sellercentral.amazosn.cn Open in urlscan Pro
154.221.23.236  Malicious Activity! Public Scan

URL: https://sellercentral.amazosn.cn/
Submission: On December 07 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 154.221.23.236, located in Hong Kong and belongs to YISUCLOUDLTD-HK YISU CLOUD LTD, HK. The main domain is sellercentral.amazosn.cn.
TLS certificate: Issued by R11 on October 22nd 2024. Valid for: 3 months.
This is the only time sellercentral.amazosn.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
2 154.221.23.236 142403 (YISUCLOUD...)
3 2600:9000:275... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 163.171.130.157 54994 (ML-1432-5...)
7 4
Apex Domain
Subdomains
Transfer
3 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 856
31 KB
2 amazosn.cn
sellercentral.amazosn.cn
15 KB
1 ssl-images-amazon.cn
images-cn.ssl-images-amazon.cn — Cisco Umbrella Rank: 329688
28 KB
1 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 442
3 KB
7 4
Domain Requested by
3 images-na.ssl-images-amazon.com sellercentral.amazosn.cn
2 sellercentral.amazosn.cn
1 images-cn.ssl-images-amazon.cn images-na.ssl-images-amazon.com
1 m.media-amazon.com sellercentral.amazosn.cn
7 4
Subject Issuer Validity Valid
sellercentral.amazosn.cn
R11
2024-10-22 -
2025-01-20
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2024-10-10 -
2025-09-28
a year crt.sh
t.ssl-images-amazon.cn
DigiCert SHA2 High Assurance Server CA
2024-06-14 -
2025-07-15
a year crt.sh

This page contains 1 frames:

Primary Page: https://sellercentral.amazosn.cn/
Frame ID: 663BE1CF5FF884BCE0DF8A3AC6DDE608
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

亚马逊 登录

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

78 kB
Transfer

257 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sellercentral.amazosn.cn/
29 KB
15 KB
Document
General
Full URL
https://sellercentral.amazosn.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.221.23.236 , Hong Kong, ASN142403 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
594c9cdab5c2f9995c9726dc752df794d698f1a8c4f491aeac8ac7869861a022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 16:25:00 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
617yUmK-YcL._RC%7C11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css
images-na.ssl-images-amazon.com/images/I/
131 KB
19 KB
Stylesheet
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/617yUmK-YcL._RC%7C11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css?AUIClients/AmazonUI
Requested by
Host: sellercentral.amazosn.cn
URL: https://sellercentral.amazosn.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3200:1d:d7f6:39d4:e6e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
86c28be63198e1d8fdb6eac3a943e11fb6bb3aec906856818bc99ff641af8b3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sellercentral.amazosn.cn/

Response headers

x-amz-ir-id
ee1a6dbf-1b75-496d-8c70-3cf673f1d26c
surrogate-key
x-cache-181 /images/I/617yUmK-YcL
content-encoding
br
age
3267256
expires
Wed, 05 Oct 2044 07:26:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
jo2oYhA1xugMx_g0xcVHe2CEFKNhPEXc5vhZx2zt-TbO8tJe7SDFeg==
date
Thu, 10 Oct 2024 07:26:32 GMT
content-type
text/css
last-modified
Thu, 21 Sep 2023 00:43:32 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-181,/images/I/617yUmK-YcL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-Viewport-Width, Sec-CH-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, ECT
via
1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P7
server
Server
01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51E5CuE4VpL.css_.css
images-na.ssl-images-amazon.com/images/I/
62 KB
10 KB
Stylesheet
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51E5CuE4VpL.css_.css?AUIClients/AuthenticationPortalAssets
Requested by
Host: sellercentral.amazosn.cn
URL: https://sellercentral.amazosn.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3200:1d:d7f6:39d4:e6e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4769c705ae0bfa3087930ce7e06cd17c0ee5fe7599f53a9ecb7ed893ee2f0314

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sellercentral.amazosn.cn/

Response headers

x-amz-ir-id
7c2c2c3e-4475-4cf8-99e7-a3f6a008f971
surrogate-key
x-cache-407 /images/I/01SdjaY0ZsL
content-encoding
gzip
age
7251125
expires
Thu, 08 Sep 2044 22:28:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
ArybKxMh6zsawC8o3wElTKQZomIWdyHT55f0_OIYiFzOZgQ-nW0r8w==
date
Fri, 13 Sep 2024 22:28:10 GMT
content-type
text/css
last-modified
Sat, 30 May 2015 02:58:48 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-407,/images/I/01SdjaY0ZsL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-Viewport-Width, Sec-CH-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, ECT
via
1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P7
server
Server
21sHKQBL2NL.css
images-na.ssl-images-amazon.com/images/I/
5 KB
2 KB
Stylesheet
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/21sHKQBL2NL.css?AUIClients/CVFAssets
Requested by
Host: sellercentral.amazosn.cn
URL: https://sellercentral.amazosn.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3200:1d:d7f6:39d4:e6e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a8512f5ca12fa8f2631a3379d699e52ee053f3eb8eeafd377e7d13865436b1cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sellercentral.amazosn.cn/

