projects-uploaded-files.s3.us-east-2.amazonaws.com Open in urlscan Pro
3.5.128.121 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html
Submission: On November 07 via automatic, source openphish (November 7th 2024, 1:21:16 pm UTC) — Scanned from US

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 3.5.128.121, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is projects-uploaded-files.s3.us-east-2.amazonaws.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 29th 2024. Valid for: a year.

This is the only time projects-uploaded-files.s3.us-east-2.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	3.5.128.121 3.5.128.121	16509 (AMAZON-02) (AMAZON-02)
7	18.238.76.234 18.238.76.234	16509 (AMAZON-02) (AMAZON-02)
3	3.213.65.38 3.213.65.38	14618 (AMAZON-AES) (AMAZON-AES)
12	3

2 3.5.128.121 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

projects-uploaded-files.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.238.76.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-76-234.jfk52.r.cloudfront.net

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.213.65.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-65-38.compute-1.amazonaws.com

fls-na.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 906	61 KB
3	amazon.com fls-na.amazon.com — Cisco Umbrella Rank: 1305	480 B
2	amazonaws.com projects-uploaded-files.s3.us-east-2.amazonaws.com	9 KB
12	3

	Domain	Requested by
7	images-na.ssl-images-amazon.com	projects-uploaded-files.s3.us-east-2.amazonaws.com images-na.ssl-images-amazon.com
3	fls-na.amazon.com	projects-uploaded-files.s3.us-east-2.amazonaws.com images-na.ssl-images-amazon.com
2	projects-uploaded-files.s3.us-east-2.amazonaws.com
12	3

This site contains links to these domains. Also see Links.

Domain
www.amazon.com

Subject Issuer	Validity	Valid
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-01-05` - `2024-12-08`	a year	crt.sh
fls-na.amazon.com Amazon RSA 2048 M02	`2024-10-03` - `2025-11-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html
Frame ID: 401FF396E7AACE6A60788710491DAD53
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon.com

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

71 kB
Transfer

225 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/gp/help/customer/display.html/ref=footer_cou?ie=UTF8&nodeId=508088
Title: Conditions of Use

