urlscan.io logo urlscan.io
SecurityTrails logo

www.amazon.co.jp Open in urlscan Pro
18.65.212.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ebb61d6b295874d31858290759d6fcb3.lashesalive.com/caonigeebb61d6b295874d31858290759d6fcb3
Effective URL: https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3...
Submission Tags: phishing amazon Search All
Submission: On August 03 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 6 HTTP transactions. The main IP is 18.65.212.66, located in United States and belongs to AMAZON-02, US. The main domain is www.amazon.co.jp. The Cisco Umbrella rank of the primary domain is 31302.
TLS certificate: Issued by DigiCert Global CA G2 on October 19th 2022. Valid for: a year.
This is the only time www.amazon.co.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.133.67 13335 (CLOUDFLAR...)
1 1 194.120.116.157 56971 (CLOUDBACK...)
1 18.65.212.66 16509 (AMAZON-02)
6 3
Domain Requested by
1 www.amazon.co.jp ebb61d6b295874d31858290759d6fcb3.lashesalive.com
1 intellectual-intensity.dns05.com 1 redirects
1 ebb61d6b295874d31858290759d6fcb3.lashesalive.com
0 fls-fe.amazon.com Failed www.amazon.co.jp
0 images-fe.ssl-images-amazon.com Failed www.amazon.co.jp
6 5

This site contains no links.

Subject Issuer Validity Valid
lashesalive.com
GTS CA 1P5		 2023-07-25 -
2023-10-23		 3 months crt.sh
www.amazon.co.jp
DigiCert Global CA G2		 2022-10-19 -
2023-09-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&
Frame ID: DC2E43C8958D93ED5B9AE938908D5C6E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ebb61d6b295874d31858290759d6fcb3.lashesalive.com/caonigeebb61d6b295874d31858290759d6fcb3 Page URL
  2. https://intellectual-intensity.dns05.com/ HTTP 302
    https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amaz... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

6
Requests

33 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

111 kB
Transfer

109 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ebb61d6b295874d31858290759d6fcb3.lashesalive.com/caonigeebb61d6b295874d31858290759d6fcb3 Page URL
  2. https://intellectual-intensity.dns05.com/ HTTP 302
    https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
caonigeebb61d6b295874d31858290759d6fcb3
ebb61d6b295874d31858290759d6fcb3.lashesalive.com/ 		81 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ebb61d6b295874d31858290759d6fcb3.lashesalive.com/caonigeebb61d6b295874d31858290759d6fcb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
7f0c6f2b2e1219dd-KIX
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 03 Aug 2023 06:16:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5nqNaz4izDrO2723NozVOPOePuMyszk9bmc7e0f2H1yV5jtfI6EfwMP0ZVUjaGZYxm%2F4bpXom5KJVUQE4Tc%2ByYBNtkw7oNxHu20VR2mo2kXxS%2BBDSvlL43Rkd%2FLELdrV%2F%2Fo5h%2BJpq%2F0q4D6jqAvQylxQAMGlSzqRnola3z%2B81ICBsg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request signin
www.amazon.co.jp/ap/
Redirect Chain
  • https://intellectual-intensity.dns05.com/
  • https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2F...
109 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&
Requested by
Host: ebb61d6b295874d31858290759d6fcb3.lashesalive.com
URL: https://ebb61d6b295874d31858290759d6fcb3.lashesalive.com/caonigeebb61d6b295874d31858290759d6fcb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.212.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-212-66.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
14593b2c2cb9e2b5fdfe7da0eec347837e10f4640c8dcbc74b482d43aee7e4c4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://ebb61d6b295874d31858290759d6fcb3.lashesalive.com/caonigeebb61d6b295874d31858290759d6fcb3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
text/html;charset=UTF-8
date
Thu, 03 Aug 2023 06:17:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
No-cache
server
Server
strict-transport-security
max-age=47474747; includeSubDomains; preload
vary
Content-Type,Accept-Encoding,User-Agent
via
1.1 85de9b232d4cc5649cda5eb15fa1d8dc.cloudfront.net (CloudFront)
x-amz-cf-id
NR1NL7DynFjoWALoafrgbroVJWtFZPhW-qcoVhMeQ0c4hhD6KZviSQ==
x-amz-cf-pop
NRT57-P4
x-amz-rid
2J4ZYVZEBMF5A3K5G4BS
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1

