amaazon.co.jp.dulxcr.cn Open in urlscan Pro
155.94.205.249 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://amaazon.co.jp.dulxcr.cn./
Effective URL:
https://amaazon.co.jp.dulxcr.cn/
Submission: On November 17 via manual (November 17th 2021, 1:24:10 pm UTC) from IL — Scanned from JP

Summary HTTP 12 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 155.94.205.249, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is amaazon.co.jp.dulxcr.cn.
TLS certificate: Issued by R3 on November 7th 2021. Valid for: 3 months.

This is the only time amaazon.co.jp.dulxcr.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address		AS Autonomous System
1 13	155.94.205.249 155.94.205.249		8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
12	2

13 155.94.205.249 (Los Angeles, United States) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: unassigned.quadranet.com

amaazon.co.jp.dulxcr.cn.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amaazon.co.jp.dulxcr.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	dulxcr.cn amaazon.co.jp.dulxcr.cn	892 KB
1	cn. 1 redirects amaazon.co.jp.dulxcr.cn.	245 B
12	2

	Domain	Requested by
12	amaazon.co.jp.dulxcr.cn	amaazon.co.jp.dulxcr.cn
1	amaazon.co.jp.dulxcr.cn.	1 redirects
12	2

This site contains links to these domains. Also see Links.

Domain
www.amazon.co.jp

Subject Issuer	Validity	Valid
amaazon.co.jp.dulxcr.cn R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amaazon.co.jp.dulxcr.cn/
Frame ID: 16E92F67B55298E767AC31C3ACB92331
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazonサインイン

Page URL History Show full URLs

http://amaazon.co.jp.dulxcr.cn./ HTTP 301
https://amaazon.co.jp.dulxcr.cn/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

892 kB
Transfer

4513 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.co.jp/ref=ap_frn_logo

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_signin_notification_condition_of_use?ie=UTF8&nodeId=643006
Title: 利用規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_signin_notification_privacy_notice?ie=UTF8&nodeId=643000
Title: プライバシー規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/ap/forgotpassword?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=jpflex&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2Fref%3Dnav_em_hd_re_signin&prevRID=95YJHC51TTZ9XPG0XS1H&openid.assoc_handle=jpflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&ref_=nav_em_hd_clc_signin&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: パスワードを忘れた場合

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/account-issues/ref=ap_login_with_otp_claim_collection?ie=UTF8
Title: その他のログインに関する問題

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/ap/register?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=jpflex&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2Fref%3Dnav_em_hd_re_signin&prevRID=95YJHC51TTZ9XPG0XS1H&openid.assoc_handle=jpflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&ref_=nav_em_hd_clc_signin&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: Amazonアカウントを作成する

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_desktop_footer_cou?ie=UTF8&nodeId=643006
Title: 利用規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_desktop_footer_privacy_notice?ie=UTF8&nodeId=643000
Title: プライバシー規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/help
Title: ヘルプ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://amaazon.co.jp.dulxcr.cn./ HTTP 301
https://amaazon.co.jp.dulxcr.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
amaazon.co.jp.dulxcr.cn/
Redirect Chain

http://amaazon.co.jp.dulxcr.cn./
https://amaazon.co.jp.dulxcr.cn/

658 B
811 B

678ms
223ms

Document
text/html

155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

b13f6ec2529c0a5158e31ec93e1bd1072962ced3d3708d5f1f231aa4f246963e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

server: nginx
date: Wed, 17 Nov 2021 13:26:21 GMT
content-type: text/html
content-length: 658
last-modified: Thu, 02 Sep 2021 23:40:24 GMT
etag: "613160e8-292"
strict-transport-security: max-age=31536000
accept-ranges: bytes

Redirect headers

Server: nginx
Date: Wed, 17 Nov 2021 13:26:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://amaazon.co.jp.dulxcr.cn/
Strict-Transport-Security: max-age=31536000

GET
H2 200 app.6d2caa6cca41ac53624199ae78e34326.css
amaazon.co.jp.dulxcr.cn/static/css/ 4 MB
762 KB 447ms
446ms Stylesheet
text/css 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/css/app.6d2caa6cca41ac53624199ae78e34326.css

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

8e8676918678dacb21c03713440b1958a98672d47a5eff7f3cf7d79f8fd7351d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:21 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 11:23:08 GMT
server: nginx
etag: W/"60cf251c-420568"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:21 GMT

GET
H2 200 manifest.32fe08875ed3ca164371.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 2 KB
1 KB 889ms
888ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/manifest.32fe08875ed3ca164371.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

f2b7bb90aa441ccaf5349c683f499dbeff828944bd7351dcab8928e75058aada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:21 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 11:23:08 GMT
server: nginx
etag: W/"60cf251c-6f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:21 GMT

GET
H2 200 vendor.8942a87b5a70d06cf6ea.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 233 KB
92 KB 889ms
889ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/vendor.8942a87b5a70d06cf6ea.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:21 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 11:23:08 GMT
server: nginx
etag: W/"60cf251c-3a533"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:21 GMT

GET
H2 200 app.11d26497eb1356c36e30.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 7 KB
2 KB 889ms
889ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/app.11d26497eb1356c36e30.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