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=468496
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Show response projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/	8 KB 8 KB	418ms 117ms	Document text/html	3.5.128.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.128.121 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash `508512f4d186563284607daccbe470ee2e6046afd39369373b80e1cbc0021370` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Content-Length 8043 Content-Type text/html Date Thu, 07 Nov 2024 13:21:12 GMT ETag "9a1a95c0c3bb1331551187c83eddf126" Last-Modified Tue, 05 Nov 2024 15:01:41 GMT Server AmazonS3 x-amz-id-2 KonKpvm1CEWAKH/EseR/DHSawWnBwKakmel9J2jU8RDR1F/9gLnDLcBm0jqNZ1w/wh2Em2al8KkqwqihD2SDOQ== x-amz-request-id ZT1HZEPM9THHK3NZ x-amz-server-side-encryption AES256 x-amz-version-id lLB7O.WJK.jtKtGcrlcT_TTNyj5eshdj
GET H2	200	AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css images-na.ssl-images-amazon.com/images/G/01/AUIClients/	165 KB 23 KB	561ms 161ms	Stylesheet text/css	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `5ab7636e9f2e3ad10acc3d81e7ef8bf615504699d42034c041ff9e7c93f178bb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amz-ir-id 694a8401-ccb6-486a-90df-0f136871c3af surrogate-key x-cache-650 /images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min content-encoding gzip age 4043253 expires Tue, 07 Jun 2044 05:08:11 GMT alt-svc h3=":443"; ma=86400 server-timing provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id VaKTcEr6JxANGe8UogJXnsS0x9S0HfpTjgOqyJ4KbkkU8OaOYU4PuA== date Wed, 12 Jun 2024 05:08:11 GMT content-type text/css last-modified Wed, 17 Jul 2013 22:49:32 GMT x-nginx-cache-status HIT edge-cache-tag x-cache-650,/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min cache-control max-age=630720000,public timing-allow-origin https://www.amazon.com via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop JFK52-P5 server Server
GET H2	200	csm-captcha-instrumentation.min.js Show response images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/	2 KB 2 KB	577ms 177ms	Script application/x-javascript	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/csm-captcha-instrumentation.min.js Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `35cf72b3f65845c32617eb726119bbdd969738b7d62bb760c4381e82ce37ac4a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amz-ir-id 0e602a81-5416-48b1-baf3-9e60755a3150 surrogate-key x-cache-596 /images/G/01/csminstrumentation/csm-captcha-instrumentation.min content-encoding gzip age 17692 expires Fri, 08 Nov 2024 06:15:20 GMT alt-svc h3=":443"; ma=86400 server-timing provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id NDOzY4poecKrBSKsQw35xDSXUQ86GHZQdKf9jZwlkxVzlkMtbku2jA== date Thu, 07 Nov 2024 10:58:46 GMT content-type application/x-javascript vary Accept-Encoding x-nginx-cache-status HIT last-modified Mon, 12 Oct 2015 09:22:39 GMT edge-cache-tag x-cache-596,/images/G/01/csminstrumentation/csm-captcha-instrumentation.min cache-control max-age=86400,public timing-allow-origin https://www.amazon.com via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop JFK52-P5 server Server
GET H2	200	rd-script-6d68177fa6061598e9509dc4b5bdd08d.js Show response images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/	2 KB 1 KB	572ms 172ms	Script application/x-javascript	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d.js Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `0a7e3153f44d0e51c73dad9fa3034a14446bedbafc38e477915382dd02269123` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amz-ir-id 8d01171a-d805-4870-990f-3be971c23b14 surrogate-key x-cache-664 /images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d content-encoding gzip age 23774 expires Thu, 12 Sep 2024 02:58:16 GMT alt-svc h3=":443"; ma=86400 server-timing provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id 0qoDlP0hokcs0QpjAgmCdALIOv3kZ1VT_9nCU9xuogGPlYSAd8NTvQ== date Thu, 07 Nov 2024 10:58:46 GMT content-type application/x-javascript vary Accept-Encoding x-nginx-cache-status HIT last-modified Fri, 20 Mar 2020 12:31:03 GMT edge-cache-tag x-cache-664,/images/G/01/csminstrumentation/rd-script-6d68177fa6061598e9509dc4b5bdd08d cache-control max-age=86400,public timing-allow-origin https://www.amazon.com via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop JFK52-P5 server Server
GET H2	200	ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js Show response images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/	7 KB 4 KB	580ms 180ms	Script application/x-javascript	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1._V313498596_.js Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `a538a2b295512c2a3b74f63e74047db79140733da941fb0fca2b95a1dfdada37` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amz-ir-id 54852007-44b6-4c89-a8fb-dfdc707ada3a surrogate-key x-cache-762 /images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1 content-encoding br age 3974431 expires Fri, 20 May 2044 04:11:45 GMT alt-svc h3=":443"; ma=86400 server-timing cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="1xMqSno2QNSrUzO8ktH-nZ4bQraWma8SMbphqbG37bwRUMlbqzHTCQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2,provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id 1xMqSno2QNSrUzO8ktH-nZ4bQraWma8SMbphqbG37bwRUMlbqzHTCQ== date Sat, 25 May 2024 04:11:45 GMT content-type application/x-javascript last-modified Wed, 26 Aug 2015 14:52:49 GMT x-nginx-cache-status HIT edge-cache-tag x-cache-762,/images/G/01/csminstrumentation/ue-base-1c399ad9886cab69575e1e5ee15c61a1 cache-control max-age=630720000,public timing-allow-origin https://www.amazon.com via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop JFK52-P5 server Server
