amazon.sivnq8.cn
Open in
urlscan Pro
23.224.121.77
Malicious Activity!
Public Scan
Submitted URL: http://amazon.sivnq8.cn/
Effective URL: https://amazon.sivnq8.cn/
Submission: On August 22 via api from US
Effective URL: https://amazon.sivnq8.cn/
Submission: On August 22 via api from US
Summary
This website contacted 3 IPs
in 1 countries
across 3 domains to perform 12 HTTP transactions.
The main IP is 23.224.121.77, located in
United States and
belongs to CNSERVERS, US.
The main domain is amazon.sivnq8.cn.
TLS certificate: Issued by R3 on August 22nd 2021. Valid for: 3 months.
This is the only time amazon.sivnq8.cn was scanned on urlscan.io!
TLS certificate: Issued by R3 on August 22nd 2021. Valid for: 3 months.
This is the only time amazon.sivnq8.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 10 | 23.224.121.77 23.224.121.77 | 40065 (CNSERVERS) (CNSERVERS) | |
| 2 | 2600:9000:219... 2600:9000:2190:b400:1d:d7f6:39cf:a761 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2600:9000:20e... 2600:9000:20eb:3400:10:1731:ff49:ac01 | 16509 (AMAZON-02) (AMAZON-02) | |
| 12 | 3 |
2
2600:9000:2190:b400:1d:d7f6:39cf:a761
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| images-eu.ssl-images-amazon.com | |
| m.media-amazon.com |
1
2600:9000:20eb:3400:10:1731:ff49:ac01
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| images-cn.ssl-images-amazon.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
sivnq8.cn
1 redirects
amazon.sivnq8.cn |
150 KB |
| 2 |
ssl-images-amazon.com
images-eu.ssl-images-amazon.com images-cn.ssl-images-amazon.com |
48 KB |
| 1 |
media-amazon.com
m.media-amazon.com |
39 KB |
| 12 | 3 |
| Domain | Requested by | |
|---|---|---|
| 10 | amazon.sivnq8.cn |
1 redirects
amazon.sivnq8.cn
|
| 1 | m.media-amazon.com |
amazon.sivnq8.cn
|
| 1 | images-cn.ssl-images-amazon.com |
amazon.sivnq8.cn
|
| 1 | images-eu.ssl-images-amazon.com |
amazon.sivnq8.cn
|
| 12 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.amazon.de |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| amazon.sivnq8.cn R3 |
2021-08-22 - 2021-11-20 |
3 months | crt.sh |
| Images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2021-03-23 - 2022-03-22 |
a year | crt.sh |
| images-cn.ssl-images-amazon.com Amazon |
2021-01-15 - 2022-02-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazon.sivnq8.cn/
Frame ID: 726B9B718EE122CBEEA5F5466471D072
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Amazon AnmeldenPage URL History Show full URLs
-
http://amazon.sivnq8.cn/
HTTP 301
https://amazon.sivnq8.cn/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<[^>]+data-v(?:ue)-/i
- html /<div [^>]*id="__nuxt"/i
- script /\/_nuxt\//i
Nuxt.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<div [^>]*id="__nuxt"/i
- script /\/_nuxt\//i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: https://www.amazon.de/gp/aw/help/ref=ap_mobile_signin_notification_condition_of_use?id=505048
Title: Allgemeinen Geschäftsbedingungen
Title: Allgemeinen Geschäftsbedingungen
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/aw/help/ref=ap_mobile_signin_notification_privacy_notice?id=3312401
Title: Datenschutzerklärung
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/display.html/?nodeId=201890250
Title: Hinweise zu Cookies
Title: Hinweise zu Cookies
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/aw/help/ref=ap_mobile_cookie_internet_ad?id=201151440
Title: Hinweise zu interessenbasierter Werbung
Title: Hinweise zu interessenbasierter Werbung
Search URL Search Domain Scan URL
URL: https://www.amazon.de/ap/forgotpassword?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=anywhere_de&openid.return_to=https%3A%2F%2Fwww.amazon.de%2Fref%3Dnav_signin&prevRID=5ER8Z8PXCX6WAEW9H8BG&openid.assoc_handle=anywhere_v2_de&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: Passwort vergessen
Title: Passwort vergessen
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/account-issues/ref=ap_login_with_otp_claim_collection?ie=UTF8
Title: Sonstige Probleme mit der Anmeldung
Title: Sonstige Probleme mit der Anmeldung
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/customer-preferences/select-language/ref=footer_lang?from=mobile&ie=UTF8&preferencesReturnUrl=%2Fap%2Fsignin%3Fopenid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.de%252Fref%253Dnav_signin%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.assoc_handle%3Ddeflex%26openid.mode%3Dcheckid_setup%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26
Title: DeutschWählen Sie eine Sprache für Ihren Einkauf.
