s3.ap-south-1.amazonaws.com
Open in
urlscan Pro
52.219.66.61
Malicious Activity!
Public Scan
Submission: On May 15 via manual from IN
Summary
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on January 28th 2020. Valid for: a year.
This is the only time s3.ap-south-1.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: eBay (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 52.219.66.61 52.219.66.61 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 1 |
ASN16509 (AMAZON-02, US)
PTR: s3.ap-south-1.amazonaws.com
s3.ap-south-1.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
amazonaws.com
s3.ap-south-1.amazonaws.com |
741 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | s3.ap-south-1.amazonaws.com |
s3.ap-south-1.amazonaws.com
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.ap-south-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-01-28 - 2021-04-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/32321.html
Frame ID: 344C0830FD87BE158084778D70B44F8A
Requests: 8 HTTP requests in this frame
Screenshot
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers server /^AmazonS3$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
32321.html
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/ |
44 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3EDF9735DE00FBD442979.css
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
E872790CC05648AFB6E7D.css
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
128 KB 128 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fxxj3ttftm5ltcqnto1o4baovyl.png
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin-SqTAPx_B.js
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
423 KB 424 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
E872790CC05648AFB6E7D.css
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
128 KB 128 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sgninui-src-static-images-FB-f-Logo__white_29-366f0bd1.png
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
s3.ap-south-1.amazonaws.com/www.ebay.com.sch.9e676257/css/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: eBay (E-commerce)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| $ssgST undefined| dom object| doc object| where object| iframe function| handleParentCallBackForSocial object| $rlookup function| $rset function| $radd function| $rget object| $jscomp object| _checkBoxSelector function| $ function| jQuery object| $rmod object| global object| $_mod function| raptorDefine function| raptorRequire function| define function| require object| raptor object| $i18n function| $ssg object| $MUID object| $components function| Uri function| $uri function| otpSubmit0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s3.ap-south-1.amazonaws.com
52.219.66.61
3524deac29d62cff6f6621c7ae54cf201baae5df878d8975d6ad0e3feeafa821
4c5a5a78690ba0e8421155983e8f3800baff3143aa0f81d087d0f6b3fdd6014b
53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699
a3637dc8682e86e49f6168a9599515c9348b882e265c57b02e41c5e6aab375f8
db8f5ee5a12893546b9436cee3fe18d8945febb90932f3b5b877c8c11f559952