amazon-system-zz.top Open in urlscan Pro
139.64.236.182  Malicious Activity! Public Scan

URL: https://amazon-system-zz.top/
Submission Tags: @phishunt_io
Submission: On December 08 via api from DE — Scanned from JP

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 139.64.236.182, located in Tokyo, Japan and belongs to NEXUS-BYTES, US. The main domain is amazon-system-zz.top.
TLS certificate: Issued by R3 on December 7th 2022. Valid for: 3 months.
This is the only time amazon-system-zz.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Singapore Post (Transportation)

Domain & IP information

IP Address AS Autonomous System
13 139.64.236.182 206607 (NEXUS-BYTES)
1 2404:6800:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
20 5
Apex Domain
Subdomains
Transfer
13 amazon-system-zz.top
amazon-system-zz.top
1 MB
4 gstatic.com
fonts.gstatic.com
63 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
429 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
1 KB
20 4
Domain Requested by
13 amazon-system-zz.top amazon-system-zz.top
4 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net amazon-system-zz.top
cdn.jsdelivr.net
1 fonts.googleapis.com amazon-system-zz.top
20 4

This site contains no links.

Subject Issuer Validity Valid
amazon-system-zz.top
R3
2022-12-07 -
2023-03-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://amazon-system-zz.top/
Frame ID: B88C121CC68717BED36105B1A2313227
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Singapore Post

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

1859 kB
Transfer

2573 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
amazon-system-zz.top/
1 KB
657 B
Document
General
Full URL
https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
54f1def42ac21be5b902f263c3bd192461176b4a8de9a9c9b9895a9b11f795fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 08 Dec 2022 00:44:25 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Dec 2022 00:44:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 00:24:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Dec 2022 00:44:25 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/
321 KB
52 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f8c6f48ea217d6c394c68e1a68f2958169d972c7b435f4d71361e57c26e411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33494
x-jsd-version
7.0.96
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19140-FRA, cache-iad-kiad7000034-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"505a4-INFSF/VcDY3YGq5QRH3rBHuiXOA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDy7tqV1PozOP1Mv%2FhX%2BRvhI0ClkWSjybZrbF%2BkLri%2Fp6VTFOq1PK5XkFNUT9NaeJo6qG7%2FOlJsIxhTRTKUSs9u2UeQfFWWnXk1TnIJFkCvoaXnFfM%2BGRtvkga6voUpaCVxrWkCW5Ss2P6kSHgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
776178f57c0cf5d8-NRT
chunk-vendors.c20265e1.js
amazon-system-zz.top/js/
199 KB
74 KB
Script
General
Full URL
https://amazon-system-zz.top/js/chunk-vendors.c20265e1.js
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
3b8585984109ff5a1112a8937b76748e4c18d424ef05cd41a39bb788a689a02b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=chunk-vendors.c20265e1.js
expires
Thu, 08 Dec 2022 00:45:25 GMT
app.84a4a422.js
amazon-system-zz.top/js/
19 KB
12 KB
Script
General
Full URL
https://amazon-system-zz.top/js/app.84a4a422.js
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
1182cfa1ad7e6539973be84c438ba593cbb7a2f08bd518c05202fb5885a373d9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=app.84a4a422.js
expires
Thu, 08 Dec 2022 00:45:25 GMT
chunk-vendors.2bd753a7.css
amazon-system-zz.top/css/
321 KB
45 KB
Stylesheet
General
Full URL
https://amazon-system-zz.top/css/chunk-vendors.2bd753a7.css
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
d0fd96f61786544578558fef8807c86ca4fb21db39c4ddec976ea8c29eff2ba1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=chunk-vendors.2bd753a7.css
expires
Thu, 08 Dec 2022 00:45:25 GMT
app.c18b8c7f.css
amazon-system-zz.top/css/
981 B
1 KB
Stylesheet
General
Full URL
https://amazon-system-zz.top/css/app.c18b8c7f.css
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
a73a0086e4ef79c32b95eb6fdc54df51d2a851e72d99ef748a465e143d0ec51d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=app.c18b8c7f.css
content-length
981
expires
Thu, 08 Dec 2022 00:45:25 GMT
803.a7cb4720.js
amazon-system-zz.top/js/
20 KB
8 KB
Script
General
Full URL
https://amazon-system-zz.top/js/803.a7cb4720.js
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/js/app.84a4a422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
d2f7dd82eb1677564c4a609d7c6ad81035cee607b14735d082dbf8fb9ad6b1d3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=803.a7cb4720.js
expires
Thu, 08 Dec 2022 00:45:25 GMT
879.aaad42fb.css
amazon-system-zz.top/css/
681 B
890 B
Stylesheet
General
Full URL
https://amazon-system-zz.top/css/879.aaad42fb.css
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/js/app.84a4a422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
1fc03d7a8b7f0d8fafb964bcfb69f6841d2dae5424f526335369712344d8b4c8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=879.aaad42fb.css
content-length
681
expires
Thu, 08 Dec 2022 00:45:25 GMT
879.6a595962.js
amazon-system-zz.top/js/
17 KB
6 KB
Script
General
Full URL
https://amazon-system-zz.top/js/879.6a595962.js
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/js/app.84a4a422.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
3483b153d398f9e1918da94779815d5c8155f8863e4d24c73766b8fe8c8e5630

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-disposition
inline; filename=879.6a595962.js
expires
Thu, 08 Dec 2022 00:45:25 GMT
footer.bdb83019.png
amazon-system-zz.top/img/
1 MB
1 MB
Image
General
Full URL
https://amazon-system-zz.top/img/footer.bdb83019.png
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/css/app.c18b8c7f.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
a2006f8c765b6e33d4a8ee7eb2699303f2d719cf0f7e406bb4fce84b4619b4db

