lopaolxkc.com
Open in
urlscan Pro
172.67.136.202
Malicious Activity!
Public Scan
Effective URL: https://lopaolxkc.com/
Submission Tags: phishing amazon Search All
Submission: On August 25 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GTS CA 1P5 on August 25th 2023. Valid for: 3 months.
This is the only time lopaolxkc.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online) Amazon Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.21.89.127 104.21.89.127 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 172.67.136.202 172.67.136.202 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 54.230.175.48 54.230.175.48 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-48.nrt57.r.cloudfront.net
images-cn.ssl-images-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
lopaolxkc.com
lopaolxkc.com |
593 KB |
2 |
ssl-images-amazon.com
images-cn.ssl-images-amazon.com — Cisco Umbrella Rank: 482736 |
32 KB |
1 |
mloxkaowl.com
333.mloxkaowl.com |
482 B |
21 | 3 |
Domain | Requested by | |
---|---|---|
18 | lopaolxkc.com |
333.mloxkaowl.com
lopaolxkc.com |
2 | images-cn.ssl-images-amazon.com |
lopaolxkc.com
|
1 | 333.mloxkaowl.com | |
21 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mloxkaowl.com GTS CA 1P5 |
2023-08-25 - 2023-11-23 |
3 months | crt.sh |
lopaolxkc.com GTS CA 1P5 |
2023-08-25 - 2023-11-23 |
3 months | crt.sh |
images-cn.ssl-images-amazon.com Amazon RSA 2048 M01 |
2023-02-23 - 2023-12-12 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lopaolxkc.com/
Frame ID: FBEC8B6B3AEEBA2CC7D09D83CFDDC9EE
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
AmazonサインインPage URL History Show full URLs
- https://333.mloxkaowl.com/caonigec2954d863ab0a70af44158ebec7abcb1 Page URL
- https://lopaolxkc.com/ Page URL
Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: 利用規約
Search URL Search Domain Scan URL
Title: プライバシー規約
Search URL Search Domain Scan URL
Title: パスワードを忘れた場合
Search URL Search Domain Scan URL
Title: その他のログインに関する問題
Search URL Search Domain Scan URL
Title: Amazonアカウントを作成する
Search URL Search Domain Scan URL
Title: ヘルプ
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://333.mloxkaowl.com/caonigec2954d863ab0a70af44158ebec7abcb1 Page URL
- https://lopaolxkc.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
caonigec2954d863ab0a70af44158ebec7abcb1
333.mloxkaowl.com/ |
61 B 482 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
lopaolxkc.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.3ac9b2b3.css
lopaolxkc.com/pc-frontend-dist/css/ |
420 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.299dfc6a.js
lopaolxkc.com/pc-frontend-dist/js/ |
124 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.0702dda8.js
lopaolxkc.com/pc-frontend-dist/js/ |
842 KB 237 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-1461271b.fdb7fe34.css
lopaolxkc.com/pc-frontend-dist/css/ |
0 426 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-37deb247.7ae0374f.css
lopaolxkc.com/pc-frontend-dist/css/ |
0 2 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-59c9c0d2.7ae0374f.css
lopaolxkc.com/pc-frontend-dist/css/ |
0 2 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-c65541f8.8b7cffa6.css
lopaolxkc.com/pc-frontend-dist/css/ |
0 2 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-1461271b.0f64a145.js
lopaolxkc.com/pc-frontend-dist/js/ |
