astrovistaapartments.com Open in urlscan Pro
137.220.244.108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stringandbow.com/Japan.php
Effective URL:
https://astrovistaapartments.com/client/login
Submission: On July 13 via manual (July 13th 2024, 8:14:40 pm UTC) from JP — Scanned from JP

Summary HTTP 17 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 137.220.244.108, located in Tokyo, Japan and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is astrovistaapartments.com.
TLS certificate: Issued by R11 on July 13th 2024. Valid for: 3 months.

This is the only time astrovistaapartments.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	137.220.244.105 137.220.244.105	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
1 8	137.220.244.108 137.220.244.108	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
10	2600:9000:221... 2600:9000:221a:d800:1d:d7f6:39d3:d9e1	16509 (AMAZON-02) (AMAZON-02)
17	2

1 137.220.244.105 (Tokyo, Japan) 1 redirects

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

stringandbow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 137.220.244.108 (Tokyo, Japan) 1 redirects

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

astrovistaapartments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 (United States)

ASN16509 (AMAZON-02, US)

images-fe.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	astrovistaapartments.com 1 redirects astrovistaapartments.com	242 KB
7	ssl-images-amazon.com images-fe.ssl-images-amazon.com — Cisco Umbrella Rank: 24844	54 KB
3	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 425	133 KB
1	stringandbow.com 1 redirects stringandbow.com	130 B
17	4

	Domain	Requested by
8	astrovistaapartments.com	1 redirects astrovistaapartments.com
7	images-fe.ssl-images-amazon.com	astrovistaapartments.com
3	m.media-amazon.com	astrovistaapartments.com images-fe.ssl-images-amazon.com
1	stringandbow.com	1 redirects
17	4

This site contains links to these domains. Also see Links.

Domain
www.amazon.co.jp

Subject Issuer	Validity	Valid
astrovistaapartments.com R11	`2024-07-13` - `2024-10-11`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-01-05` - `2024-12-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://astrovistaapartments.com/client/login
Frame ID: B7CA93FEE06E4FAEEDB9BFCDAE3E2530
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazonサインイン

Page URL History Show full URLs

https://stringandbow.com/Japan.php HTTP 302
https://astrovistaapartments.com/ HTTP 302
https://astrovistaapartments.com/client/login Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

429 kB
Transfer

1154 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.co.jp/ap/forgotpassword?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&webAuthnChallengeIdForAutofill=cgBx2tvedQtzBYsheaKaB0gv_hIpLatG%3AFE&webAuthnGetParametersForAutofill=eyJycElkIjoiYW1hem9uLmNvLmpwIiwiY2hhbGxlbmdlIjoiY2dCeDJ0dmVkUXR6QllzaGVhS2FCMGd2X2hJcExhdEciLCJ0aW1lb3V0Ijo5MDAwMDAsImFsbG93Q3JlZGVudGlhbHMiOm51bGwsIm1lZGlhdGlvbiI6ImNvbmRpdGlvbmFsIiwidXNlclZlcmlmaWNhdGlvbiI6InByZWZlcnJlZCJ9&pageId=anywhere_jp&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_custrec_signin&prevRID=83GKJ0S3596MY3RTR478&openid.assoc_handle=anywhere_v2_jp&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: パスワードを忘れた方

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/ap/register?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&webAuthnChallengeIdForAutofill=cgBx2tvedQtzBYsheaKaB0gv_hIpLatG%3AFE&webAuthnGetParametersForAutofill=eyJycElkIjoiYW1hem9uLmNvLmpwIiwiY2hhbGxlbmdlIjoiY2dCeDJ0dmVkUXR6QllzaGVhS2FCMGd2X2hJcExhdEciLCJ0aW1lb3V0Ijo5MDAwMDAsImFsbG93Q3JlZGVudGlhbHMiOm51bGwsIm1lZGlhdGlvbiI6ImNvbmRpdGlvbmFsIiwidXNlclZlcmlmaWNhdGlvbiI6InByZWZlcnJlZCJ9&pageId=anywhere_jp&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_custrec_signin&prevRID=83GKJ0S3596MY3RTR478&openid.assoc_handle=anywhere_v2_jp&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: 新しいAmazonのアカウントを作成

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/business/register/welcome?ref_=ab_reg_signin
Title: Amazonビジネスでショッピング

