urlscan.io logo urlscan.io
SecurityTrails logo

aznshp.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aznshp.com/
Effective URL: https://aznshp.com/go/main.php
Submission Tags: @ecarlesi threat #phishing Search All
Submission: On October 31 via api from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is aznshp.com.
TLS certificate: Issued by E1 on October 20th 2023. Valid for: 3 months.
This is the only time aznshp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
3 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 2a04:4e42::272 54113 (FASTLY)
1 3.233.23.2 14618 (AMAZON-AES)
4 2600:9000:225... 16509 (AMAZON-02)
2 52.46.128.147 16509 (AMAZON-02)
16 5
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
aznshp.com
8    2a04:4e42::272 (United States)

ASN54113 (FASTLY, US)
images-na.ssl-images-amazon.com
1    3.233.23.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-23-2.compute-1.amazonaws.com
fls-na.amazon.com
4    2600:9000:225e:6000:1d:d7f6:39d3:7a61 (United States)

ASN16509 (AMAZON-02, US)
m.media-amazon.com
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
8 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 845
52 KB
4 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 530
114 KB
4 aznshp.com
aznshp.com
16 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
756 B
1 amazon.com
fls-na.amazon.com — Cisco Umbrella Rank: 1339
150 B
16 5
Domain Requested by
8 images-na.ssl-images-amazon.com aznshp.com
4 m.media-amazon.com aznshp.com
images-na.ssl-images-amazon.com
4 aznshp.com 3 redirects
2 s.amazon-adsystem.com aznshp.com
1 fls-na.amazon.com aznshp.com
16 5

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
Subject Issuer Validity Valid
aznshp.com
E1		 2023-10-20 -
2024-01-18		 3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2023-09-08 -
2024-06-21		 9 months crt.sh
fls-na.amazon.com
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://aznshp.com/go/main.php
Frame ID: 080088B980EFE82985ACF5A4462F3A23
Requests: 14 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c0030e0cd581157a0fbbf583d4e30a0ea3cc7a80d7366289d705a5cb50799ff4&old_oo=0&ts=1697568373697&s=AVtkmmLg6oYfUYrVnf6kaUhXIx_0-N32LdR22o7zsZUP&gdpr_consent=&gdpr_consent_avl=&cb=1697568373697
Frame ID: 3C0D9A17E80B990E3090C947708B2ACC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c0030e0cd581157a0fbbf583d4e30a0ea3cc7a80d7366289d705a5cb50799ff4&old_oo=0&ts=1697568373697&s=AVtkmmLg6oYfUYrVnf6kaUhXIx_0-N32LdR22o7zsZUP&gdpr_consent=&gdpr_consent_avl=&cb=1697568373697
Frame ID: E30B0994680B7930C2F2AE8F3B43436A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://aznshp.com/ HTTP 302
    https://aznshp.com/go HTTP 301
    https://aznshp.com/go/ HTTP 302
    https://aznshp.com/go/main.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

16
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

181 kB
Transfer

494 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aznshp.com/ HTTP 302
    https://aznshp.com/go HTTP 301
    https://aznshp.com/go/ HTTP 302
    https://aznshp.com/go/main.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request main.php
aznshp.com/go/
Redirect Chain
  • https://aznshp.com/
  • https://aznshp.com/go
  • https://aznshp.com/go/
  • https://aznshp.com/go/main.php
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aznshp.com/go/main.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4c31248804e5ef670f97536f237481669a1a69fd8ccf31419a2c10f8d74413

