amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care
Open in
urlscan Pro
185.3.166.164
Malicious Activity!
Public Scan
Submission: On July 26 via automatic, source openphish
Summary
This is the only time amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 185.3.166.164 185.3.166.164 | 57168 (ICH-AS) (ICH-AS) | |
5 | 52.84.77.194 52.84.77.194 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
10 | 72.21.206.121 72.21.206.121 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
22 | 3 |
ASN57168 (ICH-AS, GB)
PTR: alpha.cloudns.io
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-77-194.atl52.r.cloudfront.net
images-na.ssl-images-amazon.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: 206-121.amazon.com
fls-na.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
amazon.com
fls-na.amazon.com |
43 B |
7 |
amazan-assistance.care
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care |
143 KB |
5 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com |
129 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
10 | fls-na.amazon.com |
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care
|
7 | amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care |
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care
|
5 | images-na.ssl-images-amazon.com |
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care
|
22 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
Images-na.ssl-images-amazon.com Symantec Class 3 Secure Server CA - G4 |
2016-09-23 - 2017-10-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/signin/account/manage&sslEnabled=true/902e6d49ea28b4a4fc0fecd20ef9997d/Amazon%20Sign%20In%20Erorr.html
Frame ID: 31233.1
Requests: 22 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: Amazon
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Create your Amazon account
Search URL Search Domain Scan URL
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Amazon%20Sign%20In%20Erorr.html
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/sig... |
47 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ClientSideMetricsAUIJavascript-6f4530fbabd6f27cfdd6766c550b5c5327f8aa3d._V2_.js
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/sig... |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUI-def1dfe3edcac538e27845c3cfc11fa83c842d7e._V2_.css
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/sig... |
117 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUI-f6f291c6a8d2841689003a47eaa9202b1dad6fba._V2_.js
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/sig... |
270 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AuthenticationPortalAssets-407d80b49b84bc64bddf7ae71f4ca3d4f5dd5e12._V2_.js
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/sig... |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FWCIMAssets-9eca65ae1db46e414189af742840edf68b3a432a._V2_.js
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/IDSWebAuths/login.html.appIdKey=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&path=/sig... |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUI-f6f291c6a8d2841689003a47eaa9202b1dad6fba._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
270 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AuthenticationPortalAssets-407d80b49b84bc64bddf7ae71f4ca3d4f5dd5e12._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
29 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FWCIMAssets-9eca65ae1db46e414189af742840edf68b3a432a._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonUIBaseCSS-sprite_1x-a45c662e707240b03417f6ca8b97bcb486f27428._V2_.png
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
csm-features:impression-tracking
fls-na.amazon.com/1/action-impressions/1/OP/csm/action/ |
0 0 |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uedata
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/ap/ |
207 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ATVPDKIKX0DER:181-9333268-8037505:XVWXDHS8AXGX1FG5K383$uedata=s:%2Fap%2Fuedata%3Fld%26v%3D0.417.0%26id%3DXVWXDHS8AXGX1FG5K383%26sw%3D1600%26sh%3D1200%26vw%3D1600%26vh%3D1200%26m%3D1%26sc%3DXVWXDHS8...
fls-na.amazon.com/1/batch/1/OP/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ClientSideMetricsAUIJavascript-6f4530fbabd6f27cfdd6766c550b5c5327f8aa3d._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
18 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care/ | Name: csm-hit Value: s-XVWXDHS8AXGX1FG5K383|1501092943965 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon.prime.com.gp.help.customer.display.html-node.rnclaime.540590.amazan-assistance.care
fls-na.amazon.com
images-na.ssl-images-amazon.com
185.3.166.164
52.84.77.194
72.21.206.121
1ba86e9410a29c123008488d0e0e64df658db3ffe67c2f0f48ebdd594a2641fd
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a
3f53253fce3afece4093cefb87b86a33748691f105d1509746d631e132987274
481d432b9d9952da24ed30ff58462952b6635f2aebae16619be65888371f79f6
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
c60a6e4c794976f99d557152c217c3af0148133169ceb4bd85ec33f5f4c0d75b
d40d87bbec8176bd995c20b28452836fcdabaedc867211725b3f736bf6d68e76
e00072c683f1b13a61567589e57d28f3e30471def9caa6bc9c791ad7ca060c79
f673179c95a80604cf7306c3c23f90c263df6b1e61d2f2f9fa0804c6a785bc5c