Report - oyg43mnesx.pages.dev/

Report Overview

Submitted URL
oyg43mnesx.pages.dev/
IP
172.66.44.152
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-01 03:35:55
Access
public
Website Title
Amazon.com
Final URL
oyg43mnesx.pages.dev/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
images-na.ssl-images-amazon.com	842	2004-07-21	2012-10-30	2024-04-30	3.7 kB	83 kB	143.204.46.106
fls-na.amazon.com	1217	1994-11-01	2012-05-25	2024-04-30	949 B	475 B	54.157.197.26
oyg43mnesx.pages.dev	unknown	2020-09-02	2024-01-28	2024-03-28	912 B	26 kB	172.66.44.152

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	oyg43mnesx.pages.dev/	Amazon.com Inc.
2024-03-28	medium	oyg43mnesx.pages.dev/	Amazon.com Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	oyg43mnesx.pages.dev/	0 B	2023-03-07	2024-05-21
Pretty URL oyg43mnesx.pages.dev/ IP 172.66.44.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-21 23:59:32 Times Seen37931114 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	oyg43mnesx.pages.dev/	0 B	2023-03-07	2024-05-21
Pretty URL oyg43mnesx.pages.dev/ IP 172.66.44.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-21 23:59:32 Times Seen37931114 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js	1.8 kB	2023-03-07	2024-05-21
Pretty URL images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js IP 143.204.46.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:39 Last Seen2024-05-21 20:03:01 Times Seen1138 Hash c2ec838fe27f97d3fd0074ce8bcaf9c3 87feacf794f2465e34a198f1243cfefdc428bc58 35cf72b3f65845c32617eb726119bbdd969738b7d62bb760c4381e82ce37ac4a Loading...

	images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js	1.8 kB	2023-03-07	2024-05-21
Pretty URL images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js IP 143.204.46.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:39 Last Seen2024-05-21 20:03:01 Times Seen1154 Hash 6d68177fa6061598e9509dc4b5bdd08d 3be11c9cf7d3fd0ec940798c3af6718e7db15e79 0a7e3153f44d0e51c73dad9fa3034a14446bedbafc38e477915382dd02269123 Loading...

	images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js	7.2 kB	2023-03-07	2024-05-21
Pretty URL images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js IP 143.204.46.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:39 Last Seen2024-05-21 20:03:01 Times Seen1087 Hash 1c399ad9886cab69575e1e5ee15c61a1 5b4a4fae777b5a20a6751361f0c64b9d590e37ba a538a2b295512c2a3b74f63e74047db79140733da941fb0fca2b95a1dfdada37 Loading...

	images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js	20 kB	2023-03-07	2024-05-21
Pretty URL images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js IP 143.204.46.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:39 Last Seen2024-05-21 20:03:01 Times Seen1494 Hash 64ee8d01bbfe60d6eff43818778fb34e 51171fbdd28e1a7a61e922e8f0272af8bc74d37b 877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042 Loading...

	oyg43mnesx.pages.dev/	0 B	2023-03-07	2024-05-21
Pretty URL oyg43mnesx.pages.dev/ IP 172.66.44.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-21 23:59:32 Times Seen37931114 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 1c141a008c63767bc83f86a961846869	89 B	2024-05-01	2024-05-01
Pretty Observations First Seen2024-05-01 05:35:55 Last Seen2024-05-01 05:35:55 Times Seen1 Hash 1c141a008c63767bc83f86a961846869 b20bd873c1c5b1035f4e53c5dcbad56393004377 cef08e24c76b7cd43593bd30543d1cc62b08903b094aa6881867764cc084d256 Loading...

HTTP Transactions (11)

URL IP Response Size

images-na.ssl-images-amazon.com/captcha/lqbiackd/Captcha_jxdrlokczr.jpg

143.204.46.106

200 OK

5.2 kB

URL GET HTTP/2
images-na.ssl-images-amazon.com/captcha/lqbiackd/Captcha_jxdrlokczr.jpg
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x70, components 1
Size
5.2 kB (5173 bytes)
Hash
aafff735e5f8aac7cf0d5919d1503784
757c4a01f5aaf27a31237f673ba999297d0acf0c
eaba1a2a7a5bbe9be76a8e9b62e032c4e1d18f6ec77762b91642af803ec38c24

