Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/ |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
LLM: Score: 9 Reasons: The brand 'Amazon' is a well-known global e-commerce company., The legitimate domain for Amazon is 'amazon.com'., The provided URL 'account-update-amazon-gift-card-collection.9d6ihdz43.top' does not match the legitimate domain., The URL contains multiple suspicious elements: it includes extra words like 'account-update' and 'gift-card-collection', which are not typical for Amazon's legitimate URLs., The domain extension '.top' is unusual for Amazon, which typically uses '.com'., The presence of a random string '9d6ihdz43' in the domain is suspicious and not associated with Amazon., The input fields requesting 'Email or mobile phone number' are common targets for phishing attempts. DOM: 0.0.pages.csv |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
LLM: Score: 9 Reasons: The brand 'Amazon' is a well-known global e-commerce company., The URL 'account-update-amazon-gift-card-collection.9d6ihdz43.top' does not match the legitimate domain 'amazon.com'., The domain '9d6ihdz43.top' is suspicious and not associated with Amazon., The use of 'amazon' in the subdomain is a common phishing tactic to mislead users., The presence of words like 'account-update' and 'gift-card-collection' in the URL is indicative of phishing attempts to lure users into providing sensitive information. DOM: 0.1.pages.csv |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
LLM: Score: 10 Reasons: The URL "account-update-amazon-gift-card-collection.9d6ihdz43.top" is highly suspicious. The domain name "9d6ihdz43.top" does not match the legitimate domain "amazon.com"., The URL contains several keywords like "account-update", "gift-card", and "collection" that are commonly used in phishing attacks to lure victims., The input field requesting "Email or mobile phone number" is a typical request in phishing attacks to collect user credentials., The structure of the URL and the presence of random characters is a strong indicator of a phishing attempt. DOM: 0.0.pages.csv |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
LLM: Score: 10 Reasons: The URL "account-update-amazon-gift-card-collection.9d6ihdz43.top" is highly suspicious. The domain name is clearly not amazon.com., The URL contains multiple keywords like 'account-update', 'gift-card', and 'collection', which are commonly used in phishing attacks to lure victims., The input fields 'Email or mobile phone number' and 'Enter your email or mobile phone number' are typical phishing attempts to collect sensitive information., The domain extension '.top' is often associated with suspicious websites. DOM: 0.1.pages.csv |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
Matcher: Template: amazon matched with high similarity |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
Matcher: Template: amazon matched |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
Matcher: Template: amazon matched |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: Invalid link: Need help? |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: Invalid link: Need help? |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: Has password / email / username input fields |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: <input type="password" .../> found |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: No <meta name="author".. found |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: No <meta name="author".. found |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: No <meta name="copyright".. found |
Source: http://account-update-amazon-gift-card-collection.9d6ihdz43.top/user/login |
HTTP Parser: No <meta name="copyright".. found |
Source: unknown |
HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49713 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.6:49721 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49728 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49734 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49753 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49844 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.6:49910 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 13.107.246.60:443 -> 192.168.2.6:49946 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49966 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:50014 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 40.115.3.253 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 13.107.246.60 |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 200 OKDate: Sun, 13 Oct 2024 18:21:22 GMTServer: ApacheUpgrade: h2Connection: Upgrade, closeLast-Modified: Sun, 13 Oct 2024 08:38:13 GMTETag: "197-62457a41297c1-gzip"Accept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 284Content-Type: text/htmlData Raw: 1f 8b 08 00 00 00 00 00 00 03 5d 51 cb 4e c3 30 10 3c b7 5f 61 7c a6 09 41 95 0a 92 1d 09 f1 b8 c2 a1 1c 38 ba f6 b6 59 70 ec c8 bb a4 84 af c7 49 28 12 bd 78 35 eb d9 19 cf 5a 5d 3c 3c df 6f df 5e 1e 45 c3 ad af 97 6a 2c c2 9b 70 d0 12 82 ac 97 0b d5 80 71 b9 2e 54 0b 6c 84 6d 4c 22 60 2d 5f b7 4f ab 1b 29 ca e9 ca 63 f8 10 09 bc 96 68 63 90 a2 49 b0 d7 b2 dc 9b 7e c4 45 3e 4e cc 49 24 98 16 b4 ec 11 8e 5d 4c 2c 45 e6 30 84 2c 7a 44 c7 8d 76 90 c7 60 35 81 4b 81 01 19 8d 5f 91 35 1e 74 55 5c 9d a4 18 d9 43 7d d7 9a ef 18 54 39 a3 b1 4f 36 61 c7 82 87 2e 9b b4 d1 7d 7a c8 16 29 12 c5 84 07 0c 82 92 cd 8f 33 94 73 50 89 c1 c1 57 51 ed 6e af 61 b3 b1 c5 3b c9 5a 95 b3 c4 59 34 e2 c1 03 35 00 fc 17 f0 9f 06 54 d5 1a 2a b3 2e 2c d1 b4 b9 f2 77 75 6a 17 dd 30 89 39 ec 05 3a 2d 4d d7 8d 36 19 8e ed 91 3a 53 f2 c8 f4 0d 3f ba 23 70 d3 97 01 00 00 Data Ascii: ]QN0<_a|A8YpI(x5Z]<<o^Ej,pq.TlmL"`-_O)chcI~E>NI$]L,E0,zDv`5K_5tU\C}T9O6a.}z)3sPWQna;ZY45T*.,wuj09:-M6:S?#p |
Source: global traffic |
HTTP traffic detected: HTTP/1.1 200 OKDate: Sun, 13 Oct 2024 18:21:23 GMTServer: ApacheUpgrade: h2Connection: Upgrade, closeLast-Modified: Fri, 11 Oct 2024 08:41:34 GMTETag: "577e0-6242f74542b80-gzip"Accept-Ranges: bytesVary: Accept-EncodingContent-Encoding: gzipContent-Length: 49155Content-Type: text/cssData Raw: 1f 8b 08 00 00 00 00 00 00 03 ed bd 69 97 63 39 6e 28 f8 7d 7e c5 75 e5 a9 d3 a9 2a dd 68 2d 21 c5 76 aa 8e bb db 4b 7b e6 f9 cd cc f3 72 a6 a7 5d 8e 73 43 ba 8a 90 53 21 e9 49 8a cc c8 d2 e4 fb ed c3 9d 20 09 70 b9 52 d4 62 b7 cb 5d 95 a9 4b 82 00 48 82 20 00 02 7f 3d 7b 6a 76 fb f6 50 7d f5 2f ff fc 77 f5 f5 57 77 bf fd e6 af aa f5 66 f7 dc ac 96 3f b6 17 b3 fd be fa 78 7d 31 b8 18 56 ff 5f f5 8f ff f0 cf d5 7f 5b ce da f5 be 65 7f 7b 5c 1e 9e 5e 1e 2e 66 9b e7 df ae db d9 66 d5 ec 7f eb f6 fb e6 b7 4f 87 e7 d5 71 b5 5c b7 f5 53 bb 7c 7c 3a dc 0e 2f 86 93 bb fa 53 fb f0 61 79 a8 0f ed eb a1 de b3 d6 75 33 ff 8f 97 3d fb 3a 18 7c fd e5 61 33 ff 7c 7c 6e 76 8f cb f5 ed e0 cb 73 b3 5c 1f e7 cb fd 76 d5 7c be 7d 58 6d 66 1f be 3c 0d 8f 8b cd 5a f6 bc 1d b5 cf 77 aa f1 c5 f4 aa 7d ae 06 5f 9e 76 c7 87 cd 2b ff bc 5c 3f de ce 58 d3 96 b5 66 3f dd 29 24 06 77 9b 8f ed 6e b1 da 7c ba fd b8 dc 2f 1f 56 ed 97 ed ae 95 40 17 cd f3 72 f5 f9 f6 79 b3 de ec b7 cd ac ed 9b 3f dd d9 41 87 ed f3 97 e6 f8 d0 cc 3e 3c ee 36 2f eb 79 cd a8 df ec 6e 0f bb 66 cd 9a ee d8 70 5f 9a 87 87 dd 9f 0f cb c3 aa fd 81 61 b3 9b b7 3b 86 c1 e1 b0 79 be 5d 6f d6 ed 9d 20 7d ce b8 b6 6b 0e cb cd fa 96 01 69 77 9c 51 f4 97 6a ce fa b7 f3 2f 0f fd fd 61 b7 59 3f 4a 7c 3f 49 92 1e 36 2b d6 ec cb 6c 33 6f fb 1f 1e e6 fd 7d f3 bc 2d 24 68 cf 66 6e 05 38 7b cd e6 62 ff c2 46 7b d9 82 5f af 26 5f df c1 09 1d dc 6d 37 fb a5 c0 74 d7 ae 18 ca 1f db 3b c6 dc c3 72 d6 ac 6a b6 14 1e d7 b7 0f cd be e5 5d 38 b4 a3 62 42 7d 31 9a f0 31 19 ec c3 66 cb fe ca ff b6 7c 7e d4 bc da 1f 3e af 5a c1 aa 2f 0f 2f ac c7 ba bf 5c 6f 5f 0e fd cd f6 c0 59 be ed 33 90 ed ec d0 e7 dc 62 0c 6f 1c 5a 97 eb a7 76 b7 3c 40 fa d8 c2 ba 0b d6 a1 59 64 70 88 63 b0 36 d4 57 39 e2 51 cc 8f 98 e9 05 5b ec 0e 8a 7f 3e 7c de b6 df c9 bf fc a0 fe b6 6b d9 de d2 7f 61 0c 78 5e 1e 7e 38 ea 0d d0 6c b7 6d c3 40 cd da 5b d9 4b 41 ba bd ad 9f 37 3f d6 8b cd ec 65 5f 2f d7 eb 76 e7 c2 26 bf cb d1 c8 cf 6a fc f0 7b c8 f6 bb 6d 33 9f f3 fd a3 b9 03 fa ec d8 ef 1e 42 e8 47 85 0d fa 4d a3 e2 7e 3c 6e 5e 0e 7c 9a 6e 87 db 57 b5 de ab df 8b 21 fe 99 b1 fd cb 62 d9 ae e6 0c e6 51 23 77 31 66 eb a6 ba b8 12 |