Redirect headers

cache-control
no-cache, private
content-encoding
gzip
content-length
370
content-type
text/html; charset=UTF-8
date
Thu, 03 Aug 2023 06:16:54 GMT
location
https://www.amazon.co.jp/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&
server
Apache
vary
Accept-Encoding
61g+ivtVz9L._RC%7C11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
images-fe.ssl-images-amazon.com/images/I/ 		0
0
01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,418wmKRbodL.css_.css
images-fe.ssl-images-amazon.com/images/I/ 		0
0
21xpztliDML.css
images-fe.ssl-images-amazon.com/images/I/ 		0
0
A1VC38T7YXB528:355-4591419-1286234:2J4ZYVZEBMF5A3K5G4BS$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3D2J4ZYVZEBMF5A3K5G4BS:0
fls-fe.amazon.com/1/batch/1/OP/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
images-fe.ssl-images-amazon.com
URL
https://images-fe.ssl-images-amazon.com/images/I/61g+ivtVz9L._RC%7C11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css?AUIClients/AmazonUI
Domain
images-fe.ssl-images-amazon.com
URL
https://images-fe.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,418wmKRbodL.css_.css?AUIClients/AuthenticationPortalAssets&LszXOEkM
Domain
images-fe.ssl-images-amazon.com
URL
https://images-fe.ssl-images-amazon.com/images/I/21xpztliDML.css?AUIClients/CVFAssets
Domain
fls-fe.amazon.com
URL
https://fls-fe.amazon.com/1/batch/1/OP/A1VC38T7YXB528:355-4591419-1286234:2J4ZYVZEBMF5A3K5G4BS$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3D2J4ZYVZEBMF5A3K5G4BS:0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| ue_t0 object| ue_csm number| ue_hob string| ue_err_chan string| ue_id string| ue_url number| ue_navtiming string| ue_mid string| ue_sid string| ue_sn string| ue_furl string| ue_surl number| ue_int number| ue_fcsn number| ue_urt string| ue_rpl_ns number| ue_ddq string| ue_fpf number| ue_sbuimp number| ue_ibft number| ue_fnt number| ue_swi function| ue_viz number| ue_hoe number| ue_ihb object| ue function| ueLogError object| ue_err number| ueinit function| uei function| ueh function| ues function| uet function| uex function| onLd function| onLdEnd function| onUl function| onstop number| aPageStart

4 Cookies

Domain/Path Name / Value
intellectual-intensity.dns05.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImFmamxJS1BaXC8wVm9tTGI3c3prKzl3PT0iLCJ2YWx1ZSI6IjBydWxMQU9hUDV2RGxQSERINlRJWkJUZW1EQ0s2Y2I5UG9aaVNFYnpTaUEyYWg1Wjd4ZG9kYnBmNndJUXN5eG0iLCJtYWMiOiI0OWVmNzU4NmZiMGNlMjFiNjZjNjZiNWJjNDg0NWU0YTc1MTM2NjU2OGE3MmE4YmQxZGU3MTk5OTIzYmE2ZDNhIn0%3D
intellectual-intensity.dns05.com/ Name: laravel_session
Value: eyJpdiI6Ikk1cTR2S2pmWktOaTQ0VmtoMXhmNHc9PSIsInZhbHVlIjoibm5USGcxTlUzTFFNMDlkS0RZNlBIblRsdnZkcHdzbU1Jc21YNVV2TmFQSXJmTUdNWm01WmhoUGFmQ1VndHNvRjR0UEo2WVdENEd5b1g5MEFQTWtvdXd1ZjFnNmlnXC9JNFdEVnVoV1pUUEdLb1g0MTN0eUZlZnVja0tnSmlvS1UzIiwibWFjIjoiYzk3MTYxOTkwZjMyYjAwMzRmZjEwOGRmZDc3Njk4MTllNWQzZGRkNGZjYThjNjQ3Y2I5NmZmOWJmNzM1YTA1NiJ9
.amazon.co.jp/ Name: session-id
Value: 355-4591419-1286234
.amazon.co.jp/ Name: session-id-time
Value: 2321763441l