urlscan.io logo urlscan.io
SecurityTrails logo

oamazon.hailuogo.net Open in urlscan Pro
119.28.225.184  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://oamazon.hailuogo.net/
Submission Tags: @phishunt_io
Submission: On February 18 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 19 HTTP transactions. The main IP is 119.28.225.184, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is oamazon.hailuogo.net.
TLS certificate: Issued by TrustAsia TLS RSA CA on February 18th 2021. Valid for: a year.
This is the only time oamazon.hailuogo.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
14 119.28.225.184 132203 (TENCENT-N...)
1 150.109.206.154 132203 (TENCENT-N...)
1 116.207.118.55 4134 (CHINANET-...)
1 39.156.66.111 9808 (CMNET-GD ...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 44.235.208.29 16509 (AMAZON-02)
19 6
14    119.28.225.184 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
oamazon.hailuogo.net
api.app.hailuogo.net
1    150.109.206.154 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
res.wx.qq.com
1    116.207.118.55 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
js.cdn.aliyun.dcloud.net.cn
1    39.156.66.111 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)
libs.baidu.com
1    2a02:26f0:7100:1a9::108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
images-na.ssl-images-amazon.com
1    44.235.208.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-208-29.us-west-2.compute.amazonaws.com
fls-fe.amazon.co.jp
Domain Requested by
10 oamazon.hailuogo.net oamazon.hailuogo.net
4 api.app.hailuogo.net oamazon.hailuogo.net
1 fls-fe.amazon.co.jp oamazon.hailuogo.net
1 images-na.ssl-images-amazon.com oamazon.hailuogo.net
1 libs.baidu.com oamazon.hailuogo.net
1 js.cdn.aliyun.dcloud.net.cn oamazon.hailuogo.net
1 res.wx.qq.com oamazon.hailuogo.net
19 7

This site contains no links.

Subject Issuer Validity Valid
oamazon.hailuogo.net
TrustAsia TLS RSA CA		 2021-02-18 -
2022-02-17		 a year crt.sh
res.wx.qq.com
DigiCert SHA2 Secure Server CA		 2020-08-31 -
2021-09-29		 a year crt.sh
*.cdn.aliyun.dcloud.net.cn
R3		 2021-01-05 -
2021-04-05		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
admin.app.hailuogo.net
R3		 2020-12-18 -
2021-03-18		 3 months crt.sh
images-fe.ssl-images-amazon.com
GeoTrust RSA CA 2018		 2020-06-24 -
2021-09-23		 a year crt.sh
fls-fe.amazon.com
Amazon		 2020-08-12 -
2021-08-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://oamazon.hailuogo.net/
Frame ID: 7D6C5863A1C90B2DEE8A2B163D615C0A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

6
IPs

5
Countries

118 kB
Transfer

360 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oamazon.hailuogo.net/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
79527324fcad82d45aabf3e8d9e3a9cababa001c721a6b748240d661930158b7

Request headers

:method
GET
:authority
oamazon.hailuogo.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 18 Feb 2021 10:55:40 GMT
content-type
text/html
vary
Accept-Encoding Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
XTNQRQ4Y9NYV65ZZ7BJ9
x-cache
Miss from cloudfront
via
1.1 f18216907252ed03d81059ef28446736.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG62-C2
x-amz-cf-id
s8QxK6kDeRQ45hSZQM6aTnrcZ3yRxhQIIzg7UpnKSOMCMRz9LcTflg==
content-encoding
gzip
AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/ 		165 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
5ab7636e9f2e3ad10acc3d81e7ef8bf615504699d42034c041ff9e7c93f178bb

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:40 GMT
content-encoding
gzip
server
nginx
age
28544228
vary
Accept-Encoding
x-cache
HIT from fastly, HIT from fastly
content-type
text/css
access-control-allow-origin
*
expires
Mon, 19 Mar 2040 22:15:27 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
ba8d4160-19ee-4df2-91fc-82a7309974c4
timing-allow-origin
https://www.amazon.com
x-served-by
cache-dca17775-DCA, cache-hkg17928-HKG
Captcha_andnyrszqb.jpg
oamazon.hailuogo.net/imagesna/captcha/lqbiackd/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oamazon.hailuogo.net/imagesna/captcha/lqbiackd/Captcha_andnyrszqb.jpg
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
1786b2563d75597f4f37caf66363bfc291a9c62e0439938b0a6a6c510c519184

