projects-uploaded-files.s3.us-east-2.amazonaws.com
Open in
urlscan Pro
52.219.95.10
Malicious Activity!
Public Scan
Effective URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html
Submission: On November 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 29th 2024. Valid for: a year.
This is the only time projects-uploaded-files.s3.us-east-2.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 52.219.95.10 52.219.95.10 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2600:9000:24f... 2600:9000:24f5:cc00:1d:d7f6:39d3:d9e1 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 3.227.172.72 3.227.172.72 | 14618 (AMAZON-AES) (AMAZON-AES) | |
13 | 3 |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
projects-uploaded-files.s3.us-east-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
images-na.ssl-images-amazon.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-172-72.compute-1.amazonaws.com
fls-na.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 906 |
57 KB |
4 |
amazon.com
fls-na.amazon.com — Cisco Umbrella Rank: 1305 |
643 B |
2 |
amazonaws.com
projects-uploaded-files.s3.us-east-2.amazonaws.com |
9 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
7 | images-na.ssl-images-amazon.com |
projects-uploaded-files.s3.us-east-2.amazonaws.com
images-na.ssl-images-amazon.com |
4 | fls-na.amazon.com |
projects-uploaded-files.s3.us-east-2.amazonaws.com
images-na.ssl-images-amazon.com |
2 | projects-uploaded-files.s3.us-east-2.amazonaws.com | |
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01 |
2024-02-29 - 2025-02-12 |
a year | crt.sh |
images-na.ssl-images-amazon.com DigiCert Global CA G2 |
2024-01-05 - 2024-12-08 |
a year | crt.sh |
fls-na.amazon.com Amazon RSA 2048 M02 |
2024-10-03 - 2025-11-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html
Frame ID: EC6404839D640A355E059EF104E6B5A1
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Amazon.comPage URL History Show full URLs
-
http://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a...
HTTP 307
https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Conditions of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html
HTTP 307
https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html
projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/ Redirect Chain
|
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
165 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csm-captcha-instrumentation.min.js
images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd-script-6d68177fa6061598e9509dc4b5bdd08d.js
images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js
images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ |
7 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js
images-na.ssl-images-amazon.com/images/G/01/AUIClients/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Captcha_crpzbybsdj.jpg
images-na.ssl-images-amazon.com/captcha/fgzpjnun/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
requestId=YAPBHK7EZ3HSDSJT2AQD&js=1
fls-na.amazon.com/1/oc-csi/1/OP/ |
43 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aui_sprite_0007-1x._V383827579_.png
images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
projects-uploaded-files.s3.us-east-2.amazonaws.com/ |
243 B 520 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 164 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
fls-na.amazon.com/1/batch/1/OE/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| ue_t0 object| ue_csm object| ue string| ue_furl string| ue_mid string| ue_sid string| ue_sn string| ue_id object| ue_modules object| cel_widgets string| ue_cel_ns object| ue_err number| ueinit function| ues function| uet function| uex function| onLd function| onLdEnd function| onstop function| ueLogError object| ue_cel object| ue_pdm object| ue_vpm object| ue_fem object| head string| prefix object| elem object| ue_mcm object| ue_mmm object| ue_rpl object| ue_kpm1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
projects-uploaded-files.s3.us-east-2.amazonaws.com/ | Name: csm-sid Value: 666-7260137-1840419 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fls-na.amazon.com
images-na.ssl-images-amazon.com
projects-uploaded-files.s3.us-east-2.amazonaws.com
2600:9000:24f5:cc00:1d:d7f6:39d3:d9e1
3.227.172.72
52.219.95.10
0a7e3153f44d0e51c73dad9fa3034a14446bedbafc38e477915382dd02269123
35cf72b3f65845c32617eb726119bbdd969738b7d62bb760c4381e82ce37ac4a
49ff798368f6e4367d03a44af687d47609ca4608d02b1a099281f88c910cf1aa
508512f4d186563284607daccbe470ee2e6046afd39369373b80e1cbc0021370
5ab7636e9f2e3ad10acc3d81e7ef8bf615504699d42034c041ff9e7c93f178bb
877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042
9b0b7538f23a5e34af7f30e209098f1def66076fde5f7006b5608c78953347aa
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a538a2b295512c2a3b74f63e74047db79140733da941fb0fca2b95a1dfdada37
d508c7a0ac5d06f8cb44cc4349a1b1d38bc37c0922189e121c7027c4a7570562
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855