0 9 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-2d0e1795.a069a234.js
lopaolxkc.com/pc-frontend-dist/js/ |
0 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-37deb247.ba6d01da.js
lopaolxkc.com/pc-frontend-dist/js/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-59c9c0d2.3bcaf342.js
lopaolxkc.com/pc-frontend-dist/js/ |
0 15 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-755f1fae.f4086e36.js
lopaolxkc.com/pc-frontend-dist/js/ |
0 78 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-c65541f8.7d5c201a.js
lopaolxkc.com/pc-frontend-dist/js/ |
0 53 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-2d0e1795.a069a234.js
lopaolxkc.com/pc-frontend-dist/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-755f1fae.f4086e36.js
lopaolxkc.com/pc-frontend-dist/js/ |
294 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-1461271b.fdb7fe34.css
lopaolxkc.com/pc-frontend-dist/css/ |
376 B 442 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-1461271b.0f64a145.js
lopaolxkc.com/pc-frontend-dist/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
images-cn.ssl-images-amazon.com/images/G/01/AUIClients/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_jp_1x-f8582354fc42b464ef5eb709dd98f9371d3eafea._V2_.png
images-cn.ssl-images-amazon.com/images/G/01/AUIClients/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online) Amazon Japan (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _0x1993 function| _0x442d function| _0x3ebf57 function| _0x46e674 object| webpackJsonp object| _0x3167 function| _0xb382 object| _0x44fb function| _0x4bce function| _0x5183bf function| _0x4dd252 object| _0x23b310 object| _0x862b function| _0xa150 function| _0x877b22 function| _0xf1e2aa object| _0x57e13e object| _0x54ec function| _0x13c4 function| _0x56cab7 function| _0xbc2e14 object| _0x4b65432 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lopaolxkc.com/ | Name: XSRF-TOKEN Value: eyJpdiI6ImNRNUdMUWlTbnJ5UFJLTUNlcStST2c9PSIsInZhbHVlIjoiTVNveFVPeFlpOFhGaU1KaVg0ZTZWYXpVQTJCdWRDcEUxS2dcLzB1eW5waCtMUXFXamZqb0tZRXhSYXlvZWxqYWsiLCJtYWMiOiIyZTg2OTkzM2EwNzgxODRhYTk2YTk3ZmM4NWUyZGE1NDZmNjZmY2FmNzk1N2ZhYzcxMjlhODdkYzdmZTcxODg2In0%3D |
|
lopaolxkc.com/ | Name: laravel_session Value: eyJpdiI6IkZmQmVZeVhEK253eUptZ1h6enBcL1B3PT0iLCJ2YWx1ZSI6IlNmQlwvcmdwc2s3VlpLY3JjcTFaXC9jSHNNK08xUkhzVVN4UVVhcmZuTWxlRWFZT3ROaE5NdkR1Z1lqU1RmNEorSlc3bDRzMldlN2hCcmFTM3V2UFREakFaXC81U3Q3azlhbFRRa1pyMW9nVTA3aUk2RGw1cVpPeUtVeUdndGNRWnVrIiwibWFjIjoiZGFhOTMyM2NkMTVjYTM4MzA4NzkxOTBjZDM5MDNlZDMwNzllNWM5YWI3YjAzYjdjZTc3Nzc2OGZhMjJiOWNjZiJ9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
333.mloxkaowl.com
images-cn.ssl-images-amazon.com
lopaolxkc.com
104.21.89.127
172.67.136.202
54.230.175.48
22094ea15b07eb579cfbe5c5e41daf334eb97ba818d5e9b08345d3ceefa53624
2550ad8d62ea90def8b028148857192577fe6971f8804f3b638104bcd3124528
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
4ddb2c4458eb0a9ed1adcdbe18248d5cdf80abb6f7369f90633b97a50dbc29c4
548de56ddf665cec3c57b277181d9b2028a3c9865626c02ee52f17f32ad4803b
572661451bdc62193141ffad2e085f7b0dfb01aaf05b4674ae50798c3fcef09a
706918d0fc599e84e7bcc06ffe5e45bc341d00267b3e5888ebab9c224ba64d25
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
d83e79ec8a5641dbf2f41a4c919a5a97823fee17c063e01e1bc7c7c253580629
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f9778224e07e80a4f2c72a102a629ed4ada88f80bbf00d93538f42b493fbf3