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stringandbow.com/Japan.php HTTP 302
https://astrovistaapartments.com/ HTTP 302
https://astrovistaapartments.com/client/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response astrovistaapartments.com/client/ Redirect Chain https://stringandbow.com/Japan.php https://astrovistaapartments.com/ https://astrovistaapartments.com/client/login	27 KB 8 KB	208ms 208ms	Document text/html	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `9b4bace8c5cf9f14e259e9f0e29fa35f8177579030d26ad3d69e5f0ec0cc1495` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type text/html; charset=utf-8 date Sat, 13 Jul 2024 20:14:35 GMT etag W/"6c56-/tRw4wqu+JqA40/10U2ZnlzQgEI" server nginx vary Accept-Encoding x-cache MISS x-powered-by Express Redirect headers access-control-allow-headers * access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-length 70 content-type text/html; charset=utf-8 date Sat, 13 Jul 2024 20:14:34 GMT location /client/login server nginx vary Accept x-cache MISS x-powered-by Express
GET H2	200	6167Ev6Z8GL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css images-fe.ssl-images-amazon.com/images/I/	133 KB 23 KB	301ms 8ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/6167Ev6Z8GL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css?AUIClients/AmazonUI Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `7d8112e621d0af5d1562649bbc5e09efaa86562d64ba83e2e67eda08edce9ed8` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 07 Jul 2024 10:46:00 GMT content-encoding gzip via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 14470301 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-325,/images/I/6167Ev6Z8GL x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-325 /images/I/6167Ev6Z8GL last-modified Wed, 06 Jan 2021 02:50:26 GMT server Server content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id e3950707-1f39-47d1-bd92-cba9af674664 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id Wt_rNhnFvtIS0J8d1lekiMB-SoFI7HlRC8goGAMuGvAyTh_CRmK3Pw== expires Sun, 17 Jan 2044 11:16:00 GMT
GET H2	200	01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51raMAFHQbL.css_.css images-fe.ssl-images-amazon.com/images/I/	60 KB 8 KB	301ms 9ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C31jdWD+JB+L.css,51raMAFHQbL.css_.css?AUIClients/AuthenticationPortalAssets&QmmAyoMU Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `8d6ab7fafcc5496caba5b7e902775ec6e2fe2583bdffa99f7c07ea0a19809b7a` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 03 Jul 2024 14:17:35 GMT content-encoding br via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 481840 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-394,/images/I/01SdjaY0ZsL x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-394 /images/I/01SdjaY0ZsL last-modified Sat, 30 May 2015 02:58:48 GMT server Server content-type text/css access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id f53cf641-aaba-41ea-81bb-0c1fa6b36d0b timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id WEvMHKm8QJNlOjixztpFNpVDsO1vGb9wOu6UtfX3rEUaVN3bfI1__g== expires Tue, 28 Jun 2044 14:17:35 GMT
GET H2	200	21D7oXu-KGL.css images-fe.ssl-images-amazon.com/images/I/	4 KB 2 KB	304ms 13ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/21D7oXu-KGL.css?AUIClients/CVFAssets Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `b0e4446832ca34312cd23591d023816704e31296175a02ba48dbb8833b82cac3` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 25 Oct 2023 22:16:45 GMT content-encoding br via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 22629470 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-336,/images/I/21D7oXu-KGL x-nginx-cache-status MISS x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="NRT57-P2",cdn-rid;desc="VumoC8uel3rI30dQkbTsOdK8MLJnXBLbKUHlaAD5_RcXTzFE8rNkAA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2,provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-336 /images/I/21D7oXu-KGL last-modified Wed, 11 Oct 2023 20:02:03 GMT server Server content-type text/css access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id a63cd10b-4386-4c0d-bc04-5013b2267aac timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id VumoC8uel3rI30dQkbTsOdK8MLJnXBLbKUHlaAD5_RcXTzFE8rNkAA== expires Tue, 20 Oct 2043 22:16:45 GMT
GET H2	200	41CliGtdJWL._RC%7C41Vqus7iTPL.css,511EDHOvkkL.css_.css images-fe.ssl-images-amazon.com/images/I/	86 KB 10 KB	305ms 14ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/41CliGtdJWL._RC%7C41Vqus7iTPL.css,511EDHOvkkL.css_.css?AUIClients/NavMobileAssets-all&u8VeQhx8 Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `cad59362ed885a0c0fc0d5bf244328c38d0de13bbf22096b83fd2880161715c2` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 08 Jun 2024 01:36:32 GMT content-encoding br via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 2295248 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-810,/images/I/41CliGtdJWL x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-810 /images/I/41CliGtdJWL last-modified Sat, 11 Nov 2023 23:00:51 GMT server Server content-type text/css access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 2afd7103-54a4-4113-b8dc-bc74883b4f74 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id vzumSUKvR-n1CP3cA-33b_uWMZAMsWx3Q1NFp4A8iJhy9RFz057gcA== expires Fri, 03 Jun 2044 01:36:32 GMT
