amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Open in urlscan Pro
35.72.8.164 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co....
Submission: On July 27 via automatic, source phishtank (July 27th 2020, 3:34:33 am UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 35.72.8.164, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info.

This is the only time amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
6	35.72.8.164 35.72.8.164	16509 (AMAZON-02) (AMAZON-02)
5	2a04:4e42:1b:... 2a04:4e42:1b::272	54113 (FASTLY) (FASTLY)
1	2600:9000:214... 2600:9000:214f:a400:3:12d0:8d40:21	16509 (AMAZON-02) (AMAZON-02)
12	3

6 35.72.8.164 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com

amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:1b::272 (Ascension Island)

ASN54113 (FASTLY, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a400:3:12d0:8d40:21 (United States)

ASN16509 (AMAZON-02, US)

d35uxhjf90umnp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	86b99361356792dd2e8cfa06590f231a262f0279.info amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info	78 KB
5	ssl-images-amazon.com images-na.ssl-images-amazon.com	185 KB
1	cloudfront.net d35uxhjf90umnp.cloudfront.net	586 B
12	3

	Domain	Requested by
6	amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info	amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info
5	images-na.ssl-images-amazon.com	amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info
1	d35uxhjf90umnp.cloudfront.net	images-na.ssl-images-amazon.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2019-10-02` - `2020-10-02`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b
Frame ID: 92BA10AC0D90EBC2CF4D8485B40DBB15
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