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81ee685099f3b8b5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 19:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F4z%2Bs1UxU1faf%2F9iGTRLTxANdme%2B6ZgMxQTofufeC9APhMCtDY2%2FpL0bZCmjEW7JmssWaa050IcYhg%2B1qQhjWehXYOfUq6AKiMdrMdXeGLGbIRf962dXQkt2TnbfXHI8WBxfYN45a%2BI"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81ee684f78c5b8b5-AMS
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 19:47:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/go/main.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwJz4%2FqACoi6mUnxAbuNsIJnFuL8n51%2BBWuV7OY1AB4Vrx3rReQxbnkNZV3zzSQiBIQW9mwn1bkH%2BOEmrG8oT%2BcSm9B4nyzH8yhyfA5Oe6dZzrxo1sZNCExrdCyHhte%2BbM%2Ffwig9PDPS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
31bJewCvY-L.js
images-na.ssl-images-amazon.com/images/I/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/31bJewCvY-L.js
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a1ca9608771693d06b0109e1e442d495da603f32182a6527f9f1026c84780e9

Request headers

Referer
https://aznshp.com/
Origin
https://aznshp.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
19956866
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
4030
x-served-by
cache-iad-kcgs7200119-IAD, cache-bom4734-BOM
last-modified
Tue, 14 Mar 2023 13:05:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
32ff4179-47c0-4d43-b101-ab3f19388286
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in
expires
Mon, 09 Mar 2043 14:37:06 GMT
61UhpddG6YL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css
images-na.ssl-images-amazon.com/images/I/ 		135 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/61UhpddG6YL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css?AUIClients/AmazonUI
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
756073e9f949731c5ede66aa8af8c9fb3784f82aaf727fa3a49682b005d9a093

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
5484597
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
20150
x-served-by
cache-iad-kjyo7100056-IAD, cache-bom4747-BOM
last-modified
Wed, 06 Jan 2021 02:50:26 GMT
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
ee391a86-3c4d-4449-a13b-d0194908a75d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in
expires
Sun, 23 Aug 2043 12:33:20 GMT
01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51tplg0-0gL.css_.css
images-na.ssl-images-amazon.com/images/I/ 		56 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51tplg0-0gL.css_.css?AUIClients/AuthenticationPortalAssets&QmmAyoMU
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9defc5d29b87d3ed62023a1f06ba4e3d02e6cab766c6f3a8f004c777753c764

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
2419809
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
7611
x-served-by
cache-iad-kjyo7100154-IAD, cache-bom4747-BOM
last-modified
Sat, 30 May 2015 02:58:48 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
db731a38-f533-4ca2-a866-a1f3d51f734f
accept-ranges
bytes
timing-allow-origin
https://www.amazon.de
expires
Thu, 24 Sep 2043 21:27:57 GMT
219IRWuL-dL.css
images-na.ssl-images-amazon.com/images/I/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/219IRWuL-dL.css?AUIClients/CVFAssets
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b036f45b0552f4f1b0c989f98856e3304b1d3ccdbc0f4a29eb7c6ec8b62d041

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
6006820
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
1249
x-served-by
cache-iad-kjyo7100046-IAD, cache-bom4747-BOM
last-modified
Thu, 11 May 2023 22:25:35 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
3a7cda0f-f627-4f35-b09b-e62274561cb0
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Tue, 18 Aug 2043 07:03:55 GMT
ATVPDKIKX0DER:134-5109403-0710330:D7M6H6D713D14R2RW8BY$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DD7M6H6D713D14R2RW8BY:0
fls-na.amazon.com/1/batch/1/OP/ 		43 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon.com/1/batch/1/OP/ATVPDKIKX0DER:134-5109403-0710330:D7M6H6D713D14R2RW8BY$uedata=s:%2Fap%2Fuedata%3Fstaticb%26id%3DD7M6H6D713D14R2RW8BY:0
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.23.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-23-2.compute-1.amazonaws.com
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
x-amzn-requestid
48006761-6fb0-4841-aaad-4d77e99ebf1e
content-length
43
content-type
image/gif
41Koq9HHG0L._RC%7C41Vqus7iTPL.css,51Ww3KfV-WL.css_.css
images-na.ssl-images-amazon.com/images/I/ 		84 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/41Koq9HHG0L._RC%7C41Vqus7iTPL.css,51Ww3KfV-WL.css_.css?AUIClients/NavMobileAssets-all&+LPoYgJh
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af6f220cfdd38185ade7a25f505cfe64da99b476e05432da8a57f856b2fc75dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
2449279
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
9248
x-served-by
cache-iad-kcgs7200116-IAD, cache-bom4747-BOM
last-modified
Tue, 26 Sep 2023 17:01:43 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
c816fd89-ca70-475e-bb5d-44ea431b1e31
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
expires
Sun, 27 Sep 2043 20:15:54 GMT
41bhuBzDmyL.css
images-na.ssl-images-amazon.com/images/I/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/41bhuBzDmyL.css?AUIClients/InternationalCustomerPreferencesNavMobileAssets
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87b816e9bd56d05b49ac7630daf442628b0599c8dbf5952d25ee3a369e0f5082

