www.amazon.jp.axd2.xyz
Open in
urlscan Pro
155.94.141.113
Malicious Activity!
Public Scan
Submission Tags: krdtest
Submission: On July 15 via api from JP
Summary
TLS certificate: Issued by R3 on July 13th 2021. Valid for: 3 months.
This is the only time www.amazon.jp.axd2.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: au ID (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 155.94.141.113 155.94.141.113 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 | 2.18.232.182 2.18.232.182 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.180.29.85 18.180.29.85 | 16509 (AMAZON-02) (AMAZON-02) | |
30 | 5 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 155.94.141.113.static.quadranet.com
www.amazon.jp.axd2.xyz |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-182.deploy.static.akamaitechnologies.com
d.line-scdn.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-29-85.ap-northeast-1.compute.amazonaws.com
i.smartnews-ads.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
axd2.xyz
www.amazon.jp.axd2.xyz |
273 KB |
1 |
smartnews-ads.com
i.smartnews-ads.com |
138 B |
1 |
googletagmanager.com
www.googletagmanager.com |
75 KB |
1 |
facebook.net
connect.facebook.net |
25 KB |
1 |
line-scdn.net
d.line-scdn.net |
10 KB |
30 | 5 |
Domain | Requested by | |
---|---|---|
26 | www.amazon.jp.axd2.xyz |
www.amazon.jp.axd2.xyz
|
1 | i.smartnews-ads.com |
www.amazon.jp.axd2.xyz
|
1 | www.googletagmanager.com |
www.amazon.jp.axd2.xyz
|
1 | connect.facebook.net |
www.amazon.jp.axd2.xyz
|
1 | d.line-scdn.net |
www.amazon.jp.axd2.xyz
|
30 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
connect.auone.jp |
id.auone.jp |
www.kddi.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
kddi-au.xlqf.xyz R3 |
2021-07-13 - 2021-10-11 |
3 months | crt.sh |
line-apps.com DigiCert SHA2 Secure Server CA |
2021-01-14 - 2022-01-18 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
*.smartnews-ads.com Amazon |
2020-09-28 - 2021-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.amazon.jp.axd2.xyz/
Frame ID: C1C471A1948F7A01B2C2C394CA1A9421
Requests: 30 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: ガイド
Search URL Search Domain Scan URL
Title: パスワードを忘れた方はこちら
Search URL Search Domain Scan URL
Title: au IDを新規登録するau以外の方もご登録いただけます
Search URL Search Domain Scan URL
Title: パスワードを忘れた方はこちら
Search URL Search Domain Scan URL
Title: au IDを新規登録するau以外の方もご登録いただけます
Search URL Search Domain Scan URL
Title: au ID利用規約
Search URL Search Domain Scan URL
Title: 個人情報取扱共通規約
Search URL Search Domain Scan URL
Title: プライバシーポリシー
Search URL Search Domain Scan URL
Title: サイトポリシー
Search URL Search Domain Scan URL
Title: アクセスデータについて
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.amazon.jp.axd2.xyz/ |
49 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
androidPortrait.css
www.amazon.jp.axd2.xyz/assets/files/ |
860 B 487 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
idk.css
www.amazon.jp.axd2.xyz/assets/files/ |
43 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkboxRadio.css
www.amazon.jp.axd2.xyz/assets/files/ |
4 KB 964 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
au_id.jpg
www.amazon.jp.axd2.xyz/assets/files/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource
www.amazon.jp.axd2.xyz/assets/files/ |
0 43 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytag.js
www.amazon.jp.axd2.xyz/assets/files/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lt.js
d.line-scdn.net/n/line_tag/public/release/v1/ |
32 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
95 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.js
www.amazon.jp.axd2.xyz/assets/files/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f.txt
www.amazon.jp.axd2.xyz/assets/files/ |
36 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmt.js
www.amazon.jp.axd2.xyz/assets/files/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.amazon.jp.axd2.xyz/assets/files/ |
190 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.amazon.jp.axd2.xyz/assets/files/ |
48 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js(1)
www.amazon.jp.axd2.xyz/assets/files/ |
282 KB 49 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trfunction.js
www.amazon.jp.axd2.xyz/assets/files/ |
653 B 289 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
android_ipad_96.png
www.amazon.jp.axd2.xyz/assets/files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.3.1.min.js
www.amazon.jp.axd2.xyz/assets/files/ |
54 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.amazon.jp.axd2.xyz/assets/files/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
www.amazon.jp.axd2.xyz/assets/files/ |
28 B 97 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base64url-arraybuffer.js
www.amazon.jp.axd2.xyz/assets/files/ |
2 KB 964 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginAjax.js
www.amazon.jp.axd2.xyz/assets/files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authenticatorAvailableCheck.js
www.amazon.jp.axd2.xyz/assets/files/ |
725 B 422 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PasswdCheck.js
www.amazon.jp.axd2.xyz/assets/files/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ioslogin.js
www.amazon.jp.axd2.xyz/assets/files/ |
2 KB 643 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginpasswd.js
www.amazon.jp.axd2.xyz/assets/files/ |
800 B 363 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.js
