amazon.au.keylogic.us

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 192.254.191.164, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is amazon.au.keylogic.us.

This is the only time amazon.au.keylogic.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address		AS Autonomous System
2 9	192.254.191.164 192.254.191.164		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
7	1

9 192.254.191.164 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-191-164.unifiedlayer.com

amazon.au.keylogic.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	keylogic.us 2 redirects amazon.au.keylogic.us	84 KB
7	1

	Domain	Requested by
9	amazon.au.keylogic.us	2 redirects amazon.au.keylogic.us
7	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573
Frame ID: 1F1FC086DDED2E94B93862B2A12161C8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon - Sign In

Page URL History Show full URLs

http://amazon.au.keylogic.us/j4zds HTTP 301
http://amazon.au.keylogic.us/j4zds/ HTTP 302
http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Page URL

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

83 kB
Transfer

153 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://amazon.au.keylogic.us/j4zds HTTP 301
http://amazon.au.keylogic.us/j4zds/ HTTP 302
http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ amazon.au.keylogic.us/	0 421 B	942ms 878ms	Document text/html	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://amazon.au.keylogic.us/ Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language en-US,en;q=0.9 Response headers Date Sat, 04 Dec 2021 16:48:25 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache refresh 0; url=j4zds Upgrade h2,h2c Connection Upgrade, Keep-Alive Content-Length 0 Keep-Alive timeout=5, max=75 Content-Type text/html
GET H/1.1	200 OK	Primary Request login.php Show response amazon.au.keylogic.us/j4zds/ Redirect Chain http://amazon.au.keylogic.us/j4zds http://amazon.au.keylogic.us/j4zds/ http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573	8 KB 7 KB	742ms 742ms	Document text/html	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash `e85f03482c51afcdb5e55f32baba6eedc8f022a94e65b9574ccb4c81f2ecab80` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language en-US,en;q=0.9 Referer http://amazon.au.keylogic.us/ Response headers Date Sat, 04 Dec 2021 16:48:26 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 6472 Keep-Alive timeout=5, max=72 Connection Keep-Alive Content-Type text/html Redirect headers Date Sat, 04 Dec 2021 16:48:26 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Location login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Content-Length 0 Keep-Alive timeout=5, max=73 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	functions.js Show response amazon.au.keylogic.us/j4zds/assets/js/	20 KB 8 KB	126ms 124ms	Script application/javascript	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://amazon.au.keylogic.us/j4zds/assets/js/functions.js Requested by Host: amazon.au.keylogic.us URL: http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash `48abcf2acffbf2a302ed72ec7f24576109003d5e0830e95b87eef24caefd4bc5` Request headers Accept-Language en-US,en;q=0.9 Referer http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sat, 04 Dec 2021 16:48:27 GMT Content-Encoding gzip Last-Modified Sat, 04 Dec 2021 16:48:25 GMT Server Apache Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=71 Content-Length 7931
GET H/1.1	200 OK	jquery-3.1.1.min.js Show response amazon.au.keylogic.us/j4zds/assets/js/	85 KB 37 KB	123ms 121ms	Script application/javascript	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://amazon.au.keylogic.us/j4zds/assets/js/jquery-3.1.1.min.js Requested by Host: amazon.au.keylogic.us URL: http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash `85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf` Request headers Accept-Language en-US,en;q=0.9 Referer http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sat, 04 Dec 2021 16:48:27 GMT Content-Encoding gzip Last-Modified Sat, 04 Dec 2021 16:48:25 GMT Server Apache Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=70
GET H/1.1	200 OK	style.css amazon.au.keylogic.us/j4zds/assets/css/	16 KB 5 KB	194ms 129ms	Stylesheet text/css	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://amazon.au.keylogic.us/j4zds/assets/css/style.css Requested by Host: amazon.au.keylogic.us URL: http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash `bae48c48db69c72c0b481bda5a983c0bf79deeb8640c663c17abb0e227f061cc` Request headers Accept-Language en-US,en;q=0.9 Referer http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sat, 04 Dec 2021 16:48:27 GMT Content-Encoding gzip Last-Modified Sat, 04 Dec 2021 16:48:25 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=75 Content-Length 5189
GET H/1.1	200 OK	1.png amazon.au.keylogic.us/j4zds/assets/imgs/	25 KB 25 KB	100ms 100ms	Image image/png	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://amazon.au.keylogic.us/j4zds/assets/imgs/1.png Requested by Host: amazon.au.keylogic.us URL: http://amazon.au.keylogic.us/j4zds/assets/css/style.css Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash `3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a` Request headers Accept-Language en-US,en;q=0.9 Referer http://amazon.au.keylogic.us/j4zds/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sat, 04 Dec 2021 16:48:27 GMT Last-Modified Sat, 04 Dec 2021 16:48:25 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=74 Content-Length 25262
GET H/1.1	200 OK	timezone.php Show response amazon.au.keylogic.us/j4zds/	0 308 B	546ms 545ms	XHR text/html	192.254.191.164 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://amazon.au.keylogic.us/j4zds/timezone.php?time=Sat%20Dec%2004%202021%2016:48:27%20GMT+0000%20(GMT) Requested by Host: amazon.au.keylogic.us URL: http://amazon.au.keylogic.us/j4zds/assets/js/jquery-3.1.1.min.js Protocol HTTP/1.1 Server 192.254.191.164 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-191-164.unifiedlayer.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://amazon.au.keylogic.us/j4zds/login.php?p=0&sessionid=616d617a6f6e2e61752e6b65796c6f6769632e7573 X-Requested-With XMLHttpRequest Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Sat, 04 Dec 2021 16:48:27 GMT Server Apache Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=5, max=69 Content-Length 0 Expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amazon.au.keylogic.us/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0bcad485894fb0321e9e3641225c26f8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: http://amazon.au.keylogic.us/j4zds/assets/js/jquery-3.1.1.min.js(Line 3) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon.au.keylogic.us
192.254.191.164
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a
48abcf2acffbf2a302ed72ec7f24576109003d5e0830e95b87eef24caefd4bc5
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
bae48c48db69c72c0b481bda5a983c0bf79deeb8640c663c17abb0e227f061cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85f03482c51afcdb5e55f32baba6eedc8f022a94e65b9574ccb4c81f2ecab80

amazon.au.keylogic.us Open in urlscan Pro 192.254.191.164 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

83 kBTransfer

153 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

amazon.au.keylogic.us Open in urlscan Pro
192.254.191.164 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

83 kB
Transfer

153 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!