50 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

264 kB
Transfer

866 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set login.php Show response amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/	19 KB 9 KB	545ms 482ms	Document text/html	35.72.8.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol HTTP/1.1 Server 35.72.8.164 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash `c9648858fcc4f7adafe40072b2816657d09346eaaee1880c85860b5b8279f9d9` Request headers Host amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Mon, 27 Jul 2020 03:34:14 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Set-Cookie PHPSESSID=ni437abs3su20on92q9kbg63qk; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	61ECVhvn2L._RC_11Fd9tJOdtL.css,.css amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/	131 KB 27 KB	256ms 255ms	Stylesheet text/css	35.72.8.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/61ECVhvn2L._RC_11Fd9tJOdtL.css,.css Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol HTTP/1.1 Server 35.72.8.164 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash `747fda6eda1b4607b371341efc1b406086a7f85ea39e4e9f42e9a951e9bd2dd7` Request headers Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 27 Jul 2020 03:34:15 GMT Content-Encoding gzip Last-Modified Tue, 21 Jul 2020 12:01:02 GMT Server nginx ETag W/"5f16d8fe-20c7f" Vary Accept-Encoding, Accept-Encoding X-Cache EXPIRED Content-Type text/css Cache-Control max-age=43200 Transfer-Encoding chunked Connection keep-alive Expires Mon, 27 Jul 2020 15:34:15 GMT
GET H/1.1	200 OK	01SdjaY0ZsL._RC_419sIPkmYL.css,.css amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/	44 KB 10 KB	484ms 473ms	Stylesheet text/css	35.72.8.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/01SdjaY0ZsL._RC_419sIPkmYL.css,.css Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol HTTP/1.1 Server 35.72.8.164 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash `f8fa854b89110e38b17981ec4bcf85b00ba33f8587cb73356ddf33b2455c6dbd` Request headers Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 27 Jul 2020 03:34:15 GMT Content-Encoding gzip Last-Modified Tue, 21 Jul 2020 12:01:02 GMT Server nginx ETag W/"5f16d8fe-b099" Vary Accept-Encoding, Accept-Encoding X-Cache EXPIRED Content-Type text/css Cache-Control max-age=43200 Transfer-Encoding chunked Connection keep-alive Expires Mon, 27 Jul 2020 15:34:15 GMT
GET H/1.1	200 OK	11E08O3eXDL.css amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/	2 KB 1 KB	475ms 464ms	Stylesheet text/css	35.72.8.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/11E08O3eXDL.css Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol HTTP/1.1 Server 35.72.8.164 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash `d26ea24eec4a87e545cdb1a5b14366a6319cfce9ae801866a55b7fe0e09ce292` Request headers Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 27 Jul 2020 03:34:15 GMT Content-Encoding gzip Last-Modified Tue, 21 Jul 2020 12:01:02 GMT Server nginx ETag W/"5f16d8fe-8a0" Vary Accept-Encoding, Accept-Encoding X-Cache EXPIRED Content-Type text/css Cache-Control max-age=43200 Transfer-Encoding chunked Connection keep-alive Expires Mon, 27 Jul 2020 15:34:15 GMT
GET H2	200	61-6nKPKyWL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js Show response images-na.ssl-images-amazon.com/images/I/	314 KB 98 KB	22ms 6ms	Script application/x-javascript	2a04:4e42:1b::272 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/61-6nKPKyWL._RC%7C11-BZEJ8lnL.js,61q-U9rAZ3L.js,31x4ENTlVIL.js,31f4+QIEeqL.js,01N6xzIJxbL.js,518BI433aLL.js,01rpauTep4L.js,31QZSjMuoeL.js,61ofwvddDeL.js,01KsMxlPtzL.js_.js?AUIClients/AmazonUI Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `fe98215ed68d14f34fc46c2bb52d784d40c8e6690f74dc39897912443f07730e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Origin http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Response headers date Mon, 27 Jul 2020 03:34:15 GMT content-encoding gzip age 11072800 x-cache HIT from fastly, HIT from fastly status 200 content-length 99521 x-served-by cache-dca17780-DCA, cache-hhn4076-HHN last-modified Thu, 12 Sep 2019 21:14:10 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id abb23c39-baa5-44d8-8c1c-144779a82f33 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Thu, 15 Mar 2040 23:47:35 GMT
GET H2	200	21G215oqvfL._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,21juQdw6GzL.js,21muxdgytlL.js,01t6M-l4JnL.js,51Y8MzXxyCL.js_.js Show response images-na.ssl-images-amazon.com/images/I/	84 KB 24 KB	35ms 19ms	Script application/x-javascript	2a04:4e42:1b::272 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/21G215oqvfL._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,21juQdw6GzL.js,21muxdgytlL.js,01t6M-l4JnL.js,51Y8MzXxyCL.js_.js?AUIClients/AuthenticationPortalAssets Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `5306ccb3380da82a352ec746ba13a7d4f95d1a73aa7efcd82b098383d7f5c904` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Origin http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Response headers date Mon, 27 Jul 2020 03:34:15 GMT content-encoding gzip age 1480334 x-cache HIT from fastly, HIT from fastly status 200 content-length 24682 x-served-by cache-dca17736-DCA, cache-hhn4076-HHN last-modified Tue, 24 Oct 2017 23:02:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 69f91a61-64f7-4d40-80a9-c2855539b4d8 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Thu, 05 Jul 2040 00:22:01 GMT
GET H2	200	01dh2c6XKPL.js Show response images-na.ssl-images-amazon.com/images/I/	518 B 500 B	35ms 20ms	Script application/x-javascript	2a04:4e42:1b::272 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/01dh2c6XKPL.js?AUIClients/AuthenticationPortalInlineAssets Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `9a9f915fa09314f3e89b5bba4bf4f8c6908df4c3b0b915a75ff30a1436dd66e3` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Origin http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Response headers date Mon, 27 Jul 2020 03:34:15 GMT content-encoding gzip age 2374634 x-cache HIT from fastly, HIT from fastly status 200 content-length 350 x-served-by cache-dca17763-DCA, cache-hhn4076-HHN last-modified Thu, 09 Aug 2018 06:12:04 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id edc52f4e-b8c7-46c7-ba6e-346d9c837102 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Sun, 24 Jun 2040 15:57:01 GMT
