polish-shop.com Open in urlscan Pro
137.220.244.108  Malicious Activity! Public Scan

URL: https://polish-shop.com/client/login
Submission: On July 15 via api from BY — Scanned from JP

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 137.220.244.108, located in Tokyo, Japan and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is polish-shop.com.
TLS certificate: Issued by R11 on July 14th 2024. Valid for: 3 months.
This is the only time polish-shop.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon Japan (Online)

Domain & IP information

IP Address AS Autonomous System
7 137.220.244.108 152194 (CTGSERVER...)
10 2600:9000:27a... 16509 (AMAZON-02)
17 2
Apex Domain
Subdomains
Transfer
7 ssl-images-amazon.com
images-fe.ssl-images-amazon.com — Cisco Umbrella Rank: 24844
56 KB
7 polish-shop.com
polish-shop.com
242 KB
3 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 425
133 KB
17 3
Domain Requested by
7 images-fe.ssl-images-amazon.com polish-shop.com
7 polish-shop.com polish-shop.com
3 m.media-amazon.com polish-shop.com
images-fe.ssl-images-amazon.com
17 3

This site contains links to these domains. Also see Links.

Domain
www.amazon.co.jp
Subject Issuer Validity Valid
kringlestoysandgifts.com
R11
2024-07-14 -
2024-10-12
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2024-01-05 -
2024-12-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://polish-shop.com/client/login
Frame ID: 63DFA65B99E5E4D57F9F97E61F09950B
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Amazonサインイン

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

59 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

431 kB
Transfer

1154 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
polish-shop.com/client/
27 KB
8 KB
Document
General
Full URL
https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
9b4bace8c5cf9f14e259e9f0e29fa35f8177579030d26ad3d69e5f0ec0cc1495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 05:13:57 GMT
etag
W/"6c56-/tRw4wqu+JqA40/10U2ZnlzQgEI"
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-powered-by
Express
6167Ev6Z8GL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css
images-fe.ssl-images-amazon.com/images/I/
133 KB
23 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/6167Ev6Z8GL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css?AUIClients/AmazonUI
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7d8112e621d0af5d1562649bbc5e09efaa86562d64ba83e2e67eda08edce9ed8

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 11:02:43 GMT
content-encoding
gzip
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
17093706
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-651,/images/I/6167Ev6Z8GL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-651 /images/I/6167Ev6Z8GL
last-modified
Wed, 06 Jan 2021 02:50:26 GMT
server
Server
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
fbaebc83-d4a0-4ce7-8a57-ab67cb67435c
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
ReDloFsHu4eInhwqMCrg-4JvH2qE1FWe44nJxWLlcsQ2f_gxBC-kvw==
expires
Tue, 01 Sep 2043 11:02:43 GMT
01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51raMAFHQbL.css_.css
images-fe.ssl-images-amazon.com/images/I/
60 KB
10 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51raMAFHQbL.css_.css?AUIClients/AuthenticationPortalAssets&QmmAyoMU
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8d6ab7fafcc5496caba5b7e902775ec6e2fe2583bdffa99f7c07ea0a19809b7a

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:33:45 GMT
content-encoding
gzip
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
3306230
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-824,/images/I/01SdjaY0ZsL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-824 /images/I/01SdjaY0ZsL
last-modified
Sat, 30 May 2015 02:58:48 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
ddbd6f5e-dfc4-47c0-aede-2479aa066db5
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
QYeYCPVR14romsbNnkeFuXnownvKjee70SwvjuV2w7L7U_uLW74jNw==
expires
Mon, 23 Nov 2043 01:33:45 GMT
21D7oXu-KGL.css
images-fe.ssl-images-amazon.com/images/I/
4 KB
2 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/21D7oXu-KGL.css?AUIClients/CVFAssets
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b0e4446832ca34312cd23591d023816704e31296175a02ba48dbb8833b82cac3

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 14:52:34 GMT
content-encoding
br
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
17071907
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-263,/images/I/21D7oXu-KGL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-263 /images/I/21D7oXu-KGL
last-modified
Wed, 11 Oct 2023 20:02:03 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
2747cfd0-c512-4ec2-9281-050593e895cb
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
ZJ1UG9VDE6i3ivi6EfUKDSgYH86g3fAtDlmmWn8mY7UBhMtmUG9gbQ==
expires
Tue, 22 Dec 2043 14:52:34 GMT
41CliGtdJWL._RC%7C41Vqus7iTPL.css,511EDHOvkkL.css_.css
images-fe.ssl-images-amazon.com/images/I/
86 KB
10 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/41CliGtdJWL._RC%7C41Vqus7iTPL.css,511EDHOvkkL.css_.css?AUIClients/NavMobileAssets-all&u8VeQhx8
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cad59362ed885a0c0fc0d5bf244328c38d0de13bbf22096b83fd2880161715c2

