amazon-jp.xsemhex.cn
Open in
urlscan Pro
182.16.85.114
Malicious Activity!
Public Scan
Submission Tags: @ap_zenmashi #phishing #フィッシング #amazon #アマゾン #詐欺 #scam Search All
Submission: On December 11 via api from FI — Scanned from JP
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 11th 2022. Valid for: 3 months.
This is the only time amazon-jp.xsemhex.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online) Amazon Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 182.16.85.114 182.16.85.114 | 45753 (NETSEC-HK...) (NETSEC-HK Netsec Limited) | |
2 | 2600:9000:20c... 2600:9000:20c4:6200:10:1731:ff49:ac01 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 2 |
ASN16509 (AMAZON-02, US)
images-cn.ssl-images-amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
xsemhex.cn
amazon-jp.xsemhex.cn |
281 KB |
2 |
ssl-images-amazon.com
images-cn.ssl-images-amazon.com — Cisco Umbrella Rank: 376887 |
32 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
9 | amazon-jp.xsemhex.cn |
amazon-jp.xsemhex.cn
|
2 | images-cn.ssl-images-amazon.com |
amazon-jp.xsemhex.cn
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.co.jp |
Subject Issuer | Validity | Valid | |
---|---|---|---|
amazon-jp.xsemhex.cn ZeroSSL RSA Domain Secure Site CA |
2022-12-11 - 2023-03-11 |
3 months | crt.sh |
images-cn.ssl-images-amazon.com Amazon |
2022-11-14 - 2023-12-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazon-jp.xsemhex.cn/
Frame ID: 76A6377E5CA96DF18E0E639B5052F766
Requests: 11 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 利用規約
Search URL Search Domain Scan URL
Title: プライバシー規約
Search URL Search Domain Scan URL
Title: パスワードを忘れた場合
Search URL Search Domain Scan URL
Title: その他のログインに関する問題
Search URL Search Domain Scan URL
Title: Amazonアカウントを作成する
Search URL Search Domain Scan URL
Title: 利用規約
Search URL Search Domain Scan URL
Title: プライバシー規約
Search URL Search Domain Scan URL
Title: ヘルプ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
amazon-jp.xsemhex.cn/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
61Tlxk0K9QL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31GjtQRomzL.css_.css
amazon-jp.xsemhex.cn/static/file_pc/index_files/ |
131 KB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
01SdjaY0ZsL._RC_31jdWD+JB+L.css,41CoXfMtudL.css_.css
amazon-jp.xsemhex.cn/static/file_pc/index_files/ |
36 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
11JNAJswl5L.css
amazon-jp.xsemhex.cn/static/file_pc/index_files/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
amazon-jp.xsemhex.cn/static/main/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.css
amazon-jp.xsemhex.cn/static/main/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js
amazon-jp.xsemhex.cn/static/main/ |
90 KB 91 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.js
amazon-jp.xsemhex.cn/static/main/ |
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
amazon-jp.xsemhex.cn/static/main/ |
3 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mPGmT0r6IeTyIee.png
images-cn.ssl-images-amazon.com/images/S/sash/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EYzhM86N6ZcDPtA.png
images-cn.ssl-images-amazon.com/images/S/sash/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online) Amazon Japan (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| postvalue function| $ function| jQuery function| loadDiv function| LayerShow function| Position function| LayerHide function| del function| cf1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amazon-jp.xsemhex.cn/ | Name: Token_ID Value: 667115493186762619 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon-jp.xsemhex.cn
images-cn.ssl-images-amazon.com
182.16.85.114
2600:9000:20c4:6200:10:1731:ff49:ac01
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
5b2e0604209e9726a0ae78837a04455dda0a6b53ccb4a88deed788ddeb553ab7
7774ec42f1109d7dd18222b1b97839c964a786112ff76da2652dc74402b1c19c
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d677760fa69d216fe4dafd1a4548587e1b482f74b34f08e57085796d2187fd3d
e0d431809e06e686cfe3bd266b39e35964eaa28507eff4751f9fb99717854e72
e3d30b93b0b9757b01d125acc45068aa1d8cc252098fed70bb5545d797080a6f
e8badccc3c42bb234fc7db5ddc5487307a795faf01dee904ea439823becc4ad5
f8398641cd3b832deaf47e23bd07e052e17bcaad4fdfa60ab9d674741df81b9f