helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com Open in urlscan Pro
114.143.205.13 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/
Effective URL:
http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145
Submission: On January 17 via api (January 17th 2020, 8:10:42 pm UTC) from CA

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 114.143.205.13, located in Pune, India and belongs to HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN. The main domain is helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com.

This is the only time helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 12	114.143.205.13 114.143.205.13	17762 (HTIL-TTML...) (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd)
1	143.204.96.127 143.204.96.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
12	2

12 114.143.205.13 (Pune, India) 1 redirects

ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN)

helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.96.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-96-127.fra50.r.cloudfront.net

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mhbvadhuvar.com 1 redirects helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com	9 MB
1	media-amazon.com m.media-amazon.com	5 KB
12	2

	Domain	Requested by
12	helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com	1 redirects helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com
1	m.media-amazon.com	helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2019-05-02` - `2020-04-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145
Frame ID: 451E2FBD82CF24BE8368688A6636D91B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ HTTP 302
http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

8 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9198 kB
Transfer

9195 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ HTTP 302
http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ Redirect Chain http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145	4 KB 4 KB	228ms 225ms	Document text/html	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `be4037fe3379e5e433eee8bccb62de1ed65446c61118942dd39b9c814b60f932` Request headers Host helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Cookie PHPSESSID=d9cc3cd3dd08712d8e5425b0ec06fbd0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:22 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Keep-Alive timeout=10, max=99 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Fri, 17 Jan 2020 20:10:22 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=d9cc3cd3dd08712d8e5425b0ec06fbd0; path=/ location ?reason=auth&_-SESSION=1702865145 Keep-Alive timeout=10, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	fonts.css helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/	244 B 485 B	172ms 171ms	Stylesheet text/css	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/fonts.css?r=1649207573 Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `929b86b1bdddcbfdf7cb4ede49dfe0ff07dcd6d85bee0ee4c0fb3f4b859a05e7` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:22 GMT Last-Modified Thu, 15 Aug 2019 13:15:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=98 Content-Length 244
GET H/1.1	200 OK	main.css helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/	7 KB 7 KB	175ms 174ms	Stylesheet text/css	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/main.css?r=262639851 Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `c1497cdcf6ebe7cff2572d62063c167ab7ab593650cfbeac9c55f7fa59c752af` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:22 GMT Last-Modified Thu, 15 Aug 2019 13:16:10 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 7146
GET H/1.1	200 OK	login_responsive.css helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/	123 B 365 B	354ms 330ms	Stylesheet text/css	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/login_responsive.css?r=1652094298 Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `03f212eec83727584a98ef1602160ea0bc9e0493fcb102848affef5e8a64b9cc` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:23 GMT Last-Modified Thu, 15 Aug 2019 13:16:02 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 123
GET H/1.1	200 OK	cryptolib.js Show response helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/js/	1 KB 1 KB	347ms 323ms	Script application/javascript	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/js/cryptolib.js?r=1495423143 Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `266039dbbc5fb10559a70c69bed3b105dc63d7662664e36b405d56ad72658c46` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:23 GMT Last-Modified Thu, 15 Aug 2019 13:15:16 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 1047
GET H/1.1	200 OK	main.js Show response helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/js/	3 KB 4 KB	385ms 361ms	Script application/javascript	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/js/main.js?r=2029295755 Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `3c33fcffff5c98dec9ffab0870221f24fc1cc28e2b1e8e865fcba911a01bd7dc` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:23 GMT Last-Modified Wed, 23 Oct 2019 15:25:04 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=100 Content-Length 3528
GET H/1.1	200 OK	logo.png helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/img/	2 KB 2 KB	176ms 175ms	Image image/png	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Show image Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/img/logo.png Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `2383da8f9a6d59d0371553e68f87c4c4ca7b3e9b57423b7c89a5fc4a40792817` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/main.css?r=262639851 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:23 GMT Last-Modified Thu, 15 Aug 2019 03:49:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=99 Content-Length 2099
GET H/1.1	200 OK	uiSprite.png helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/img/	25 KB 25 KB	176ms 176ms	Image image/png	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Show image Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/img/uiSprite.png Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/main.css?r=262639851 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:23 GMT Last-Modified Tue, 06 Aug 2019 04:13:56 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=99 Content-Length 25262
GET H2	200	InternationalCustomerPreferencesNavMobileAssets-icp_sprite-6b737a23dc2fdf9eef2fe592c2f05017215df7e7._V2_.png m.media-amazon.com/images/G/01/AUIClients/	4 KB 5 KB	136ms 46ms	Image image/png	143.204.96.127 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/G/01/AUIClients/InternationalCustomerPreferencesNavMobileAssets-icp_sprite-6b737a23dc2fdf9eef2fe592c2f05017215df7e7._V2_.png Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.96.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-96-127.fra50.r.cloudfront.net Software Server / Resource Hash `b43e965b8091fd5f7a8da650c60ca16ae6deff284ea8db39c7ec7ef9dba20c48` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/main.css?r=262639851 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Tue, 24 Sep 2019 07:42:00 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) age 10134908 edge-cache-tag x-cache-239,/images/G/01/AUIClients/InternationalCustomerPreferencesNavMobileAssets-icp_sprite-6b737a23dc2fdf9eef2fe592c2f05017215df7e7 status 200 x-cache Hit from cloudfront content-length 4488 surrogate-key x-cache-239 /images/G/01/AUIClients/InternationalCustomerPreferencesNavMobileAssets-icp_sprite-6b737a23dc2fdf9eef2fe592c2f05017215df7e7 last-modified Fri, 18 Nov 2016 18:41:19 GMT server Server content-type image/png access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 202fb872-cb46-4813-ad53-3a94d5bd0f76 x-amz-cf-pop FRA50-C1 timing-allow-origin https://www.amazon.com x-amz-cf-id 7JYp4BpvCZY3HTqVyIQTgn2HRN-pwCo6QVVU-wDMRAuNR_xvU43Nnw== expires Sat, 17 Sep 2039 12:55:15 GMT
GET H/1.1	200 OK	hiragino-kaku-gothic-pro-w3.otf helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/fonts/	9 MB 9 MB	173ms 173ms	Font font/otf	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/fonts/hiragino-kaku-gothic-pro-w3.otf Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `0a3595c8c5046c21f0210dcc58f25405a3421798cf75d7a422ad7c515bf3f0a7` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/css/fonts.css?r=1649207573 Origin http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com Response headers Date Fri, 17 Jan 2020 20:10:23 GMT Last-Modified Fri, 25 Nov 2016 05:41:48 GMT Server Apache Content-Type font/otf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=99 Content-Length 9367476
GET H/1.1	200 OK	md5.ajax.php Show response helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ajax/	17 B 216 B	216ms 216ms	XHR application/json	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ajax/md5.ajax.php?f=../index.php Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/js/cryptolib.js?r=1495423143 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `9856d781b4c2f8e077b806072ae238717688d11b460d4402839e78e9144bb561` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=10, max=98 Transfer-Encoding chunked Content-Type application/json
GET H/1.1	200 OK	md5.ajax.php Show response helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ajax/	17 B 216 B	215ms 215ms	XHR application/json	114.143.205.13 HTIL-TTML-IN-AP T...
General Check archive.org Show headers Download Go to Full URL http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/ajax/md5.ajax.php?f=../inc/config.inc.php Requested by Host: helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com URL: http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/assets/js/cryptolib.js?r=1495423143 Protocol HTTP/1.1 Server 114.143.205.13 Pune, India, ASN17762 (HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN), Reverse DNS Software Apache / Resource Hash `9856d781b4c2f8e077b806072ae238717688d11b460d4402839e78e9144bb561` Request headers Referer http://helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com/?reason=auth&_-SESSION=1702865145 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Fri, 17 Jan 2020 20:10:25 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=10, max=97 Transfer-Encoding chunked Content-Type application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| CryptoLib

