Click to jump to signature section
Source: https://saaxzz2569.cyou/m/user/index | SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering |
Source: https://saaxzz2569.cyou/m/login | LLM: Score: 9 Reasons: The brand 'Amazon' is a well-known global e-commerce company., The legitimate domain for Amazon is 'amazon.com'., The URL 'saaxzz2569.cyou' does not match the legitimate domain for Amazon., The domain extension '.cyou' is unusual for a well-known brand like Amazon., The URL contains random characters and numbers, which is a common tactic in phishing URLs to confuse users. DOM: 1.1.pages.csv |
Source: https://saaxzz2569.cyou/m/login | LLM: Score: 9 Reasons: Akamai is a well-known content delivery network and cloud service provider., The URL 'saaxzz2569.cyou' does not match the legitimate domain 'akamai.com'., The domain extension '.cyou' is unusual for a well-known brand like Akamai., The domain name 'saaxzz2569' does not have any recognizable association with Akamai., The presence of an input field for 'Email Address' on a suspicious domain increases the risk of phishing. DOM: 1.1.pages.csv |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: Number of links: 0 |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: <input type="password" .../> found but no <form action="... |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: Title: AMAZON does not match URL |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: Iframe src: https://saaxzz2569.cyou/api/websocket/server/iframe.html#wdipksb1 |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: Iframe src: https://saaxzz2569.cyou/api/websocket/server/714/5bahrunb/htmlfile?c=_jp.a4zmjse |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: <input type="password" .../> found |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No favicon |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No <meta name="author".. found |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No <meta name="author".. found |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No <meta name="author".. found |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No <meta name="copyright".. found |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No <meta name="copyright".. found |
Source: https://saaxzz2569.cyou/m/login | HTTP Parser: No <meta name="copyright".. found |
Source: unknown | HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:63123 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.6:63126 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:63199 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:63221 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.6:63282 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:63368 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:63367 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:63369 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:63370 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.6:63515 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.6:63615 version: TLS 1.2 |
Source: unknown | HTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:63617 version: TLS 1.2 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 20.199.58.43 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 52.159.127.243 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.64 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: unknown | TCP traffic detected without corresponding DNS query: 13.107.253.72 |
Source: global traffic | HTTP traffic detected: GET /v3/Delivery/Placement?pubid=da63df93-3dbc-42ae-a505-b34988683ac7&pid=338389&adm=2&w=1&h=1&wpx=1&hpx=1&fmt=json&cltp=app&dim=le&rafb=0&nct=1&pm=1&cfmt=text,image,poly&sft=jpeg,png,gif&topt=1&poptin=0&localid=w:068D482D-8F3B-78AE-DAA0-0C08B8FF2AE6&ctry=CH&time=20241014T122350Z&lc=en-CH&pl=en-CH,en-GB&idtp=mid&uid=d215e385-cdc6-4502-a974-fb4c5f95db96&aid=00000000-0000-0000-0000-000000000000&ua=WindowsShellClient%2F9.0.40929.0%20%28Windows%29&asid=fdebd23426864aada10ee42c5957265e&ctmode=MultiSession&arch=x64&betaedgever=0.0.0.0&canedgever=0.0.0.0&cdm=1&cdmver=10.0.19041.1023&devedgever=0.0.0.0&devfam=Windows.Desktop&devform=Unknown&devosver=10.0.19045.2006&disphorzres=1280&dispsize=17.1&dispvertres=1024&isu=0&lo=540365&metered=false&nettype=ethernet&npid=sc-338389&oemName=VMware%2C%20Inc.&oemid=Public&ossku=Professional&scmid=Public&smBiosDm=VMware20%2C1&stabedgever=117.0.2045.55&svcmpt=Red&svgtng=2&svtmexp=1699747200&svtmupd=1696486876&tl=2&tsu=540365&waasBldFlt=1&waasCfgExp=1&waasCfgSet=1&waasRetail=1&waasRing=&svoffered=0 HTTP/1.1Accept-Encoding: gzip, deflateX-SDK-CACHE: chs=0&imp=0&chf=0&ds=50543&fs=23594&sc=6X-SDK-HW-TOKEN: t=EwDoAppeBAAUGoFunEzxzyai/T0i5tnZAAR1eX0AAcIzPZ+EeT2WzIHSpHGkHBCmaTLArzWCFlXGdhOVYXRfdBQMT/JC+hAgTYrk6Y7/nxP5c0qir577l0YKja5WlL+LTP36ETcWeOYbBZY1L5ky7piaqx1I2HgDcwXqpaPkf5mfQL7FL8FS+fW1AwY2DAiRBWQFcFGYctrWtSkmjEqCdVW4+q4csZO9ymy5qJFW7J3t8ISyn2nZg6FZEZ/IIvigLWSwdrvnwM0N92DrvSpaxgfbLId7ZYRHVcofEBQE0lpLgEShUDgI4l+/0eM8M9ojfy6HYAUvgqernTjNdVKgTNl0lnpDgNK8GSVGbAkiA8N7aPDvcCiR+htR1IY4PNkQZgAAEG0ng3siKBV6XCtG32V7pz2wAWLS9x0aU6Yk5URb8rn9LAqiy1OFRUsBsUSI5pcH5wGd2Cq5p1+P++C8QITykVdexSdjWL+H8DesVMFDHp5lWvys1VSDeIqiJgnPZGVWHm9uQ5Pt4Zac38sUtADpG5uRyh1CcSv8DabKFZP8Q/Cg7IUyugKsfjaL24HLs0nFhGznFOmJoVrR6obzxVuWrEWJSD9UQ/AfXC7atYyqE7jMTbC0IudZA6J6uceOY7g4Ahh7Fi+OLgWUY4FT7Iqxui8/FAyoL+DyIJkdIRiMTYn7rPpd/liVOntzEiPM4ENz4rQH2G9yrYpfBUXjWhN6Z9WVyz/Ea8lz6buYHftwXnnetj3EkFk/VDOzJ6vVNBvBNnv3QvkMsUCweGCEvwUganP3d9ckyCB4L4ukhZQoYV58z4MzRdgT/H6CDuF38yh/cvKKNqMZQbtzQCQxqxNPDyeiDq2pmR+FY/qtZltVIf3Sf185umCkiC5ul1K5/nhPbqSCetANdMHXa9UTK0tlEGshdHneAI1PSN74/qH5PS3gU6UFVawnDBDewCokhUiy4//C3dDGXbToP3SHlpgLY2gaDtcB&p=Cache-Control: no-cacheMS-CV: IVvf84VHakepegIf.0User-Agent: WindowsShellClient/9.0.40929.0 (Windows)X-SDK-HWF: arm0,arm640,ble0,cmb0,cmf0,cmr0,dcb1,dcc1,dx91,dxa1,dxb1,gyr0,hce0,hdc0,hov0,hsa0,hss1,kbd1,m041,m060,m080,m120,m160,m200,m301,m751,mA01,mct0,mgn0,mic0,mrc0,mse1,mT01,nfc0,rs10,rs20,rs30,rs40,rs50,rs60,tch0,tel0,v |