GET H2	200	41bhuBzDmyL.css images-fe.ssl-images-amazon.com/images/I/	16 KB 5 KB	296ms 5ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/41bhuBzDmyL.css?AUIClients/InternationalCustomerPreferencesNavMobileAssets Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `87b816e9bd56d05b49ac7630daf442628b0599c8dbf5952d25ee3a369e0f5082` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 01 Aug 2023 02:36:27 GMT content-encoding gzip via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 30044288 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-043,/images/I/41bhuBzDmyL x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="NRT57-P2",cdn-rid;desc="MXtbVhGnLLzqrtywXFHMySz9rIZeXw4AN6ei9EZ6H6Uj3z8JlI41gg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2,provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-043 /images/I/41bhuBzDmyL last-modified Mon, 30 May 2022 10:25:36 GMT server Server content-type text/css access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 8ed41a84-2e28-4150-99a6-17212fc8b979 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id MXtbVhGnLLzqrtywXFHMySz9rIZeXw4AN6ei9EZ6H6Uj3z8JlI41gg== expires Mon, 27 Jul 2043 02:36:14 GMT
GET H2	200	01+72+wCC9L.css images-fe.ssl-images-amazon.com/images/I/	1 KB 1 KB	301ms 11ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/01+72+wCC9L.css?AUIClients/GlowToasterAssets Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 24 Jul 2023 15:15:42 GMT content-encoding gzip via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 30689933 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-758,/images/I/01+72+wCC9L x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-758 /images/I/01+72+wCC9L last-modified Sat, 23 Dec 2017 00:30:57 GMT server Server content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 027e52ab-4279-4508-ae40-8cb16503d87b timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id uNpxkCnhfi7PGCjhMAj876Oq2R5cwRyZQ9ODGZD-xQOKC5va4xWXLw== expires Fri, 03 Jul 2043 11:51:51 GMT
GET H2	200	41c0JqRkbXL._RC%7C21uA+6iDWBL.css,31eNyfgmRYL.css_.css images-fe.ssl-images-amazon.com/images/I/	41 KB 5 KB	302ms 11ms	Stylesheet text/css	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-fe.ssl-images-amazon.com/images/I/41c0JqRkbXL._RC%7C21uA+6iDWBL.css,31eNyfgmRYL.css_.css?AUIClients/RetailSearchAutocompleteAssets Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `73d42b1545133408a9a96263514d34cd9307f71028180c726320f9df44c3f460` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 04 Nov 2023 02:41:30 GMT content-encoding br via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 21835984 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-673,/images/I/41c0JqRkbXL x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 surrogate-key x-cache-673 /images/I/41c0JqRkbXL last-modified Fri, 27 Oct 2023 18:18:44 GMT server Server content-type text/css access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id faca7523-37ff-4c46-bd14-9097012ab634 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id HLOLpU_aW5-kpAMuZkfHzVH0xYR1yb9YRHkvdLYglJWO3R49VSH7kw== expires Fri, 30 Oct 2043 00:45:30 GMT
GET H2	200	loading.css astrovistaapartments.com/static/public/css/	321 B 628 B	11ms 8ms	Stylesheet text/css	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/static/public/css/loading.css Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `4c35ce2490955c47d38d6d6938380b8df6dfcc737340569e1946547575e2b112` Request headers Referer https://astrovistaapartments.com/client/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 20:14:35 GMT last-modified Mon, 01 Jul 2024 08:31:33 GMT server nginx x-powered-by Express etag W/"141-1906d6bb288" access-control-max-age 2592000 access-control-allow-methods GET,POST,OPTIONS content-type text/css; charset=UTF-8 access-control-allow-origin * x-cache MISS cache-control public, max-age=0 accept-ranges bytes access-control-allow-headers * content-length 321
GET H2	200	jquery-3.5.1.js Show response astrovistaapartments.com/static/public/js/	281 KB 97 KB	13ms 10ms	Script application/javascript	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/static/public/js/jquery-3.5.1.js Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37` Request headers Referer https://astrovistaapartments.com/client/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 20:14:35 GMT content-encoding gzip last-modified Wed, 21 Feb 2024 23:12:06 GMT server nginx x-powered-by Express etag W/"4638e-18dcdf0c970" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache MISS access-control-max-age 2592000 cache-control public, max-age=0 access-control-allow-headers *
GET H2	200	vue.js Show response astrovistaapartments.com/static/public/js/	334 KB 104 KB	13ms 11ms	Script application/javascript	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/static/public/js/vue.js Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce` Request headers Referer https://astrovistaapartments.com/client/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 20:14:35 GMT content-encoding gzip last-modified Wed, 21 Feb 2024 23:12:06 GMT server nginx x-powered-by Express etag W/"53882-18dcdf0c970" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache MISS access-control-max-age 2592000 cache-control public, max-age=0 access-control-allow-headers *
GET H2	200	options.js Show response astrovistaapartments.com/static/public/js/	3 KB 828 B	12ms 11ms	Script application/javascript	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/static/public/js/options.js Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `62c51fa8d54ac3b6bbb75a568d5f931a9b65f13e4e5ea018448bfbdc6917d874` Request headers Referer https://astrovistaapartments.com/client/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 20:14:35 GMT content-encoding gzip last-modified Thu, 11 Jul 2024 14:27:12 GMT server nginx x-powered-by Express etag W/"b2c-190a230e6bf" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache MISS access-control-max-age 2592000 cache-control public, max-age=0 access-control-allow-headers *