Title: DeutschWählen Sie eine Sprache für Ihren Einkauf.
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/navigation-country/select-country/ref=navm_footer_icp_cp?ie=UTF8&preferencesReturnUrl=%2Fap%2Fsignin%3Fopenid.pape.max_auth_age%3D0%26openid.return_to%3Dhttps%253A%252F%252Fwww.amazon.de%252Fref%253Dnav_signin%26openid.identity%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.assoc_handle%3Ddeflex%26openid.mode%3Dcheckid_setup%26openid.claimed_id%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%252Fidentifier_select%26openid.ns%3Dhttp%253A%252F%252Fspecs.openid.net%252Fauth%252F2.0%26
Title: DeutschlandWählen Sie ein Land/eine Region für Ihren Einkauf.
Title: DeutschlandWählen Sie ein Land/eine Region für Ihren Einkauf.
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/display.html?nodeId=201909000&ref_=navm_ftr_cou
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010&ref_=navm_ftr_mpa
Title: Datenschutzerklärung
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/display.html?nodeId=202024860&ref_=navm_ftr_imprint
Title: Impressum
Title: Impressum
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/display.html?nodeId=201890250&ref_=navm_ftr_cookies_notice
Title: Hinweise zu Cookies
Title: Hinweise zu Cookies
Search URL Search Domain Scan URL
URL: https://www.amazon.de/gp/help/customer/display.html?nodeId=201909150&ref_=navm_ftr_iba
Title: Hinweise zu interessenbasierter Werbung
Title: Hinweise zu interessenbasierter Werbung
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://amazon.sivnq8.cn/
HTTP 301
https://amazon.sivnq8.cn/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
amazon.sivnq8.cn/ Redirect Chain
|
2 KB 1016 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3f3bd0d.js
amazon.sivnq8.cn/_nuxt/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0a5eb84.js
amazon.sivnq8.cn/_nuxt/ |
207 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f707223.js
amazon.sivnq8.cn/_nuxt/ |
48 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4566dec.js
amazon.sivnq8.cn/_nuxt/ |
342 B 598 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
amazon.sivnq8.cn/ |
133 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style2.css
amazon.sivnq8.cn/ |
89 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
41C6LaLLmFL.css
amazon.sivnq8.cn/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
971ed9c.js
amazon.sivnq8.cn/_nuxt/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
new-nav-sprite-global-2x_blueheaven-fluid._CB403808523_.png
images-eu.ssl-images-amazon.com/images/G/03/gno/sprites/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mPGmT0r6IeTyIee.png
images-cn.ssl-images-amazon.com/images/S/sash/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rzrQQdi0aRm6Dap.png
m.media-amazon.com/images/S/sash/ |
38 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon.sivnq8.cn
images-cn.ssl-images-amazon.com
images-eu.ssl-images-amazon.com
m.media-amazon.com
23.224.121.77
2600:9000:20eb:3400:10:1731:ff49:ac01
2600:9000:2190:b400:1d:d7f6:39cf:a761
13c9aa849170006c642d7a3e761b19769b8cdf6b872ff488612a68955c638a89
2589a7bfaf12de9699977cac47492faefb6768877a4e504bfa858a2e800f37d9
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
573a3bf2442d2b9ab0aa114454b26d82ce2df1449272cc66726c1b506d68351d
5e932f364a33a7884b70d8ffa503375ef6b782e4fcc7d2ece0368385e2f2b554
75deb8918e1d74728afc3584b535292633c09f533b24f19705f6a9316c8653b3
968d6effc257ddd984f8ebedd548814d36413ef396e96640e0a11bd3ea761da8
9f8aaa56011d3fa5a6a779dd5fc13822345fe3d7d5ca4a5dac0b576567a1c9f8
aa0b96dce6d50ddb24d2ea1b7fd92c8d35e3accd0763f094d526df7aaaa0f712
e28d01300dc51f6d955b52b545c4d4df2013ce9f4ed909c275c1a3dbda4f9777
e9dfb7b9d2fa38d582584b4af96cc6b15b01fd6486ea77720acdf4b95e04b06c
ee446dc7f1c4724644c8d4b57773fa2a62635521162ccab40021ed70d77e559a