www.amazon.jp.axd2.xyz/assets/files/layer/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
547 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe
i.smartnews-ads.com/ |
0 138 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layer.css
www.amazon.jp.axd2.xyz/assets/files/layer/theme/default/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: au ID (Telecommunication)135 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| _lt object| _ltc string| tr_pageid function| trMainmenu function| trSpassRecommend function| trTimeLine function| trBulletinBoard function| trInfomation function| trMenuList function| trExitLink function| trSideMenu function| trSpassService function| trIntroduction function| trResign function| trEvent function| generatePV function| trEventBeID object| dataLayer object| google_tag_manager object| google_tag_data function| $ function| jQuery function| trEventBe function| trEventBeTimeControl function| trTemp function| trTempPageview function| getQueryParam function| trHeadMenu function| trSearchRec function| trPointSubmit function| trNews function| trTopics function| trServicemenu function| trauID function| trauLive function| trOther function| trBookAppDL function| trBookauMarket function| trBookSample function| trBookShelf function| trBookWishlist function| trBookTutorial function| trBookDLlist function| trBookBonus function| trChFilter function| trMusicCancel function| trMusicEntry function| trMusicDownload function| trMusicPickup function| trMusicSelect function| trDeterrenceResign function| trMusicSmartPass function| trMusicVideoPass function| trMusicBookPass function| trMusicKkbox function| trMusicPlayChannel function| trVideoCancel function| trVideoEntry function| trVideoDownload function| trVideoRentalTicket function| trVideoRental function| trVideoPlay function| trSocial function| trDownload function| trExit function| trTimelinelp function| trTabclick function| trPurchaseInfo function| sessionSucceed function| trPassBookDownload function| trAlbum function| changeScreen function| doIDInputChange function| doPwdChange function| doFidoChange object| yjDataLayer function| GooglemKTybQhCsO function| google_trackConversion function| ga object| gaplugins object| base64url function| authenticationAuto function| authentication function| fidoAuth function| isJSON function| doAutoLoginBefor function| dealAst function| showWindow function| closeWindow object| executeStatus function| isWebAuthnSupport function| isAuthenticatorAvailable function| execFunc string| alpha string| upper string| upper_punct string| digits boolean| changeBtnFlg object| levels number| totalChars number| alphaChars number| upperChars number| upper_punctChars number| digitChars number| otherChars function| GEId function| isPwSameId function| isPwLikeId function| str_sort function| k_distance function| isNgWord function| isDate function| calculateBits function| DispPwdStrength function| CalcuPwdStrength function| EvalPwdStrength function| CalcuPwdStrengthForAppleId function| EvalPwdStrengthForAppleId function| EvalPwdStrengthForAppleIdPac function| showPW function| DisplayPwdStrength string| cpslkmsg object| layer object| matchRegExp1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.axd2.xyz/ | Name: _gcl_au Value: 1.1.304993723.1626317302 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
d.line-scdn.net
i.smartnews-ads.com
www.amazon.jp.axd2.xyz
www.googletagmanager.com
155.94.141.113
18.180.29.85
2.18.232.182
2a00:1450:4001:811::2008
2a03:2880:f01c:8012:face:b00c:0:3
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
13055347ffac4906c026e17539935f121a6f98ae8d9e37a3489d291173d113fa
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
1ec5abc3e4e21e84224089afccec3c1677323ec02fe04f2bbf6083a9b9d3fc2d
1f50351719f31c8474f664e12581f1510b1fd38716d4c596a2e111569d3d299d
261595338fd9066332abdbde9ab8f2cf826985e226e2d03904777799e54c9665
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3161eb2799583d9009881d3d9e669044f2afc39ad040db4ab4b8254a03e6fe6b
3621e26d599466cb53bf678701977819da81efe640a2c646d1eb7f99ec78f558
46078ab281bdc3ae5e6ac60aef235ad1debc76c750db6d6db78194180d42fd0f
4adfe35a70ec4f8912b902999e3eefba309cfc4e1e71bab2ddee64671cd7c72c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
569dda928cacd26c2243eda8276b3d9c6e1730283747d6447888419feeb5c619
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
5db0afc923191de8a9cfeffb20675a0fe8ec25fc558787001c0aca665c5cee93
6a9d4dea4658f8f6d8a3a79d7e869841da08601c7a3724a06bd47689a6e556ff
6e24853bd77e76a9aa22a6862ba42237a971dfd53c2d8a7fb9c82e6090961465
79ba31c982d41925aa67a964dea33962f7727bc9910ee832284d05ae89678669
94ba57c52e04f3c35b9e76390f17a2d063ae6c6c34f447f7412ec32a233b7abd
97b995d75de0299843e0271fa85880e9410f91dbddadb118aa05f1dfa7789aea
a38be1af053ab88f66edd53f84ef3df0d69c2447ccb801d17d62ee74e03fcf2e
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
b0f6ed6203c6b84794084f41991dbc9fc608853a2cf1d097651314af3696ac0f
c2daa043d50e79b94bcef5d475a639691e130aeae6a16be178cceedbc85583f6
c8dbdbf3af03757cecffdbc6f30bb817dc84608d41573239e367d935ffdf4af9
dafba89a3ddff97130ec7fa6c9e3b9f16e75d0f5fbc3584eb2396bf0fc0346e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8ad688d5858e1a253dfb363bfc21fe2fbd73f24029a2eb3224d79dc9a561918
fcb5ee7a8fcec48a11b7adf420332a9ff2cf49f99558795d6b7b810618573e35