Response headers

x-amz-ir-id
c94b2df0-cbd3-4f6c-b84c-795c657ef593
surrogate-key
x-cache-555 /images/I/21sHKQBL2NL
content-encoding
br
age
11793737
expires
Tue, 19 Jul 2044 04:06:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
1J-WnFAWXtHYAJWLtBexAZj6CIE5HccwGTQF5eRV6sIUGylFnZq_VA==
date
Wed, 24 Jul 2024 04:06:07 GMT
content-type
text/css
last-modified
Tue, 23 Jul 2024 08:06:55 GMT
x-nginx-cache-status
HIT
edge-cache-tag
x-cache-555,/images/I/21sHKQBL2NL
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-Viewport-Width, Sec-CH-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, ECT
via
1.1 dc929648f0c936ae1fcea0675ad0382c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P7
server
Server
sc-unified._CB420062852_.png
m.media-amazon.com/images/G/01/rainier/nav/
3 KB
3 KB
Image
General
Full URL
https://m.media-amazon.com/images/G/01/rainier/nav/sc-unified._CB420062852_.png
Requested by
Host: sellercentral.amazosn.cn
URL: https://sellercentral.amazosn.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:1d:d7f6:39d4:e6e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6d41af45fc77c0071d323d5b08163fc565dcdd7f94cd22fc0e11cf2e84a9a0ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sellercentral.amazosn.cn/

Response headers

x-amz-ir-id
3430c474-28f6-42fb-8d69-0daad600faa3
surrogate-key
x-cache-026 /images/G/01/rainier/nav/sc-unified
age
14424290
expires
Fri, 10 Jun 2044 18:16:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
provider;desc="cf"
x-cache
Hit from cloudfront
x-amz-cf-id
OzVv2KSC7wCJvzOa8BICMRz1t0_bCy54hw1cCtkgpPwRpinrAa-_xg==
date
Sat, 20 Jul 2024 06:53:59 GMT
content-type
image/png
last-modified
Wed, 05 Feb 2014 00:50:26 GMT
x-nginx-cache-status
MISS
edge-cache-tag
x-cache-026,/images/G/01/rainier/nav/sc-unified
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.com
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-Viewport-Width, Sec-CH-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, ECT
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
2787
x-amz-cf-pop
FRA56-P5
server
Server
mPGmT0r6IeTyIee.png
images-cn.ssl-images-amazon.cn/images/S/sash/
27 KB
28 KB
Image
General
Full URL
https://images-cn.ssl-images-amazon.cn/images/S/sash/mPGmT0r6IeTyIee.png
Requested by
Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/617yUmK-YcL._RC%7C11Fd9tJOdtL.css,21T2IUX33TL.css,31WoRZHct0L.css,31XzAwLFEEL.css_.css?AUIClients/AmazonUI#cn.not-trident
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.171.130.157 London, United Kingdom, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://images-na.ssl-images-amazon.com/

Response headers

x-amz-ir-id
4cb2dedb-ffcd-41b8-8b0b-ac1b7cd6680a
surrogate-key
x-cache-100 /images/S/sash/mPGmT0r6IeTyIee
x-via
1.1 CS-000-01iUr72:5 (W), 1.1 PS-000-01TA6209:4 (W), 1.1 PS-LHR-01Jz240:2 (W)
age
1
expires
Sun, 27 Nov 2044 12:46:18 GMT
date
Sat, 07 Dec 2024 16:31:18 GMT
content-type
image/png
last-modified
Tue, 17 Nov 2020 23:31:33 GMT
x-nginx-cache-status
HIT
strict-transport-security
max-age=47474747; includeSubDomains; preload
edge-cache-tag
x-cache-100,/images/S/sash/mPGmT0r6IeTyIee
cache-control
max-age=630720000,public
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-ws-request-id
67547856_PS-LHR-014D738_25413-6802
accept-ranges
bytes
access-control-allow-origin
*
content-length
27972
server
PWS/8.3.1.0.8
favicon.ico
sellercentral.amazosn.cn/
548 B
611 B
Other
General
Full URL
https://sellercentral.amazosn.cn/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.221.23.236 , Hong Kong, ASN142403 (YISUCLOUDLTD-HK YISU CLOUD LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sellercentral.amazosn.cn/

Response headers

content-length
548
date
Sat, 07 Dec 2024 16:25:02 GMT
content-type
text/html
server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| acicShouldSetup function| acicEventListener function| submitForm function| setAAToken function| getClientContext function| getFwcimBlob function| getEmailAddress function| isTestEmailPattern

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://sellercentral.amazosn.cn/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://sellercentral.amazosn.cn/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000