7b2dfdedde733db3cdfa710a97a591de27aedbf20c9be7f2e80bd22b70f14b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:21 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 11:23:08 GMT
server: nginx
etag: W/"60cf251c-1dc8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:21 GMT

GET
H2 200 yubinbango.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 3 KB
2 KB 889ms
889ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/yubinbango.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

527c6e3ddf8b60e18284e33b08a42e133e0f7d84146c2f450b3cb0b59e0c16fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:21 GMT
content-encoding: gzip
last-modified: Sun, 14 Nov 2021 14:11:00 GMT
server: nginx
etag: W/"619118f4-cbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:21 GMT

GET
H2 200 init.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 1 KB
686 B 889ms
889ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/init.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

8132539b7cb4ab43545f0dc1d65cad0c823fc2301620baa6e7c00ed113e9e70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:21 GMT
content-encoding: gzip
last-modified: Sat, 04 Sep 2021 07:36:16 GMT
server: nginx
etag: W/"613321f0-5b5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:21 GMT

GET
H2 200 9.d0207aec845f19b3d6aa.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 861 B
1 KB 222ms
222ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/9.d0207aec845f19b3d6aa.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/static/js/manifest.32fe08875ed3ca164371.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

072f201e2a84805e62b8b7d792938f0241d0fc6a34b040c0f19ff94f2a55f00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:23 GMT
last-modified: Sun, 20 Jun 2021 11:23:08 GMT
server: nginx
etag: "60cf251c-35d"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 861
expires: Thu, 18 Nov 2021 01:26:23 GMT

GET
H2 200 jump.php Show response
amaazon.co.jp.dulxcr.cn/api/ 2 B
373 B 575ms
575ms XHR
text/html 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/api/jump.php

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/static/js/vendor.8942a87b5a70d06cf6ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://amaazon.co.jp.dulxcr.cn/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:26:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 11.8b1570ce205b9a0d5ecb.js Show response
amaazon.co.jp.dulxcr.cn/static/js/ 10 KB
3 KB 224ms
223ms Script
application/javascript 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/static/js/11.8b1570ce205b9a0d5ecb.js

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/static/js/manifest.32fe08875ed3ca164371.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

13808eb742cb959916976fc77517718416198bec034766d8448e9ff2ac221b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:24 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 16:23:48 GMT
server: nginx
etag: W/"61324c14-27bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Thu, 18 Nov 2021 01:26:24 GMT

GET
H2 200 api_session.php Show response
amaazon.co.jp.dulxcr.cn/api/ 72 B
394 B 397ms
396ms XHR
text/html 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://amaazon.co.jp.dulxcr.cn/api/api_session.php

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/static/js/vendor.8942a87b5a70d06cf6ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

b6ba704b87e21ad62676ec0764dae118ba3d82ce3c3f484ee6d02358ac23094f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://amaazon.co.jp.dulxcr.cn/ap/signin/openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&1
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:26:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.6a23b50.png
amaazon.co.jp.dulxcr.cn/static/img/ 26 KB
26 KB 224ms
223ms Image
image/png 155.94.205.249
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amaazon.co.jp.dulxcr.cn/static/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.6a23b50.png

Requested by

Host: amaazon.co.jp.dulxcr.cn
URL: https://amaazon.co.jp.dulxcr.cn/static/css/app.6d2caa6cca41ac53624199ae78e34326.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.205.249 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

unassigned.quadranet.com

Software

nginx /

Resource Hash

e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://amaazon.co.jp.dulxcr.cn/static/css/app.6d2caa6cca41ac53624199ae78e34326.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:26:24 GMT
last-modified: Fri, 09 Jul 2021 16:30:48 GMT
server: nginx
etag: "60e879b8-6607"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26119
expires: Fri, 17 Dec 2021 13:26:24 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amaazon.co.jp.dulxcr.cn/	1969-12-31 23:59:59	Name: PHPSESSID Value: i9va99qqkr9qkvqi98l33pub03

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amaazon.co.jp.dulxcr.cn
amaazon.co.jp.dulxcr.cn.
155.94.205.249
072f201e2a84805e62b8b7d792938f0241d0fc6a34b040c0f19ff94f2a55f00b
13808eb742cb959916976fc77517718416198bec034766d8448e9ff2ac221b5b
1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec
527c6e3ddf8b60e18284e33b08a42e133e0f7d84146c2f450b3cb0b59e0c16fb
7b2dfdedde733db3cdfa710a97a591de27aedbf20c9be7f2e80bd22b70f14b48
8132539b7cb4ab43545f0dc1d65cad0c823fc2301620baa6e7c00ed113e9e70a
8e8676918678dacb21c03713440b1958a98672d47a5eff7f3cf7d79f8fd7351d
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
b13f6ec2529c0a5158e31ec93e1bd1072962ced3d3708d5f1f231aa4f246963e
b6ba704b87e21ad62676ec0764dae118ba3d82ce3c3f484ee6d02358ac23094f
d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488
e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d
f2b7bb90aa441ccaf5349c683f499dbeff828944bd7351dcab8928e75058aada

amaazon.co.jp.dulxcr.cn Open in urlscan Pro 155.94.205.249 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

892 kBTransfer

4513 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

amaazon.co.jp.dulxcr.cn Open in urlscan Pro
155.94.205.249 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

892 kB
Transfer

4513 kB
Size

1
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!