GET H2	200	login.js Show response astrovistaapartments.com/static/amazon/js/	6 KB 2 KB	27ms 25ms	Script application/javascript	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/static/amazon/js/login.js Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `eba3fef11902ec0f7d736f1a2091e87dd3329edfb784674100ee4515505e8e7f` Request headers Referer https://astrovistaapartments.com/client/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 20:14:35 GMT content-encoding gzip last-modified Mon, 08 Jul 2024 06:38:57 GMT server nginx x-powered-by Express etag W/"16b6-19091111fe8" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache MISS access-control-max-age 2592000 cache-control public, max-age=0 access-control-allow-headers *
GET H2	200	new-nav-sprite-global-1x_blueheaven-privacy._CB600088431_.png m.media-amazon.com/images/G/09/gno/sprites/	13 KB 14 KB	15ms 9ms	Image image/png	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/G/09/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy._CB600088431_.png Requested by Host: astrovistaapartments.com URL: https://astrovistaapartments.com/client/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `053dd134b1723da118c189819a77d6d4c3b6dfb7f23fd08f8c7a93fdf1d64f4b` Request headers Referer https://astrovistaapartments.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 12 Nov 2023 06:44:07 GMT via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 21127550 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-570,/images/G/09/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing cdn-cache-hit,cdn-pop;desc="NRT57-P2",cdn-rid;desc="YqrMPOjEBl7dGq7ipdoi3FctIt55cIGYdHPXCIFTGBo9TvkWtWAGhg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1,provider;desc="cf" alt-svc h3=":443"; ma=86400 content-length 13358 surrogate-key x-cache-570 /images/G/09/gno/sprites/new-nav-sprite-global-1x_blueheaven-privacy last-modified Mon, 05 Jun 2023 16:56:24 GMT server Server content-type image/png access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id e1a03ab5-e1b0-4e36-a50f-8b18ddc5f51e accept-ranges bytes timing-allow-origin https://www.amazon.co.jp x-amz-cf-id YqrMPOjEBl7dGq7ipdoi3FctIt55cIGYdHPXCIFTGBo9TvkWtWAGhg== expires Sat, 07 Nov 2043 06:44:07 GMT
GET H2	200	BgnVchebDR5Ds4h.png m.media-amazon.com/images/S/sash/	60 KB 61 KB	7ms 4ms	Image image/png	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/S/sash/BgnVchebDR5Ds4h.png Requested by Host: images-fe.ssl-images-amazon.com URL: https://images-fe.ssl-images-amazon.com/images/I/6167Ev6Z8GL._RC%7C11iHkiAT2oL.css,01wLsDqViEL.css,11MhAJ3QIgL.css,31JhtlVsImL.css,31i+Ric3zOL.css,01DHz7m6lhL.css_.css?AUIClients/AmazonUI#mobile.jp.not-trident Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a` Request headers Referer https://images-fe.ssl-images-amazon.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 13 Aug 2023 16:13:57 GMT via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 28958438 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-738,/images/S/sash/BgnVchebDR5Ds4h x-nginx-cache-status MISS x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 content-length 61917 surrogate-key x-cache-738 /images/S/sash/BgnVchebDR5Ds4h last-modified Tue, 17 Nov 2020 23:31:30 GMT server Server content-type image/png access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 1e78e5e3-bf17-42f4-ab4e-4e029c8a5711 accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id p2qAJyr1S4xVlqP8v3lB7Sv625BWf90C9HTd_4I-_tN23QkGNV6hpQ== expires Sat, 08 Aug 2043 16:13:57 GMT
GET H2	200	fe2UeLQmJ11kKHN.png m.media-amazon.com/images/S/sash/	58 KB 59 KB	8ms 7ms	Image image/png	2600:9000:221a:d800:1d:d7f6:39d3:d9e1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://m.media-amazon.com/images/S/sash/fe2UeLQmJ11kKHN.png Requested by Host: images-fe.ssl-images-amazon.com URL: https://images-fe.ssl-images-amazon.com/images/I/41bhuBzDmyL.css?AUIClients/InternationalCustomerPreferencesNavMobileAssets Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:221a:d800:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b` Request headers Referer https://images-fe.ssl-images-amazon.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 07 Aug 2023 06:53:18 GMT via 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront) age 29510477 x-amz-cf-pop NRT57-P2 edge-cache-tag x-cache-480,/images/S/sash/fe2UeLQmJ11kKHN x-nginx-cache-status HIT x-cache Hit from cloudfront server-timing provider;desc="cf" alt-svc h3=":443"; ma=86400 content-length 59234 surrogate-key x-cache-480 /images/S/sash/fe2UeLQmJ11kKHN last-modified Fri, 06 May 2022 16:03:28 GMT server Server content-type image/png access-control-allow-origin * cache-control max-age=630720000,public x-amz-ir-id 21e85ec2-4a24-49ad-8f48-d5326f9ad25d accept-ranges bytes timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id gzokdc22S2_au7S4O_UgcXwafO7sNJXtD2LUSP6nMXCUeoooVyaDCw== expires Sat, 01 Aug 2043 05:47:08 GMT
GET H2	200	icon.png astrovistaapartments.com/static/amazon/	30 KB 29 KB	53ms 53ms	Other image/png	137.220.244.108 CTGSERVERLIMITED-...
General Check archive.org Show headers Download Go to Full URL https://astrovistaapartments.com/static/amazon/icon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 137.220.244.108 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK), Reverse DNS Software nginx / Express Resource Hash `89e4947816296bfeb36d37f654d6c83e26906d0cc6f73088065ba7cf6bd98406` Request headers Referer https://astrovistaapartments.com/client/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 20:14:35 GMT content-encoding gzip last-modified Sat, 26 Dec 2020 13:54:10 GMT server nginx x-powered-by Express etag W/"7819-1769f53fbd0" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type image/png access-control-allow-origin * x-cache MISS access-control-max-age 2592000 cache-control public, max-age=0 access-control-allow-headers *

