74.209.185.196
Open in
urlscan Pro
74.209.185.196
Malicious Activity!
Public Scan
Submission: On May 26 via api from JP — Scanned from JP
Summary
This is the only time 74.209.185.196 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 74.209.185.196 74.209.185.196 | 19528 (MPDCOL) (MPDCOL) | |
4 | 2600:9000:20c... 2600:9000:20c4:6c00:1d:d7f6:39d2:2dc1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.210.192.51 3.210.192.51 | 14618 (AMAZON-AES) (AMAZON-AES) | |
6 | 3 |
ASN19528 (MPDCOL, US)
PTR: 74.209.185.196.static.chi1.net.bytegrid.com
74.209.185.196 |
ASN16509 (AMAZON-02, US)
images-na.ssl-images-amazon.com | |
m.media-amazon.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-192-51.compute-1.amazonaws.com
fls-na.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 758 |
29 KB |
1 |
media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 513 |
28 KB |
1 |
amazon.com
fls-na.amazon.com — Cisco Umbrella Rank: 1251 |
87 B |
6 | 3 |
Domain | Requested by | |
---|---|---|
3 | images-na.ssl-images-amazon.com |
74.209.185.196
|
1 | m.media-amazon.com |
images-na.ssl-images-amazon.com
|
1 | fls-na.amazon.com |
74.209.185.196
|
6 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2022-10-26 - 2023-10-14 |
a year | crt.sh |
fls-na.amazon.com Amazon RSA 2048 M02 |
2023-01-20 - 2024-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://74.209.185.196/v6u9l323Ebh?Redirect=true&d=2e90559a-5749-4938-a4d5-fa32788743a9
Frame ID: FECA93752BD7DEE0E7F6216C0E46E714
Requests: 6 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Other issues with Sign-In
Search URL Search Domain Scan URL
Title: Create your Amazon account
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
v6u9l323Ebh
74.209.185.196/ |
81 KB 81 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61SUcgRRk1L._RC%7C11G3FjOK-sL.css,01RgENaJKWL.css,11k0Ds2WQkL.css,31g5W1VO8jL.css,31y5pUCB3uL.css_.css
images-na.ssl-images-amazon.com/images/I/ |
140 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41+ENBGOqUL.css_.css
images-na.ssl-images-amazon.com/images/I/ |
46 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11E08O3eXDL.css
images-na.ssl-images-amazon.com/images/I/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ATVPDKIKX0DER:140-6222321-9166711:C4R7VPJQHYSZQPGTJ656%24uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DC4R7VPJQHYSZQPGTJ656:0
fls-na.amazon.com/1/batch/1/OP/ |
87 B 87 B |
Image
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUIBaseCSS-sprite_1x-c4a765aedd886dc04d89e7e93b6a02c59ecb7013._V2_.png
m.media-amazon.com/images/G/01/AUIClients/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless number| ue_t0 number| aPageStart number| ue_ihe object| amzn function| cf object| metadataList object| input object| authenticationFormList number| index object| fwcimCmd0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fls-na.amazon.com
images-na.ssl-images-amazon.com
m.media-amazon.com
2600:9000:20c4:6c00:1d:d7f6:39d2:2dc1
3.210.192.51
74.209.185.196
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381
379abf5c20c39001941fa149c641d61154d10bfe6a2e009f9c25dc060919480e
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
52c15f650bd22916ecf079bb2b609082e40c6b513728fc3c36dd446838663810
813bb62f9397f2f3e3f8c49ce9f478ddd1319b396b3ec15acd75214dc2523409
f89dc7d294120ea77a572fd063c2a9d9bcb2699e1608b6fc7732158bc090e82c