GET H2	200	31OQAQSSHYL.js Show response images-na.ssl-images-amazon.com/images/I/	9 KB 3 KB	35ms 19ms	Script application/x-javascript	2a04:4e42:1b::272 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/31OQAQSSHYL.js?AUIClients/CVFAssets Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `d484e2f478f306a6fb1c47907ec616123f822273d57f4dea3cd97336cf9f8f9e` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Origin http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Response headers date Mon, 27 Jul 2020 03:34:15 GMT content-encoding gzip age 1489403 x-cache HIT from fastly, HIT from fastly status 200 content-length 3114 x-served-by cache-dca17737-DCA, cache-hhn4076-HHN last-modified Thu, 09 Jul 2020 16:49:04 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 03fa5abb-891c-4940-801e-2c67c99420a5 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Wed, 04 Jul 2040 21:50:52 GMT
GET H2	200	71WvBTzF8cL.js Show response images-na.ssl-images-amazon.com/images/I/	232 KB 60 KB	34ms 19ms	Script application/x-javascript	2a04:4e42:1b::272 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/71WvBTzF8cL.js?AUIClients/FWCIMAssets Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `63e9dc2a0c599bba82ba679ba009172b67b496ebdadd5120564999a2a720b5d5` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Origin http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Response headers date Mon, 27 Jul 2020 03:34:15 GMT content-encoding gzip age 3559265 x-cache HIT from fastly, HIT from fastly status 200 content-length 60886 x-served-by cache-dca17730-DCA, cache-hhn4076-HHN last-modified Mon, 15 Jun 2020 21:22:44 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id f87c9b1d-4d83-4b45-a3fa-f9df227a8734 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Sun, 10 Jun 2040 22:53:11 GMT
GET H/1.1	200 OK	AmazonUIBaseCSS-sprite_1x-c4a765.png amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/image/	27 KB 28 KB	241ms 240ms	Image image/png	35.72.8.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/image/AmazonUIBaseCSS-sprite_1x-c4a765.png Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol HTTP/1.1 Server 35.72.8.164 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash `437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5` Request headers Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/61ECVhvn2L._RC_11Fd9tJOdtL.css,.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 27 Jul 2020 03:34:15 GMT Last-Modified Tue, 21 Jul 2020 12:01:00 GMT Server nginx ETag "5f16d8fc-6d44" X-Cache EXPIRED Content-Type image/png Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 27972 Expires Mon, 27 Jul 2020 15:34:15 GMT
GET H/1.1	200 OK	AmazonUIBaseCSS-sprite_jp_1x-f85.png amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/image/	4 KB 4 KB	240ms 239ms	Image image/png	35.72.8.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/image/AmazonUIBaseCSS-sprite_jp_1x-f85.png Requested by Host: amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info URL: http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b Protocol HTTP/1.1 Server 35.72.8.164 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-72-8-164.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash `a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483` Request headers Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/static/css/61ECVhvn2L._RC_11Fd9tJOdtL.css,.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 27 Jul 2020 03:34:15 GMT Last-Modified Tue, 21 Jul 2020 12:01:01 GMT Server nginx ETag "5f16d8fd-e05" X-Cache EXPIRED Content-Type image/png Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 3589 Expires Mon, 27 Jul 2020 15:34:15 GMT
GET H2	200	index.js Show response d35uxhjf90umnp.cloudfront.net/	192 B 586 B	46ms 7ms	Script application/javascript	2600:9000:214f:a400:3:12d0:8d40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35uxhjf90umnp.cloudfront.net/index.js Requested by Host: images-na.ssl-images-amazon.com URL: https://images-na.ssl-images-amazon.com/images/I/71WvBTzF8cL.js?AUIClients/FWCIMAssets Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:a400:3:12d0:8d40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `29c2297e18df7b9d3e0192aebef4ed9d349909dc5f3e125c17c0733600274a0a` Request headers Referer http://amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/ap/signin/login.php?openid.pape.max_auth_age%Japan%openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3F_encoding%3DUTF8%26ref%md5%030a6c5317d580125fc598a09d9a688d%udm%cat%path%2cb3024b83ef15e60d5faba8acf77c643fc4805b User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 27 Jul 2020 00:25:24 GMT via 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront) last-modified Wed, 20 May 2020 06:26:39 GMT server AmazonS3 age 11332 etag "43203a290977c699981bdfd14493c42d" x-cache Hit from cloudfront x-amz-version-id avgDf7Vregby306Egpj54aSJdd2BsBws status 200 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type application/javascript content-length 192 x-amz-cf-id zvpUVbiJIibWr2uFF4i-xFliTCFBuvgixBjoxaKapcVvvi5uk4mDEw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: ni437abs3su20on92q9kbg63qk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://images-na.ssl-images-amazon.com/images/I/21G215oqvfL._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,21juQdw6GzL.js,21muxdgytlL.js,01t6M-l4JnL.js,51Y8MzXxyCL.js_.js?AUIClients/AuthenticationPortalAssets(Line 159) Message: smartLockAttrs undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info
d35uxhjf90umnp.cloudfront.net
images-na.ssl-images-amazon.com
2600:9000:214f:a400:3:12d0:8d40:21
2a04:4e42:1b::272
35.72.8.164
29c2297e18df7b9d3e0192aebef4ed9d349909dc5f3e125c17c0733600274a0a
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
5306ccb3380da82a352ec746ba13a7d4f95d1a73aa7efcd82b098383d7f5c904
63e9dc2a0c599bba82ba679ba009172b67b496ebdadd5120564999a2a720b5d5
747fda6eda1b4607b371341efc1b406086a7f85ea39e4e9f42e9a951e9bd2dd7
9a9f915fa09314f3e89b5bba4bf4f8c6908df4c3b0b915a75ff30a1436dd66e3
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
c9648858fcc4f7adafe40072b2816657d09346eaaee1880c85860b5b8279f9d9
d26ea24eec4a87e545cdb1a5b14366a6319cfce9ae801866a55b7fe0e09ce292
d484e2f478f306a6fb1c47907ec616123f822273d57f4dea3cd97336cf9f8f9e
f8fa854b89110e38b17981ec4bcf85b00ba33f8587cb73356ddf33b2455c6dbd
fe98215ed68d14f34fc46c2bb52d784d40c8e6690f74dc39897912443f07730e

amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Open in urlscan Pro 35.72.8.164 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

50 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

264 kBTransfer

866 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

amazon.co.jp.86b99361356792dd2e8cfa06590f231a262f0279.info Open in urlscan Pro
35.72.8.164 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

50 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

264 kB
Transfer

866 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!