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 08 Jun 2024 01:36:32 GMT
content-encoding
br
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
2414010
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-810,/images/I/41CliGtdJWL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-810 /images/I/41CliGtdJWL
last-modified
Sat, 11 Nov 2023 23:00:51 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
2afd7103-54a4-4113-b8dc-bc74883b4f74
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
RalC03oU0Qd0ODJBzU9ubLr7ppUeZO20jslGUQIOLSc5FgwlO4VZRg==
expires
Fri, 03 Jun 2044 01:36:32 GMT
41bhuBzDmyL.css
images-fe.ssl-images-amazon.com/images/I/
16 KB
4 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/41bhuBzDmyL.css?AUIClients/InternationalCustomerPreferencesNavMobileAssets
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
87b816e9bd56d05b49ac7630daf442628b0599c8dbf5952d25ee3a369e0f5082

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:10:12 GMT
content-encoding
br
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
17794880
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-493,/images/I/41bhuBzDmyL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-493 /images/I/41bhuBzDmyL
last-modified
Mon, 30 May 2022 10:25:36 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
836025ea-8e29-4505-a909-28862c69ba08
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
wif_jEG1Bokeq6JTRu2TZLsBD7YeRcgI08lwsDIBxuI6X3yn5Amm0g==
expires
Tue, 13 Oct 2043 23:10:12 GMT
01+72+wCC9L.css
images-fe.ssl-images-amazon.com/images/I/
1 KB
1 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/01+72+wCC9L.css?AUIClients/GlowToasterAssets
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:28:39 GMT
content-encoding
gzip
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
17983007
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-637,/images/I/01+72+wCC9L
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="NRT20-P3",cdn-rid;desc="p9-MsBf9Ho4TkaUwjRBOAOtBXLB1WpTlZs4UK2GQGrup_RGNWw91lg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5,provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-637 /images/I/01+72+wCC9L
last-modified
Sat, 23 Dec 2017 00:30:57 GMT
server
Server
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
4093b116-5994-4c71-90b3-200bd0c8444c
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
p9-MsBf9Ho4TkaUwjRBOAOtBXLB1WpTlZs4UK2GQGrup_RGNWw91lg==
expires
Thu, 01 Oct 2043 07:28:39 GMT
41c0JqRkbXL._RC%7C21uA+6iDWBL.css,31eNyfgmRYL.css_.css
images-fe.ssl-images-amazon.com/images/I/
41 KB
6 KB
Stylesheet
General
Full URL
https://images-fe.ssl-images-amazon.com/images/I/41c0JqRkbXL._RC%7C21uA+6iDWBL.css,31eNyfgmRYL.css_.css?AUIClients/RetailSearchAutocompleteAssets
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
73d42b1545133408a9a96263514d34cd9307f71028180c726320f9df44c3f460

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 13:27:46 GMT
content-encoding
gzip
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
8937056
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-026,/images/I/41c0JqRkbXL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
surrogate-key
x-cache-026 /images/I/41c0JqRkbXL
last-modified
Fri, 27 Oct 2023 18:18:44 GMT
server
Server
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
4cebabfc-56bb-4044-8075-e9ba02312286
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
8pCw_iMJban0PT_C8ABxmH14H4vjv9Wa64r1IdzRhdX7yeGpxLXHCw==
expires
Wed, 03 Feb 2044 13:27:46 GMT
loading.css
polish-shop.com/static/public/css/
321 B
648 B
Stylesheet
General
Full URL
https://polish-shop.com/static/public/css/loading.css
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
4c35ce2490955c47d38d6d6938380b8df6dfcc737340569e1946547575e2b112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://polish-shop.com/client/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:13:57 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 01 Jul 2024 08:31:33 GMT
server
nginx
x-powered-by
Express
etag
W/"141-1906d6bb288"
access-control-max-age
2592000
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
*
content-length
321
jquery-3.5.1.js
polish-shop.com/static/public/js/
281 KB
97 KB
Script
General
Full URL
https://polish-shop.com/static/public/js/jquery-3.5.1.js
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://polish-shop.com/client/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:13:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 21 Feb 2024 23:12:06 GMT
server
nginx
x-powered-by
Express
etag
W/"4638e-18dcdf0c970"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=0
access-control-allow-headers
*
vue.js
polish-shop.com/static/public/js/
334 KB
104 KB
Script
General
Full URL
https://polish-shop.com/static/public/js/vue.js
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://polish-shop.com/client/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:13:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 21 Feb 2024 23:12:06 GMT
server
nginx
x-powered-by
Express
etag
W/"53882-18dcdf0c970"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=0
access-control-allow-headers
*
options.js
polish-shop.com/static/public/js/
3 KB
848 B
Script
General
Full URL
https://polish-shop.com/static/public/js/options.js
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
62c51fa8d54ac3b6bbb75a568d5f931a9b65f13e4e5ea018448bfbdc6917d874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://polish-shop.com/client/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:13:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 11 Jul 2024 14:27:12 GMT
server
nginx
x-powered-by
Express
etag
W/"b2c-190a230e6bf"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=0
access-control-allow-headers
*
login.js
polish-shop.com/static/amazon/js/
6 KB
2 KB
Script
General
Full URL
https://polish-shop.com/static/amazon/js/login.js
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
eba3fef11902ec0f7d736f1a2091e87dd3329edfb784674100ee4515505e8e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://polish-shop.com/client/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:13:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 08 Jul 2024 06:38:57 GMT
server
nginx
x-powered-by
Express
etag
W/"16b6-19091111fe8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=0
access-control-allow-headers
*
new-nav-sprite-global-1x_blueheaven-privacy._CB600088431_.png
m.media-amazon.com/images/G/09/gno/sprites/
13 KB
14 KB
Image
General
Full URL
https://m.media-amazon.com/images/G/09/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy._CB600088431_.png
Requested by
Host: polish-shop.com
URL: https://polish-shop.com/client/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
053dd134b1723da118c189819a77d6d4c3b6dfb7f23fd08f8c7a93fdf1d64f4b