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon Japan (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Vue

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			astrovistaapartments.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A0zqxoebWyJ1baPHsuzxzU6jAHxmjga6s.AdLKQGl094FLGgrHwEsrK0aBUd%2FB4YZm7hVMaTVdEsg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://astrovistaapartments.com/client/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

astrovistaapartments.com
images-fe.ssl-images-amazon.com
m.media-amazon.com
stringandbow.com
137.220.244.105
137.220.244.108
2600:9000:221a:d800:1d:d7f6:39d3:d9e1
053dd134b1723da118c189819a77d6d4c3b6dfb7f23fd08f8c7a93fdf1d64f4b
2ce18237ee8094ab137b910ce33aa1cdd7904c1dad5f238734ad5e307c5be08b
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4c35ce2490955c47d38d6d6938380b8df6dfcc737340569e1946547575e2b112
62c51fa8d54ac3b6bbb75a568d5f931a9b65f13e4e5ea018448bfbdc6917d874
6da4e741f1e44e8a6e60f74ce6d666292135be8a44c5a5d97621a0bd1371e782
73d42b1545133408a9a96263514d34cd9307f71028180c726320f9df44c3f460
7d8112e621d0af5d1562649bbc5e09efaa86562d64ba83e2e67eda08edce9ed8
87b816e9bd56d05b49ac7630daf442628b0599c8dbf5952d25ee3a369e0f5082
89e4947816296bfeb36d37f654d6c83e26906d0cc6f73088065ba7cf6bd98406
8d6ab7fafcc5496caba5b7e902775ec6e2fe2583bdffa99f7c07ea0a19809b7a
9b4bace8c5cf9f14e259e9f0e29fa35f8177579030d26ad3d69e5f0ec0cc1495
b0e4446832ca34312cd23591d023816704e31296175a02ba48dbb8833b82cac3
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a
cad59362ed885a0c0fc0d5bf244328c38d0de13bbf22096b83fd2880161715c2
eba3fef11902ec0f7d736f1a2091e87dd3329edfb784674100ee4515505e8e7f

astrovistaapartments.com Open in urlscan Pro 137.220.244.108 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

429 kBTransfer

1154 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

astrovistaapartments.com Open in urlscan Pro
137.220.244.108 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

429 kB
Transfer

1154 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!