html
Submission Tags: @phishunt_io
Submission: On March 15 via api from DE — Scanned from SG
Submission Tags: @phishunt_io
Submission: On March 15 via api from DE — Scanned from SG
Summary
This website contacted 2 IPs
in 1 countries
across 2 domains to perform 11 HTTP transactions.
The main IP is 202.162.109.191, located in
Singapore and
belongs to BCPL-SG BGPNET Global ASN, SG.
The main domain is amazon-tha.top.
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.
This is the only time amazon-tha.top was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.
This is the only time amazon-tha.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 10 | 202.162.109.191 202.162.109.191 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
| 1 | 116.62.131.213 116.62.131.213 | () () | |
| 11 | 2 |
10
202.162.109.191
(Singapore)
ASN64050 (BCPL-SG BGPNET Global ASN, SG)
PTR: 191-109-162-202.in-addr.arpa.bgp.net
ASN64050 (BCPL-SG BGPNET Global ASN, SG)
PTR: 191-109-162-202.in-addr.arpa.bgp.net
| amazon-tha.top |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
amazon-tha.top
amazon-tha.top |
380 KB |
| 1 |
dcloud.net.cn
cdn.dcloud.net.cn |
579 B |
| 11 | 2 |
| Domain | Requested by | |
|---|---|---|
| 10 | amazon-tha.top |
amazon-tha.top
|
| 1 | cdn.dcloud.net.cn |
amazon-tha.top
|
| 11 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| startest.top R3 |
2023-03-14 - 2023-06-12 |
3 months | crt.sh |
| *.dcloud.net.cn Certum Domain Validation CA SHA2 |
2022-07-21 - 2023-08-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazon-tha.top/index/user/login.html
Frame ID: 1F048719B23B04D4A7A7906722C41CD4
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
login_titleDetected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.html
amazon-tha.top/index/user/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
amazon-tha.top/public/xin/css/ |
106 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.css
amazon-tha.top/public/xin/css/ |
18 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.0.min.js
amazon-tha.top/public/xin/js/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layer.js
amazon-tha.top/public/xin/js/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.css
amazon-tha.top/public/xin/fonts/ |
37 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layer.css
amazon-tha.top/public/xin/js/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginbg.jpg
amazon-tha.top/public/xin/img/ |
131 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
amazon-tha.top/public/xin/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
amazon-tha.top/public/xin/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shadow-grey.png
cdn.dcloud.net.cn/img/ |
136 B 579 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| layer function| func1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| amazon-tha.top/ | Name: s5dbfae13 Value: 94fbe6gouh58bpm6c1mm6fi357 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon-tha.top
cdn.dcloud.net.cn
116.62.131.213
202.162.109.191
0094b596a211e7eb5a2deb1a03c57b93fd6fa24eeb5eaf6843a761e1d0a8ad8c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
515bee3f0ae6908c0d4b8ded2c0db0699b7e33ca4706ecbd64be32737aa7036c
58c52ef54e532d5ed1c1043c7262aa2a2fe66cc1d4407cd6026b8348abc39f33
7cfff7d88518b43a6094e7726bd06d30c243c0ec19c0b315d194319fbbdb6fc2
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d889baf23ff9721d4e25d8d9f395b8bf2979ecbda3ac9256060d2b3987318283
e8bcdad67b727c12ec0e1d4f535d3142b09a214d7603690bbae5b40595777dc8