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
39064885
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
3534
x-served-by
cache-iad-kcgs7200067-IAD, cache-bom4747-BOM
last-modified
Mon, 30 May 2022 10:25:36 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
7b81fa07-d8bd-4852-b010-c3137bdb1b7d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Mon, 26 May 2042 10:51:23 GMT
01+72+wCC9L.css
images-na.ssl-images-amazon.com/images/I/ 		1 KB
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/01+72+wCC9L.css?AUIClients/GlowToasterAssets
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
38682005
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
299
x-served-by
cache-iad-kcgs7200048-IAD, cache-bom4747-BOM
last-modified
Sat, 23 Dec 2017 00:30:57 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
d9be32e9-8263-405d-9367-d8069a04ac97
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Sun, 16 Mar 2042 13:52:39 GMT
41Oo+sl03rL._RC%7C21q3S+VNEnL.css,31kNgnMN-dL.css_.css
images-na.ssl-images-amazon.com/images/I/ 		45 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images-na.ssl-images-amazon.com/images/I/41Oo+sl03rL._RC%7C21q3S+VNEnL.css,31kNgnMN-dL.css_.css?AUIClients/RetailSearchAutocompleteAssets&p27p/3HG
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa33f43a8904ff36d73563822d5ebd54acb54f9e00f31596feb58bc8167da00d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 19:47:02 GMT
content-encoding
br
age
2436709
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
content-length
5113
x-served-by
cache-iad-kcgs7200103-IAD, cache-bom4747-BOM
last-modified
Tue, 19 Sep 2023 23:18:06 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
64711375-4b2f-411b-9448-5a3aff115302
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
expires
Tue, 22 Sep 2043 21:53:23 GMT
new-nav-sprite-global-1x_blueheaven-privacy._CB588007131_.png
m.media-amazon.com/images/G/01/gno/sprites/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/G/01/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy._CB588007131_.png
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6000:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
053dd134b1723da118c189819a77d6d4c3b6dfb7f23fd08f8c7a93fdf1d64f4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 06:30:18 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
age
7564604
x-amz-cf-pop
FRA60-P4
edge-cache-tag
x-cache-301,/images/G/01/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
13358
surrogate-key
x-cache-301 /images/G/01/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy
last-modified
Mon, 05 Jun 2023 16:56:24 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
7669612a-dc75-46c0-affd-84d9b4b850df
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
3qE4amhOF4g957tmjMo3x43Pldvx2AIifyL-5O8hIQdWRAt7d_dURA==
expires
Fri, 31 Jul 2043 06:30:18 GMT
iu3
s.amazon-adsystem.com/ Frame 3C0D 		65 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c0030e0cd581157a0fbbf583d4e30a0ea3cc7a80d7366289d705a5cb50799ff4&old_oo=0&ts=1697568373697&s=AVtkmmLg6oYfUYrVnf6kaUhXIx_0-N32LdR22o7zsZUP&gdpr_consent=&gdpr_consent_avl=&cb=1697568373697
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aznshp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Length
65
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 31 Oct 2023 19:47:02 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EC3KAJQDP62H3KSFF0R7
new-nav-sprite-global-1x_blueheaven-privacy._CB588007131_.png
m.media-amazon.com/images/G/01/gno/sprites/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/G/01/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy._CB588007131_.png
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6000:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