GET H2	200	ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js Show response images-na.ssl-images-amazon.com/images/G/01/AUIClients/	19 KB 8 KB	590ms 191ms	Script application/x-javascript	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amz-ir-id 227e3a7a-d22d-49e4-812f-ba82f1ad2878 surrogate-key x-cache-333 /images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-s content-encoding br age 5015297 expires Mon, 08 Aug 2044 03:29:55 GMT alt-svc h3=":443"; ma=86400 server-timing provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id vRC-Ng-eHlmxiy307crgx77Dj1FjleiUge7NSAOtaM_Qbe9vLOZSVA== date Tue, 13 Aug 2024 03:29:55 GMT content-type application/x-javascript last-modified Thu, 01 Oct 2015 10:17:43 GMT x-nginx-cache-status HIT edge-cache-tag x-cache-333,/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-s cache-control max-age=630720000,public timing-allow-origin https://www.amazon.com via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop JFK52-P5 server Server
GET H2	200	Captcha_crpzbybsdj.jpg images-na.ssl-images-amazon.com/captcha/fgzpjnun/	6 KB 7 KB	601ms 202ms	Image image/jpeg	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/captcha/fgzpjnun/Captcha_crpzbybsdj.jpg Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `d508c7a0ac5d06f8cb44cc4349a1b1d38bc37c0922189e121c7027c4a7570562` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amz-ir-id f88158af-2573-4240-be2d-c53a3d12f6aa surrogate-key x-cache-575 /captcha/fgzpjnun/Captcha_crpzbybsdj age 4742 alt-svc h3=":443"; ma=86400 server-timing provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id 50HiY6E2k_kBSUVNs-AvfistrN6OOlmmJPYgONzGGNsUP1_VM4oABQ== date Thu, 07 Nov 2024 13:21:12 GMT content-type image/jpeg vary Accept-Encoding x-nginx-cache-status HIT last-modified Wed, 08 Feb 2012 17:13:46 GMT edge-cache-tag x-cache-575,/captcha/fgzpjnun/Captcha_crpzbybsdj via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 6156 x-amz-cf-pop JFK52-P5 server Server
GET H2	200	requestId=YAPBHK7EZ3HSDSJT2AQD&js=1 fls-na.amazon.com/1/oc-csi/1/OP/	43 B 150 B	385ms 105ms	Image image/gif	3.213.65.38 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://fls-na.amazon.com/1/oc-csi/1/OP/requestId=YAPBHK7EZ3HSDSJT2AQD&js=1 Requested by Host: projects-uploaded-files.s3.us-east-2.amazonaws.com URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.65.38 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-65-38.compute-1.amazonaws.com Software / Resource Hash `a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amzn-requestid f21e3ade-1ff3-4dc6-8f44-7bf3acb0c686 content-length 43 date Thu, 07 Nov 2024 13:21:12 GMT content-type image/gif
GET H2	200	aui_sprite_0007-1x._V383827579_.png images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/	17 KB 17 KB	116ms 115ms	Image image/png	18.238.76.234 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0007-1x._V383827579_.png Requested by Host: images-na.ssl-images-amazon.com URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.76.234 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-76-234.jfk52.r.cloudfront.net Software Server / Resource Hash `49ff798368f6e4367d03a44af687d47609ca4608d02b1a099281f88c910cf1aa` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/AmazonUI-3c913031596ca78a3768f4e934b1cc02ce238101.secure.min._V1_.css Response headers x-amz-ir-id 6e745ccc-1f9b-4b33-8df9-faceea56864a surrogate-key x-cache-685 /images/G/01/amazonui/sprites/aui_sprite_0007-1x age 4308225 expires Sun, 11 Sep 2044 11:47:09 GMT alt-svc h3=":443"; ma=86400 server-timing provider;desc="cf" x-cache Hit from cloudfront x-amz-cf-id y_liirzeboWfXFcHC6GTB8-xdm-Tc_ydE5BKVO0DnnNqx3AjN91TmA== date Mon, 16 Sep 2024 11:47:09 GMT content-type image/png last-modified Wed, 15 May 2013 01:55:34 GMT x-nginx-cache-status HIT edge-cache-tag x-cache-685,/images/G/01/amazonui/sprites/aui_sprite_0007-1x cache-control max-age=630720000,public timing-allow-origin https://www.amazon.com via 1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 16972 x-amz-cf-pop JFK52-P5 server Server
GET H/1.1	403 Forbidden	favicon.ico projects-uploaded-files.s3.us-east-2.amazonaws.com/	255 B 544 B	106ms 106ms	Other application/xml	3.5.128.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://projects-uploaded-files.s3.us-east-2.amazonaws.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.128.121 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash `2dac48245259e2aea16a3d51d5b2e5f459de7238382d93eade06edb33edfbe1f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/production/extension-captured-files/tab-html-75bd49ab-92b4-4f93-bb05-641740a2ae01.html Response headers Transfer-Encoding chunked x-amz-request-id 8QM15877AKR4PM66 Date Thu, 07 Nov 2024 13:21:12 GMT Content-Type application/xml Server AmazonS3 x-amz-id-2 m2mwd2dosJY9IptDkgiMf/nDJZCuriZ6Z7jUEMMEjtXE1NrE1sdSBxeh0RNShtmeP0CVmXImMnYqa/FUxCf+BQ==
POST H2	204	/ fls-na.amazon.com/1/batch/1/OE/	0 165 B	109ms 107ms	Ping text/plain	3.213.65.38 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fls-na.amazon.com/1/batch/1/OE/ Requested by Host: images-na.ssl-images-amazon.com URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.65.38 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-65-38.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amzn-requestid 19416dfd-ca98-4b00-87a5-3133a10512a9 access-control-allow-origin * access-control-expose-headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date date Thu, 07 Nov 2024 13:21:13 GMT
POST H2	204	/ fls-na.amazon.com/1/batch/1/OE/	0 165 B	170ms 164ms	Ping text/plain	3.213.65.38 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fls-na.amazon.com/1/batch/1/OE/ Requested by Host: images-na.ssl-images-amazon.com URL: https://images-na.ssl-images-amazon.com/images/G/01/AUIClients/ClientSideMetricsAUIJavascript-51171fbdd28e1a7a61e922e8f0272af8bc74d37b.secure.variant-desktop-session-snapshot-keypress.min._V2_.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.213.65.38 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-213-65-38.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://projects-uploaded-files.s3.us-east-2.amazonaws.com/ Response headers x-amzn-requestid 80bb46aa-b461-4c22-96a7-954426af05fb access-control-allow-origin * access-control-expose-headers x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date date Thu, 07 Nov 2024 13:21:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			projects-uploaded-files.s3.us-east-2.amazonaws.com/	1970-01-21 01:29:12	Name: csm-sid Value: 651-0095783-5343660