HTTP Headers

GET /captcha/lqbiackd/Captcha_jxdrlokczr.jpg HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 5173
server: Server
x-amz-ir-id: 9077dddc-6575-46e4-8eea-c642774a4ff2
last-modified: Wed, 08 Feb 2012 17:14:09 GMT
access-control-allow-origin: *
edge-cache-tag: x-cache-469,/captcha/lqbiackd/Captcha_jxdrlokczr
surrogate-key: x-cache-469 /captcha/lqbiackd/Captcha_jxdrlokczr
x-nginx-cache-status: HIT
accept-ranges: bytes
date: Wed, 01 May 2024 03:35:30 GMT
vary: Accept-Encoding
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 78473
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tGRJjALBDNzRxjhZfLgh3hTxO9CH0BUsO4Zajpq2Hz-h5ZemiKBmeA==
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0007-1x._V383827579_.png

143.204.46.106

200 OK

17 kB

URL GET HTTP/2
images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0007-1x._V383827579_.png
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
PNG image data, 400 x 600, 8-bit colormap, non-interlaced
Size
17 kB (16972 bytes)
Hash
7d7a0cfb8ec9eb548c63bfd8f743181c
76cab36d1597e40654951dec1be50c289252caaa
49ff798368f6e4367d03a44af687d47609ca4608d02b1a099281f88c910cf1aa

HTTP Headers

GET /images/G/01/amazonui/sprites/aui_sprite_0007-1x._V383827579_.png HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 16972
server: Server
date: Fri, 21 Jul 2023 15:11:09 GMT
x-amz-ir-id: 6eef3435-ceab-4342-9443-c088d5a6e681
cache-control: max-age=630720000,public
last-modified: Wed, 15 May 2013 01:55:34 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-846,/images/G/01/amazonui/sprites/aui_sprite_0007-1x
expires: Sat, 04 Jul 2043 01:09:17 GMT
surrogate-key: x-cache-846 /images/G/01/amazonui/sprites/aui_sprite_0007-1x
x-nginx-cache-status: HIT
accept-ranges: bytes
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 24582261
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HZrh_OKLQHQrd3kHqjjcu2Ye13EBM7PL4aaNgKE1V1Ap1ZY7Z6ZqkA==
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css

143.204.46.106

200 OK

24 kB

URL GET HTTP/2
images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
24 kB (23622 bytes)
Hash
0807fb4d368ce81498083436a2ee8a3b
3fea321e815364b8862390baa33ed728fb5c01b5
08f333eaf51ba4277d26d52ea94aaca4e7d45cc58758770a0f19bc55f14fbe29

HTTP Headers

GET /images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: Server
date: Sun, 13 Aug 2023 06:52:09 GMT
x-amz-ir-id: 3c9c4e67-95da-41df-8807-d86cc280dae9
cache-control: max-age=630720000,public
last-modified: Wed, 17 Jul 2013 22:49:32 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-109,/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min
expires: Fri, 07 Aug 2043 07:46:12 GMT
surrogate-key: x-cache-109 /images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min
x-nginx-cache-status: HIT
content-encoding: gzip
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 22625001
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JzzdbO0mlKmN4NgVmFLwPxukGHunDcnWGppdTWRGTpvgakgII-7wFw==
X-Firefox-Spdy: h2

fls-na.amazon.com/1/oc-csi/1/OP/requestId=5XMXS46VASQ3PG4PV8D5&js=1

54.157.197.26

200 OK

43 B

URL GET HTTP/2
fls-na.amazon.com/1/oc-csi/1/OP/requestId=5XMXS46VASQ3PG4PV8D5&js=1
IP
54.157.197.26:443
ASN
#14618 AMAZON-AES

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerAmazon
Subjectfls-na.amazon.com
Fingerprint30:A3:4C:70:42:BB:AA:D8:DB:94:E8:8F:1E:BB:D2:18:92:3A:B6:0E
ValidityThu, 21 Dec 2023 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
e68cc604cab69bf03b8cd228d940f5ef
15c0c62c4c7c917b5dd82a8e1e439211a44b9e98
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

HTTP Headers

GET /1/oc-csi/1/OP/requestId=5XMXS46VASQ3PG4PV8D5&js=1 HTTP/1.1
Host: fls-na.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 03:35:31 GMT
content-type: image/gif
content-length: 43
x-amzn-requestid: 6e5a6c40-2f24-4b09-85a7-48d40f7b279e
X-Firefox-Spdy: h2

fls-na.amazon.com/1/batch/1/OE/

54.157.197.26

204 No Content

0 B

URL POST HTTP/2
fls-na.amazon.com/1/batch/1/OE/
IP
54.157.197.26:443
ASN
#14618 AMAZON-AES