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/css/app.c18b8c7f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
x-cache
MISS
content-type
image/png
cache-control
max-age=60
content-disposition
inline; filename=footer.bdb83019.png
content-length
1236387
expires
Thu, 08 Dec 2022 00:45:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amazon-system-zz.top
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 18:47:18 GMT
x-content-type-options
nosniff
age
453428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:47:18 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/
376 KB
377 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.0.96
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin
https://amazon-system-zz.top
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17415
x-jsd-version
7.0.96
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
385360
x-served-by
cache-fra19147-FRA, cache-iad-kiad7000049-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"5e150-B+H0GsmracemE1oJDPZWmLaNcQM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JujnxFJtl7pUX3shNAas1NutD5XT3Q3KtIbuNRk7yCEB4OB1ARdYz85GDOTTnxDhknQC3yCQtdOQb3AaFEXaKPzQB%2BsLVVNiNNA9WzhK2UE%2BcjAO7CPU2z1I7SHEVTxLfvIdbHqNobPpE%2F4VNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
776178f64bbc1d87-NRT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amazon-system-zz.top
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 11:01:36 GMT
x-content-type-options
nosniff
age
135770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 11:01:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amazon-system-zz.top
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:03:38 GMT
x-content-type-options
nosniff
age
139248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 10:03:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amazon-system-zz.top
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 04:18:08 GMT
x-content-type-options
nosniff
age
332778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Dec 2023 04:18:08 GMT
search.e7cedd46.svg
amazon-system-zz.top/img/
1 KB
1 KB
Image
General
Full URL
https://amazon-system-zz.top/img/search.e7cedd46.svg
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
fc0d8f1aa10b91f60ecd9575b3c67ad950d5c496c6c47340894f360a039e94f2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
cache-control
no-cache, no-cache
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
content-disposition
inline; filename=search.e7cedd46.svg
content-length
1181
content-type
image/svg+xml; charset=utf-8
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04258dd19ba92dd8229f5c1107b50440a27437a7e4f6970d28525fec7653774a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
sidebar.5f05330f.svg
amazon-system-zz.top/img/
540 B
730 B
Image
General
Full URL
https://amazon-system-zz.top/img/sidebar.5f05330f.svg
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
d1b7522c74389cd009645d7bb777619d3bcb6ad853fc37687f9ddd9c600912db

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
cache-control
no-cache, no-cache
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
content-disposition
inline; filename=sidebar.5f05330f.svg
content-length
540
content-type
image/svg+xml; charset=utf-8
sgp-logo-white.b0f81102.svg
amazon-system-zz.top/img/
7 KB
7 KB
Image
General
Full URL
https://amazon-system-zz.top/img/sgp-logo-white.b0f81102.svg
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
1049f12d0910416389877c280b016b2837c059dcdb1c4d0e5f625270fbff6457

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
cache-control
no-cache, no-cache
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
content-disposition
inline; filename=sgp-logo-white.b0f81102.svg
content-length
7272
content-type
image/svg+xml; charset=utf-8
up_arrow.635ec23f.svg
amazon-system-zz.top/img/
184 B
375 B
Image
General
Full URL
https://amazon-system-zz.top/img/up_arrow.635ec23f.svg
Requested by
Host: amazon-system-zz.top
URL: https://amazon-system-zz.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.64.236.182 Tokyo, Japan, ASN206607 (NEXUS-BYTES, US),
Reverse DNS
Software
nginx /
Resource Hash
da0c439b592a45541c403af770eabad0722b80c9e2a6c0ea227841b0ec422ed2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://amazon-system-zz.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 00:44:25 GMT
cache-control
no-cache, no-cache
last-modified
Thu, 06 Oct 2022 16:12:32 GMT
server
nginx
content-disposition
inline; filename=up_arrow.635ec23f.svg
content-length
184
content-type
image/svg+xml; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Singapore Post (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| webpackChunkaupost

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-system-zz.top
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
139.64.236.182
2404:6800:4004:80a::200a
2404:6800:4004:812::2003
2606:4700::6810:5914
01f8c6f48ea217d6c394c68e1a68f2958169d972c7b435f4d71361e57c26e411
04258dd19ba92dd8229f5c1107b50440a27437a7e4f6970d28525fec7653774a
1049f12d0910416389877c280b016b2837c059dcdb1c4d0e5f625270fbff6457
1182cfa1ad7e6539973be84c438ba593cbb7a2f08bd518c05202fb5885a373d9
1fc03d7a8b7f0d8fafb964bcfb69f6841d2dae5424f526335369712344d8b4c8
3483b153d398f9e1918da94779815d5c8155f8863e4d24c73766b8fe8c8e5630
3b8585984109ff5a1112a8937b76748e4c18d424ef05cd41a39bb788a689a02b
54f1def42ac21be5b902f263c3bd192461176b4a8de9a9c9b9895a9b11f795fa
a2006f8c765b6e33d4a8ee7eb2699303f2d719cf0f7e406bb4fce84b4619b4db
a73a0086e4ef79c32b95eb6fdc54df51d2a851e72d99ef748a465e143d0ec51d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
d0fd96f61786544578558fef8807c86ca4fb21db39c4ddec976ea8c29eff2ba1
d1b7522c74389cd009645d7bb777619d3bcb6ad853fc37687f9ddd9c600912db
d2f7dd82eb1677564c4a609d7c6ad81035cee607b14735d082dbf8fb9ad6b1d3
da0c439b592a45541c403af770eabad0722b80c9e2a6c0ea227841b0ec422ed2
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc0d8f1aa10b91f60ecd9575b3c67ad950d5c496c6c47340894f360a039e94f2