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:59 GMT
via
1.1 2c3102a3dff8da527bfb867c7b7300cf.cloudfront.net (CloudFront)
surrogate-key
x-cache-262 /captcha/lqbiackd/Captcha_andnyrszqb
server
nginx
age
59093
edge-cache-tag
x-cache-262,/captcha/lqbiackd/Captcha_andnyrszqb
content-type
image/jpeg
access-control-allow-origin
*
x-amz-ir-id
b0299ab5-6751-4004-964b-ca26022215aa
x-cache
Miss from cloudfront
x-amz-cf-pop
HKG60-C1
x-amz-cf-id
lwpUFSQZ-SKnkr7H0UESCvg6lRWVBGcjsGAkYk_lsJRyA7GjMp7rLQ==
jweixin-1.4.0.js
res.wx.qq.com/open/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.wx.qq.com/open/js/jweixin-1.4.0.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.154 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
d2157f629b7c3d9ad48ac78c65ed4a9774ae2861c35bd723d169f4308ce4fe97

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:42 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 18 Feb 2021 07:10:00 GMT
server
NWS_UGC_HY
content-type
application/x-javascript
access-control-allow-origin
http://open.weixin.qq.com
cache-control
must-revalidate, max-age=31536000
x-nws-log-uuid
e12cea34-f662-441f-a7a6-f7ac4d2b43e7
content-length
4123
expires
Fri, 18 Feb 2022 10:55:41 GMT
uni.webview.1.5.2.js
js.cdn.aliyun.dcloud.net.cn/dev/uni-app/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cdn.aliyun.dcloud.net.cn/dev/uni-app/uni.webview.1.5.2.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.207.118.55 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a00a21842957e319cd0692f67ed837513db12ca50118555bb0be235dadc42dd3

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:45:25 GMT
via
cache14.l2cn1807[0,304-0,H], cache12.l2cn1807[0,0], kunlun8.cn1241[0,200-0,H], kunlun1.cn1241[1,0]
x-oss-request-id
602E4545B533D73231E26290
content-md5
gSFKkizWy+w18UUJ54tcNg==
age
617
x-cache
HIT TCP_MEM_HIT dirn:10:1054363116
x-oss-cdn-auth
success
x-swift-cachetime
3600
x-swift-savetime
Thu, 18 Feb 2021 10:52:20 GMT
content-encoding
gzip
content-length
1483
x-oss-object-type
Normal
last-modified
Wed, 15 Jul 2020 07:19:05 GMT
server
Tengine
etag
"81214A922CD6CBEC35F14509E78B5C36"
vary
Accept-Encoding
ali-swift-global-savetime
1599136177
content-type
application/javascript
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
1921847720999650489
eagleid
74cf719f16136457427063558e
x-oss-server-time
4
jquery.min.js
libs.baidu.com/jquery/2.1.4/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.baidu.com/jquery/2.1.4/jquery.min.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.156.66.111 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
Security Headers
Name Value
Strict-Transport-Security max-age=87600

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Feb 2021 10:55:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jun 2015 05:58:22 GMT
Server
Apache
Vary
Accept-Encoding
Connection
keep-alive
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=87600
Content-Type
application/x-javascript
Expires
Sat, 20 Mar 2021 10:55:53 GMT
js
api.app.hailuogo.net/Amazon/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.app.hailuogo.net/Amazon/js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
b4484271328c9318c0b6738c2a91c94173938309260463b39b0e9e3147828891

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:43 GMT
cache-control
public
last-modified
Sat, 09 May 2020 09:41:00 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
aui_sprite_0007-1x._V383827579_.png
images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0007-1x._V383827579_.png
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:1a9::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Server /
Resource Hash
49ff798368f6e4367d03a44af687d47609ca4608d02b1a099281f88c910cf1aa