Request headers

Referer
https://polish-shop.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:44:07 GMT
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
21246313
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-570,/images/G/09/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
content-length
13358
surrogate-key
x-cache-570 /images/G/09/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy
last-modified
Mon, 05 Jun 2023 16:56:24 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
e1a03ab5-e1b0-4e36-a50f-8b18ddc5f51e
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.jp
x-amz-cf-id
1y9mlE6ez3N2k47RlVyOqe9E2WKQMJVY_LfCVTDQ7GhHQPzoy7ukHg==
expires
Sat, 07 Nov 2043 06:44:07 GMT
BgnVchebDR5Ds4h.png
m.media-amazon.com/images/S/sash/
60 KB
61 KB
Image
General
Full URL
https://m.media-amazon.com/images/S/sash/BgnVchebDR5Ds4h.png
Requested by
Host: images-fe.ssl-images-amazon.com
URL: https://images-fe.ssl-images-amazon.com/images/I/6167Ev6Z8GL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css?AUIClients/AmazonUI#mobile.jp.not-trident
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a

Request headers

Referer
https://images-fe.ssl-images-amazon.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 16:13:57 GMT
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
29077201
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-738,/images/S/sash/BgnVchebDR5Ds4h
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
provider;desc="cf"
alt-svc
h3=":443"; ma=86400
content-length
61917
surrogate-key
x-cache-738 /images/S/sash/BgnVchebDR5Ds4h
last-modified
Tue, 17 Nov 2020 23:31:30 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
1e78e5e3-bf17-42f4-ab4e-4e029c8a5711
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
NJLNMkBmXGL6eW88CVnKYl6Lp5qs-7AHdcJ1lyXL-9pjMicXjIObiw==
expires
Sat, 08 Aug 2043 16:13:57 GMT
fe2UeLQmJ11kKHN.png
m.media-amazon.com/images/S/sash/
58 KB
59 KB
Image
General
Full URL
https://m.media-amazon.com/images/S/sash/fe2UeLQmJ11kKHN.png
Requested by
Host: images-fe.ssl-images-amazon.com
URL: https://images-fe.ssl-images-amazon.com/images/I/41bhuBzDmyL.css?AUIClients/InternationalCustomerPreferencesNavMobileAssets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27af:ae00:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b

Request headers

Referer
https://images-fe.ssl-images-amazon.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 09:02:01 GMT
via
1.1 9414f8ba3b93ccfbb41b929b4e839ad8.cloudfront.net (CloudFront)
age
30831117
x-amz-cf-pop
NRT20-P3
edge-cache-tag
x-cache-562,/images/S/sash/fe2UeLQmJ11kKHN
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="NRT20-P3",cdn-rid;desc="LvTwaVMA5k5B9a0gqB_Gkf9CvD8l6ro9QrqgNoRnWHqhCjvWkWXvhw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2,provider;desc="cf"
alt-svc
h3=":443"; ma=86400
content-length
59234
surrogate-key
x-cache-562 /images/S/sash/fe2UeLQmJ11kKHN
last-modified
Fri, 06 May 2022 16:03:28 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
2a1895dd-9862-4597-8a9f-aed39c80bd21
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
LvTwaVMA5k5B9a0gqB_Gkf9CvD8l6ro9QrqgNoRnWHqhCjvWkWXvhw==
expires
Thu, 11 Jun 2043 12:01:51 GMT
icon.png
polish-shop.com/static/amazon/
30 KB
29 KB
Other
General
Full URL
https://polish-shop.com/static/amazon/icon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx / Express
Resource Hash
89e4947816296bfeb36d37f654d6c83e26906d0cc6f73088065ba7cf6bd98406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://polish-shop.com/client/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 05:13:58 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 26 Dec 2020 13:54:10 GMT
server
nginx
x-powered-by
Express
etag
W/"7819-1769f53fbd0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-max-age
2592000
cache-control
public, max-age=0
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon Japan (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Vue

1 Cookies

Domain/Path Name / Value
polish-shop.com/ Name: connect.sid
Value: s%3AvvRWLHyKhUHRTzJBtiC5v7J07_wElKZK.vSrPoRNHfDErYmSnND%2BOB8C9B7bm3CUtILw%2F4bEjTrA

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://polish-shop.com/client/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000