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerAmazon
Subjectfls-na.amazon.com
Fingerprint30:A3:4C:70:42:BB:AA:D8:DB:94:E8:8F:1E:BB:D2:18:92:3A:B6:0E
ValidityThu, 21 Dec 2023 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /1/batch/1/OE/ HTTP/1.1
Host: fls-na.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 20507
Origin: https://oyg43mnesx.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 01 May 2024 03:35:32 GMT
x-amzn-requestid: 2897e298-0e11-4aca-8edb-36f57bf67a56
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
X-Firefox-Spdy: h2

oyg43mnesx.pages.dev/favicon.ico

172.66.44.152

200 OK

18 kB

URL GET HTTP/3
oyg43mnesx.pages.dev/favicon.ico
IP
172.66.44.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectoyg43mnesx.pages.dev
FingerprintEF:50:03:78:22:51:95:3C:00:D1:BF:DF:16:9D:D0:8C:01:5A:DA:B6
ValidityWed, 27 Mar 2024 00:24:56 GMT - Tue, 25 Jun 2024 00:24:55 GMT

File type
MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
18 kB (17542 bytes)
Hash
ca6619b86c2f6e6068b69ba3aaddb7e4
c44a1bb9d14385334eb851fbb0afb19d961c1ee7
17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Amazon.com Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: oyg43mnesx.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 03:35:30 GMT
content-type: image/x-icon
cf-ray: 87ccb8d12adc0afe-OSL
cf-cache-status: MISS
etag: W/"4486-490c87c5a6340"
last-modified: Tue, 21 Sep 2010 17:37:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-amz-rid: XJKJ2Q9A5W9JDQJDQDZT
x-amzn-cdn-id: ak-0.8f0a655f.1714534530.1c712e2
x-cache: RefreshHit from child, Hit from parent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLSPbIexO3JXFKk4H6WxAv7V4yitY1l5rUTCzEitKos0yyhLiRdqNkgOrwq2WEtTqRgjNOnX2GDyeSyjHmyxyHwLBTJwUdbrbWefIKdsVtLwuA3z1LunmrDteH%2FP6pv0AL9724%2Fylw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js

143.204.46.106

200 OK

20 kB

URL GET HTTP/3
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (522), with overstriking
Size
20 kB (19614 bytes)
Hash
64ee8d01bbfe60d6eff43818778fb34e
51171fbdd28e1a7a61e922e8f0272af8bc74d37b
877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042

HTTP Headers

GET /images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/x-javascript
x-amz-cf-pop: OSL50-C1
x-cache: Hit from cloudfront
server: Server
date: Tue, 01 Aug 2023 02:05:13 GMT
x-amz-ir-id: 4f24392f-1722-4ede-9302-b8a672ff834c
cache-control: max-age=630720000,public
last-modified: Thu, 01 Oct 2015 10:17:43 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-643,/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-s
expires: Sun, 26 Jul 2043 23:42:43 GMT
surrogate-key: x-cache-643 /images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-s
x-nginx-cache-status: HIT
content-encoding: gzip
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 23679017
server-timing: provider;desc="cf",cdn-rid;desc="-6sqF07BW6xNuzrw46X8Pfm0dYOKXb1qMfNa_kGkBUFr0tHC-z0UVw==",cdn-downstream-fbl;dur=1
x-amz-cf-id: -6sqF07BW6xNuzrw46X8Pfm0dYOKXb1qMfNa_kGkBUFr0tHC-z0UVw==

oyg43mnesx.pages.dev/

172.66.44.152

200 OK

6.6 kB

URL User Request GET HTTP/2
oyg43mnesx.pages.dev/
IP
172.66.44.152:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectoyg43mnesx.pages.dev
FingerprintEF:50:03:78:22:51:95:3C:00:D1:BF:DF:16:9D:D0:8C:01:5A:DA:B6
ValidityWed, 27 Mar 2024 00:24:56 GMT - Tue, 25 Jun 2024 00:24:55 GMT

File type
HTML document, ASCII text, with very long lines (6892), with no line terminators
Size
6.6 kB (6591 bytes)
Hash
b6278f02ee32cc3f48d6b954c059b617
65ff01dde76535e1ca576db59d3b565992bdbb46
2b1b614b969a100095da01193608215dd990c8790b129a1f782c9898b1e8de5d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Amazon.com Inc.