Request headers

Referer
https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:41 GMT
surrogate-key
x-cache-829 /images/G/01/amazonui/sprites/aui_sprite_0007-1x
last-modified
Wed, 15 May 2013 01:55:34 GMT
server
Server
x-cache
Hit from akamai
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=630655766
x-amz-ir-id
f31dd354-1697-4b0d-80d9-2e0744bffd40
timing-allow-origin
https://www.amazon.com
content-length
16972
expires
Tue, 12 Feb 2041 17:05:07 GMT
requestId=XTNQRQ4Y9NYV65ZZ7BJ9&js=1
fls-fe.amazon.co.jp/1/oc-csi/1/OP/ 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-fe.amazon.co.jp/1/oc-csi/1/OP/requestId=XTNQRQ4Y9NYV65ZZ7BJ9&js=1
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.208.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-208-29.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:41 GMT
x-amzn-requestid
657f8b28-0527-4923-95c3-a7d4f5515383
content-length
43
content-type
image/gif
csm-captcha-instrumentation.min.js
oamazon.hailuogo.net/imagesfe/images/G/01/csminstrumentation/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/imagesfe/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6e2440d3eb7ee53bf96ad66eaa5f20fde56b94b34b5428e65b24829c6c7036ed

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:41 GMT
via
1.1 214d8a3cdb14de6b0331d1f72902cc67.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG60-C1
edge-cache-tag
x-cache-862,/images/G/01/csminstrumentation/csm-captcha-instrumentation.min
x-cache
RefreshHit from cloudfront
content-encoding
gzip
surrogate-key
x-cache-862 /images/G/01/csminstrumentation/csm-captcha-instrumentation.min
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
2fe7ce06-4f84-4e6f-87cf-47ea9d3f27ba
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
H8rB5Ka9Ur1oHD0iAKG_8966R5ZxptWAyHsXFs5_kV5FzSztzBm29Q==
expires
Fri, 19 Feb 2021 05:01:21 GMT
rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
oamazon.hailuogo.net/imagesfe/images/G/01/csminstrumentation/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/imagesfe/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
0a7e3153f44d0e51c73dad9fa3034a14446bedbafc38e477915382dd02269123

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:50 GMT
via
1.1 abaf9410e0cb5238ad0ea84e120ca7c0.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG60-C1
edge-cache-tag
x-cache-572,/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d
x-cache
RefreshHit from cloudfront
content-encoding
gzip
surrogate-key
x-cache-572 /images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
5d571b2c-5f29-4e11-b65c-070caafb8e82
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
VqgbWsUaMgHuo9dl0-0qN_6c5QNJHoCbdXWhSLgXotctDj07MB551w==
expires
Thu, 07 Jan 2021 08:23:27 GMT
ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
oamazon.hailuogo.net/imagesna/images/G/01/csminstrumentation/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/imagesna/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/imagesfe/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
a538a2b295512c2a3b74f63e74047db79140733da941fb0fca2b95a1dfdada37

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:41 GMT
via
1.1 89e115664e304fe11d1bdf8189e27f62.cloudfront.net (CloudFront)
age
482456
edge-cache-tag
x-cache-383,/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1
x-cache
Miss from cloudfront
content-encoding
gzip
surrogate-key
x-cache-383 /images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
97ae5d41-80bd-4b1d-8d07-00863299fdeb
x-amz-cf-pop
HKG60-C1
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
1MoH51BNWS_Qs_3qX7I1-BU8BIo8817aCve4sIzK5u4sg8fxnitSEw==
expires
Thu, 07 Feb 2041 17:17:29 GMT
ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/imagesfe/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:41 GMT
via
1.1 62984a52337afed4f5d9b3351d33e75c.cloudfront.net (CloudFront)
age
98977
edge-cache-tag
x-cache-196,/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min
x-cache
Miss from cloudfront
content-encoding
gzip
surrogate-key
x-cache-196 /images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
fd2544c3-b52e-462e-add1-4eaa6354247a
x-amz-cf-pop
HKG60-C1
timing-allow-origin
https://www.amazon.com
x-amz-cf-id
1i012GAU3iiu6ufaBKXmAfPIhqwNclWeZXEyFNFMyY4CXeFeV3LaFg==
expires
Tue, 12 Feb 2041 03:49:01 GMT
/
oamazon.hailuogo.net/flsfe/1/batch/1/OE/ 		0
61 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/flsfe/1/batch/1/OE/
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Feb 2021 10:55:43 GMT
server
nginx
content-length
0
content-type
application/octet-stream
/
oamazon.hailuogo.net/flsfe/1/batch/1/OE/ 		0
61 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/flsfe/1/batch/1/OE/
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Feb 2021 10:55:52 GMT
server
nginx
content-length
0
content-type
application/octet-stream
nav_home.png
api.app.hailuogo.net/images/amazon/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.app.hailuogo.net/images/amazon/nav_home.png
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
c1e517ca56fef92fbdc69fdb584688c3190c358c721db3239b2811c8abded07c