053dd134b1723da118c189819a77d6d4c3b6dfb7f23fd08f8c7a93fdf1d64f4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://aznshp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 06:30:18 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
age
7564604
x-amz-cf-pop
FRA60-P4
edge-cache-tag
x-cache-301,/images/G/01/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
13358
surrogate-key
x-cache-301 /images/G/01/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy
last-modified
Mon, 05 Jun 2023 16:56:24 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
7669612a-dc75-46c0-affd-84d9b4b850df
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
mTunloAxreZS4lm0AbsLgbjf_qDZ8MEkLb7FqpwGJaJ_zmTWaBwP4g==
expires
Fri, 31 Jul 2043 06:30:18 GMT
mPGmT0r6IeTyIee.png
m.media-amazon.com/images/S/sash/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/61UhpddG6YL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css?AUIClients/AmazonUI#mobile.us.not-trident
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6000:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://images-na.ssl-images-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 12:11:56 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
age
7457706
x-amz-cf-pop
FRA60-P4
edge-cache-tag
x-cache-739,/images/S/sash/mPGmT0r6IeTyIee
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA60-P4",cdn-rid;desc="M0QhbczzF6UREzLPQAKqClHnsqza0VwqppAWU-RaQbgh1ENUijznGA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=0,provider;desc="cf"
content-length
27972
surrogate-key
x-cache-739 /images/S/sash/mPGmT0r6IeTyIee
last-modified
Tue, 17 Nov 2020 23:31:33 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
b570b2ca-509f-40c9-b095-f94914e8519c
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
M0QhbczzF6UREzLPQAKqClHnsqza0VwqppAWU-RaQbgh1ENUijznGA==
expires
Tue, 16 Jun 2043 17:19:20 GMT
fe2UeLQmJ11kKHN.png
m.media-amazon.com/images/S/sash/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/S/sash/fe2UeLQmJ11kKHN.png
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/41bhuBzDmyL.css?AUIClients/InternationalCustomerPreferencesNavMobileAssets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6000:1d:d7f6:39d3:7a61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://images-na.ssl-images-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 06:53:18 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
age
7390424
x-amz-cf-pop
FRA60-P4
edge-cache-tag
x-cache-480,/images/S/sash/fe2UeLQmJ11kKHN
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
content-length
59234
surrogate-key
x-cache-480 /images/S/sash/fe2UeLQmJ11kKHN
last-modified
Fri, 06 May 2022 16:03:28 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
21e85ec2-4a24-49ad-8f48-d5326f9ad25d
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
A5oM6U0JkErkqkQ38tVQVzv_EXxGeXts-yOajGGTsMJgQQPODilJiQ==
expires
Sat, 01 Aug 2043 05:47:08 GMT
iu3
s.amazon-adsystem.com/ Frame E30B 		65 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=amazon.com&slot=navFooter&a2=0101c0030e0cd581157a0fbbf583d4e30a0ea3cc7a80d7366289d705a5cb50799ff4&old_oo=0&ts=1697568373697&s=AVtkmmLg6oYfUYrVnf6kaUhXIx_0-N32LdR22o7zsZUP&gdpr_consent=&gdpr_consent_avl=&cb=1697568373697
Requested by
Host: aznshp.com
URL: https://aznshp.com/go/main.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aznshp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Length
65
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 31 Oct 2023 19:47:03 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
T85QAB9RVPT2NFZHKEAY

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| nav_t_after_searchbar

1 Cookies

Domain/Path Name / Value
aznshp.com/ Name: PHPSESSID
Value: b1d5f381ba14bf29f262e9dfa3e07623