Phishing Analysis

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Amazon
• Método: Suplantación de identidad a través de una página similar
• Exfil: Desconocido
• Indicadores: Alojamiento gratuito, logo de la marca.
• Riesgo: Alto

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

• atob
• eval
• fromCharCode
• unescape
• hex_escape
• unicode_escape
• base64_strings

🎯 Kit Endpoints

• /gp/video/collection/Musicvideosandconcerts?jic=8%7CEgNhbGw%3D
• /ref=nav_logo
• /gp/video/collection/newandupcoming?jic=8%7CEgNhbGw%3D
• /gp/video/collection/mgForYou?jic=8%7CEgNhbGw%3D
• https://email.aboutamazon.com/l/637851/2020-10-29/pd87g?utm_source=gateway&utm_medium=amazonfooters&utm_campaign=newslettersubscribers&utm_content=amazonnewssignup
• https://logistics.amazon.com/marketing?utm_source=amzn&utm_medium=footer&utm_campaign=home
• /gp/video/collection/Awards?jic=8%7CEgNhbGw%3D
• https://sustainability.aboutamazon.com/?utm_source=gateway&utm_medium=footer&ref_=susty_footer
• /gp/video/collection/primerolatino?jic=8%7CEgNhbGw%3D
• /gp/video/collection/BHM?jic=8%7CEgNhbGw%3D
• /gp/video/collection/AccessibleCollection?jic=8%7CEgNhbGw%3D
• https://www.aboutamazon.com/?utm_source=gateway&utm_medium=footer&token=about
• /?ref_=footer_logo
• /gp/video/collection/inspire-and-uplift?jic=8%7CEgNhbGw%3D

📡 API Calls Detected

• POST
• https://
• /gp/video/acquisition/utilities/monitoring
• GET

📤 Form Action Targets

• get
• /gp/video/search/ref=atv_nb_sug
• /s/ref=nb_sb_noss
• /gp/video/auth-redirect/ref=atv_dp_react_sign_in?signin=1&returnUrl=%2Fgp%2Fvideo%2Fdetail%2FB00S0X4HK8%2Fref%3Datv_dp_react_sign_in_return
• /gp/video/auth-redirect/ref=atv_wl_tog_sign_in
• /gp/video/acquisition/workflow/ref=atv_dp_non_js_pur?workflowType=Core-TVOD&return_url=L2dwL3ZpZGVvL2RldGFpbC9CMDBTMFg0SEs4L3JlZj1hdHZfZHBfbm9uX2pzX3B1cl9yZXQ%3D

Domain Information