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:54 GMT
last-modified
Sat, 09 May 2020 09:41:00 GMT
server
nginx
etag
"5eb67aac-e40"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3648
expires
Sat, 20 Mar 2021 10:55:54 GMT
nav_cart.png
api.app.hailuogo.net/images/amazon/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.app.hailuogo.net/images/amazon/nav_cart.png
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
864cad4d3402f05d179caec2a970f7ae710f8808c069eccd02c75ac9aa4d9eda

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:54 GMT
last-modified
Sat, 09 May 2020 09:41:00 GMT
server
nginx
etag
"5eb67aac-108d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4237
expires
Sat, 20 Mar 2021 10:55:54 GMT
nav_close.png
api.app.hailuogo.net/images/amazon/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.app.hailuogo.net/images/amazon/nav_close.png
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
c22506992a95f9df89f536d8ace7f27a47fb06ab45661adc5d19e659e4780937

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 10:55:54 GMT
last-modified
Sat, 09 May 2020 09:41:00 GMT
server
nginx
etag
"5eb67aac-d6c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3436
expires
Sat, 20 Mar 2021 10:55:54 GMT
/
oamazon.hailuogo.net/flsfe/1/batch/1/OE/ 		0
61 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oamazon.hailuogo.net/flsfe/1/batch/1/OE/
Requested by
Host: oamazon.hailuogo.net
URL: https://oamazon.hailuogo.net/imagesna/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.225.184 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oamazon.hailuogo.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Feb 2021 10:56:00 GMT
server
nginx
content-length
0
content-type
application/octet-stream

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated number| ue_t0 object| ue_csm object| ue string| ue_furl string| ue_mid string| ue_sid string| ue_sn string| ue_id object| head string| prefix object| elem object| ue_modules object| cel_widgets string| ue_cel_ns number| ue_skc object| ue_err number| ueinit function| ues function| uet function| uex function| onLd function| onLdEnd function| onstop function| ueLogError object| ue_cel object| ue_pdm object| ue_vpm object| ue_fem object| ue_mcm object| ue_mmm object| ue_rpl object| ue_kpm object| jWeixin object| wx object| uni function| $ function| jQuery string| baseUrl string| serviceUrl object| data string| totalPrice number| rate string| userId string| url function| tocart2 function| sendShoppingCart function| getRate function| getQueryString function| get_cookie boolean| UniAppJSBridge

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://api.app.hailuogo.net/Amazon/js(Line 22)
Message:
当前用户的userId为
console-api log URL: https://api.app.hailuogo.net/Amazon/js(Line 26)
Message:
加载Uni-app成功

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.app.hailuogo.net
fls-fe.amazon.co.jp
images-na.ssl-images-amazon.com
js.cdn.aliyun.dcloud.net.cn
libs.baidu.com
oamazon.hailuogo.net
res.wx.qq.com
116.207.118.55
119.28.225.184
150.109.206.154
2a02:26f0:7100:1a9::108
39.156.66.111
44.235.208.29
0a7e3153f44d0e51c73dad9fa3034a14446bedbafc38e477915382dd02269123
1786b2563d75597f4f37caf66363bfc291a9c62e0439938b0a6a6c510c519184
49ff798368f6e4367d03a44af687d47609ca4608d02b1a099281f88c910cf1aa
5ab7636e9f2e3ad10acc3d81e7ef8bf615504699d42034c041ff9e7c93f178bb
6e2440d3eb7ee53bf96ad66eaa5f20fde56b94b34b5428e65b24829c6c7036ed
79527324fcad82d45aabf3e8d9e3a9cababa001c721a6b748240d661930158b7
864cad4d3402f05d179caec2a970f7ae710f8808c069eccd02c75ac9aa4d9eda
877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042
a00a21842957e319cd0692f67ed837513db12ca50118555bb0be235dadc42dd3
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a538a2b295512c2a3b74f63e74047db79140733da941fb0fca2b95a1dfdada37
b4484271328c9318c0b6738c2a91c94173938309260463b39b0e9e3147828891
c1e517ca56fef92fbdc69fdb584688c3190c358c721db3239b2811c8abded07c
c22506992a95f9df89f536d8ace7f27a47fb06ab45661adc5d19e659e4780937
d2157f629b7c3d9ad48ac78c65ed4a9774ae2861c35bd723d169f4308ce4fe97
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855