HTTP Headers

GET / HTTP/1.1
Host: oyg43mnesx.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 03:35:29 GMT
content-type: text/html
cf-ray: 87ccb8cb58420b06-OSL
cf-cache-status: DYNAMIC
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
x-amz-rid: 5XMXS46VASQ3PG4PV8D5
x-amzn-cdn-id: ak-0.8f0a655f.1714534529.1c71127
x-cache: NotCacheable from child
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0Hzxrjhr4edC23HRNewmYd%2BJztmbo0YQ5eLzjca55dgA4g4zugsV5BXStTAJebk%2B%2BFKjp78E1M0pGkSLKAH8lDibYWtxkFNlQpEzAwApEfV4SME3LqgbHVjk9H9bye1eZ3yO70qJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js

143.204.46.106

200 OK

1.8 kB

URL GET HTTP/2
images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1827), with no line terminators
Size
1.8 kB (1787 bytes)
Hash
747e84e823a449d0603999c8011553ca
aae02cb846cac66e6df9ca9a356a7c6d7c51a65d
2bc70b2c3cfcf9e741e0bc2334bdf31803bd430a3a6425bab043047995eb2b76

HTTP Headers

GET /images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
server: Server
x-amz-ir-id: 26d5c5b6-ec99-4e28-a4d0-24ee5498966a
last-modified: Mon, 12 Oct 2015 09:22:39 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-726,/images/G/01/csminstrumentation/csm-captcha-instrumentation.min
surrogate-key: x-cache-726 /images/G/01/csminstrumentation/csm-captcha-instrumentation.min
x-nginx-cache-status: HIT
content-encoding: gzip
date: Tue, 30 Apr 2024 20:32:45 GMT
cache-control: max-age=86400,public
expires: Wed, 01 May 2024 06:45:45 GMT
vary: Accept-Encoding
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 25375
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZqYNE0vbJvqhbVmHOmN49utaact8YzKZLX4hNgArgWAHpZ4GvZPcSA==
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js

143.204.46.106

200 OK

1.8 kB

URL GET HTTP/2
images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1885), with no line terminators
Size
1.8 kB (1829 bytes)
Hash
554e3ca56fcbef44ead95bb2185e5907
7a479411ad04fcd58410c50dc69b81b7f390ad3f
31bf624bc6233d6049e4279e1d6b166fc58f97271d9935cb6b6025d151d581fb

HTTP Headers

GET /images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
server: Server
x-amz-ir-id: b62d12d7-7331-40ee-b9ac-911cedf2a8f9
last-modified: Fri, 20 Mar 2020 12:31:03 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-512,/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d
surrogate-key: x-cache-512 /images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d
x-nginx-cache-status: HIT
content-encoding: gzip
date: Tue, 30 Apr 2024 09:50:25 GMT
cache-control: max-age=86400,public
expires: Wed, 25 Oct 2023 22:21:21 GMT
vary: Accept-Encoding
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 63908
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gf5k23FSLZOCR_Z3CilyDE_rWYxemUDQCwm_AeBUXJlCROVKlND2EA==
X-Firefox-Spdy: h2

images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js

143.204.46.106

200 OK

7.2 kB

URL GET HTTP/3
images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
IP
143.204.46.106:443
ASN
#16509 AMAZON-02

Requested by
https://oyg43mnesx.pages.dev/
Certificate
IssuerDigiCert Inc
Subjectimages-na.ssl-images-amazon.com
Fingerprint8A:C2:7D:85:C5:D2:68:79:93:AF:D2:55:06:26:64:6F:36:95:1A:6E
ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 08 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7409), with no line terminators
Size
7.2 kB (7210 bytes)
Hash
b95d93ebca68aad50b454b2ff4dc68b3
0a1a9aafb61571e3ddcaa4e2a5ce041d718ac07f
80ff7d435fbffd1b9a6b75e39d98e3311e8420f8f71fb4b71c31f03f507e6619

HTTP Headers

GET /images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oyg43mnesx.pages.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/x-javascript
x-amz-cf-pop: OSL50-C1
x-cache: Hit from cloudfront
server: Server
date: Tue, 25 Jul 2023 21:16:33 GMT
x-amz-ir-id: 844186c8-ef49-4ff6-b768-c5cf8919c236
cache-control: max-age=630720000,public
last-modified: Wed, 26 Aug 2015 14:52:49 GMT
access-control-allow-origin: *
timing-allow-origin: https://www.amazon.com
edge-cache-tag: x-cache-438,/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1
expires: Tue, 14 Jul 2043 07:39:01 GMT
surrogate-key: x-cache-438 /images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1
x-nginx-cache-status: HIT
content-encoding: gzip
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
age: 24214737
server-timing: provider;desc="cf",cdn-rid;desc="YYq6hKsT17m-3FgXABiDmCThni6m9sdUvbbjZpd7c2wI9GNvpyh55w==",cdn-downstream-fbl;dur=2
x-amz-cf-id: YYq6hKsT17m-3FgXABiDmCThni6m9sdUvbbjZpd7c2wI9GNvpyh55w==

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/2

IP