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://projects-uploaded-files.s3.us-east-2.amazonaws.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fls-na.amazon.com
images-na.ssl-images-amazon.com
projects-uploaded-files.s3.us-east-2.amazonaws.com
18.238.76.234
3.213.65.38
3.5.128.121
0a7e3153f44d0e51c73dad9fa3034a14446bedbafc38e477915382dd02269123
2dac48245259e2aea16a3d51d5b2e5f459de7238382d93eade06edb33edfbe1f
35cf72b3f65845c32617eb726119bbdd969738b7d62bb760c4381e82ce37ac4a
49ff798368f6e4367d03a44af687d47609ca4608d02b1a099281f88c910cf1aa
508512f4d186563284607daccbe470ee2e6046afd39369373b80e1cbc0021370
5ab7636e9f2e3ad10acc3d81e7ef8bf615504699d42034c041ff9e7c93f178bb
877c2c2a2da0a1a6c0ad0d7ac8071046a1d726e5ab9c63509e3786b8c8ec5042
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a538a2b295512c2a3b74f63e74047db79140733da941fb0fca2b95a1dfdada37
d508c7a0ac5d06f8cb44cc4349a1b1d38bc37c0922189e121c7027c4a7570562
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

projects-uploaded-files.s3.us-east-2.amazonaws.com Open in urlscan Pro 3.5.128.121 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

71 kBTransfer

225 kBSize

1 Cookies

2 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

31 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

projects-uploaded-files.s3.us-east-2.amazonaws.com Open in urlscan Pro
3.5.128.121 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

71 kB
Transfer

225 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!