wizard-offer.s3-website.us-east-2.amazonaws.com
Open in
urlscan Pro
52.219.94.40
Public Scan
Effective URL: http://wizard-offer.s3-website.us-east-2.amazonaws.com/?cid=wpb82ft67pm0b6qm2tvam5ok&name=Test%20offer
Submission Tags: phishing
Submission: On February 22 via api from US — Scanned from DE
Summary
This is the only time wizard-offer.s3-website.us-east-2.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.10 67.199.248.10 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 18.197.88.156 18.197.88.156 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.219.94.40 52.219.94.40 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.219.97.178 52.219.97.178 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-88-156.eu-central-1.compute.amazonaws.com
ensolecarieves.com |
ASN16509 (AMAZON-02, US)
PTR: s3-website.us-east-2.amazonaws.com
wizard-offer.s3-website.us-east-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
wizard-offer.s3.us-east-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
amazonaws.com
wizard-offer.s3-website.us-east-2.amazonaws.com wizard-offer.s3.us-east-2.amazonaws.com |
286 KB |
2 |
ensolecarieves.com
ensolecarieves.com |
2 KB |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 5284 |
255 B |
6 | 3 |
Domain | Requested by | |
---|---|---|
2 | wizard-offer.s3.us-east-2.amazonaws.com |
wizard-offer.s3-website.us-east-2.amazonaws.com
|
2 | wizard-offer.s3-website.us-east-2.amazonaws.com |
wizard-offer.s3-website.us-east-2.amazonaws.com
|
2 | ensolecarieves.com | |
1 | bit.ly | 1 redirects |
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ensolecarieves.com R3 |
2023-02-13 - 2023-05-14 |
3 months | crt.sh |
*.s3.us-east-2.amazonaws.com Amazon |
2022-09-21 - 2023-08-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://wizard-offer.s3-website.us-east-2.amazonaws.com/?cid=wpb82ft67pm0b6qm2tvam5ok&name=Test%20offer
Frame ID: 840F28835CE14B0BF3ED9A72911DC056
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Wizard offerPage URL History Show full URLs
-
https://bit.ly/3KxZebD
HTTP 301
https://ensolecarieves.com/2f3ee54f-b77d-4b46-a2b5-adf11a728b95 Page URL
- https://ensolecarieves.com/redirect?target=BASE64aHR0cDovL3dpemFyZC1vZmZlci5zMy13ZWJzaXRlLnVzLWVhc3QtMi... Page URL
- http://wizard-offer.s3-website.us-east-2.amazonaws.com/?cid=wpb82ft67pm0b6qm2tvam5ok&name=Test%20offer Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3KxZebD
HTTP 301
https://ensolecarieves.com/2f3ee54f-b77d-4b46-a2b5-adf11a728b95 Page URL
- https://ensolecarieves.com/redirect?target=BASE64aHR0cDovL3dpemFyZC1vZmZlci5zMy13ZWJzaXRlLnVzLWVhc3QtMi5hbWF6b25hd3MuY29tLz9jaWQ9d3BiODJmdDY3cG0wYjZxbTJ0dmFtNW9rJm5hbWU9VGVzdCUyMG9mZmVy&ts=1677047445129&hash=9zlcOShJ9b8_g7iNoCxwIpoS_fKXXjhgu5KECNmUqtI&rm=D Page URL
- http://wizard-offer.s3-website.us-east-2.amazonaws.com/?cid=wpb82ft67pm0b6qm2tvam5ok&name=Test%20offer Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/3KxZebD HTTP 301
- https://ensolecarieves.com/2f3ee54f-b77d-4b46-a2b5-adf11a728b95
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
2f3ee54f-b77d-4b46-a2b5-adf11a728b95
ensolecarieves.com/ Redirect Chain
|
518 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect
ensolecarieves.com/ |
360 B 521 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
wizard-offer.s3-website.us-east-2.amazonaws.com/ |
517 B 851 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
wizard-offer.s3-website.us-east-2.amazonaws.com/ |
666 B 999 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
wizard-offer.s3.us-east-2.amazonaws.com/assets/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wizard-offer-bgi.png
wizard-offer.s3.us-east-2.amazonaws.com/assets/ |
249 KB 249 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: n1m6uI-ed0c6f4ed896bb58a2-00V |
|
.ensolecarieves.com/ | Name: 2f3ee54f-b77d-4b46-a2b5-adf11a728b95-v4 Value: ew2vaK72igzx3RxjiNg9-KI3VhSXc5fU1_gwEqUnMe4 |
|
.ensolecarieves.com/ | Name: cc-v4 Value: 7zLmDfkCTsYngHp4GqkgZ4Q3%2Fyn18YTHaR634W0Ukd278aXs2RD6h9GSVFmjW65sfW43ayJecbkqVHdk%2FBE1ouMYhmDDJBPbOLHMJIV1SQ1qzKj4N%2BAWSCVIe%2BS3ix%2FmFkGL%2BFddK6UU5sza8EqTFw%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
ensolecarieves.com
wizard-offer.s3-website.us-east-2.amazonaws.com
wizard-offer.s3.us-east-2.amazonaws.com
18.197.88.156
52.219.94.40
52.219.97.178
67.199.248.10
1420749d4cbbe563d81b06164afbca8380d746d68efab917dc7983612c3ec467
38ae18ede1a6789c9ff051a64f93edb02199768c78e17e0d1e0ce29c1e5dd527
3e1e8164f5c6cdfd1551a477a07d61529b9c3cb9e6d00bb7b011ac3f87ebce23
6cb361478bf84c3ee9561db962064d78719dbfe50626f7ef3616c11afce67ded
9c2c2f639d29d83a9cdc0aacacaa69c277e587998774f8006278ac19d5297520
b5ad7c9a0d73772a3be35c7ca04035260aaf6d00c4811fdf842bd36507a0d0b7