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com
m.media-amazon.com
114.143.205.13
143.204.96.127
03f212eec83727584a98ef1602160ea0bc9e0493fcb102848affef5e8a64b9cc
0a3595c8c5046c21f0210dcc58f25405a3421798cf75d7a422ad7c515bf3f0a7
2383da8f9a6d59d0371553e68f87c4c4ca7b3e9b57423b7c89a5fc4a40792817
266039dbbc5fb10559a70c69bed3b105dc63d7662664e36b405d56ad72658c46
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a
3c33fcffff5c98dec9ffab0870221f24fc1cc28e2b1e8e865fcba911a01bd7dc
929b86b1bdddcbfdf7cb4ede49dfe0ff07dcd6d85bee0ee4c0fb3f4b859a05e7
9856d781b4c2f8e077b806072ae238717688d11b460d4402839e78e9144bb561
b43e965b8091fd5f7a8da650c60ca16ae6deff284ea8db39c7ec7ef9dba20c48
be4037fe3379e5e433eee8bccb62de1ed65446c61118942dd39b9c814b60f932
c1497cdcf6ebe7cff2572d62063c167ab7ab593650cfbeac9c55f7fa59c752af

helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com Open in urlscan Pro 114.143.205.13 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

8 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

9198 kBTransfer

9195 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

helpdesk-amazon.co.jp-verifyaccount-online-itservice.mhbvadhuvar.com Open in urlscan Pro
114.143.205.13 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

8 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

9198 kB
Transfer

9195 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!