![](/screenshots/21749189-a651-4741-9330-6783923a677e.png)
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
Open in
urlscan Pro
52.95.149.34
Malicious Activity!
Public Scan
Submission: On August 09 via manual from US
Summary
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on January 14th 2021. Valid for: a year.
This is the only time www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 52.95.149.34 52.95.149.34 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 2600:9000:211... 2600:9000:211e:8a00:3:6111:2f00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:828::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 54.216.48.107 54.216.48.107 | 16509 (AMAZON-02) (AMAZON-02) | |
31 | 6 |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
www.access.service.gov.uk |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-48-107.eu-west-1.compute.amazonaws.com
mpsnare.iesnare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
service.gov.uk
www.access.service.gov.uk |
291 KB |
6 |
amazonaws.com
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com |
20 KB |
4 |
iesnare.com
mpsnare.iesnare.com |
23 KB |
3 |
googletagmanager.com
www.googletagmanager.com |
120 KB |
3 |
google-analytics.com
www.google-analytics.com |
19 KB |
31 | 5 |
Domain | Requested by | |
---|---|---|
11 | www.access.service.gov.uk |
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
www.access.service.gov.uk |
6 | www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com |
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
www.access.service.gov.uk |
4 | mpsnare.iesnare.com |
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
|
3 | www.googletagmanager.com |
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
|
3 | www.google-analytics.com |
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
www.google-analytics.com |
31 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.uk |
www.access.service.gov.uk |
www.nationalarchives.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.eu-west-2.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-01-14 - 2022-01-18 |
a year | crt.sh |
access.service.gov.uk Amazon |
2021-01-15 - 2022-02-13 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-07-12 - 2021-10-04 |
3 months | crt.sh |
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA |
2021-04-27 - 2022-05-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/index.htm
Frame ID: A832CE5F77CE33FC84EE3E5C63AE1504
Requests: 31 HTTP requests in this frame
Screenshot
![](/screenshots/21749189-a651-4741-9330-6783923a677e.png)
Detected technologies
Detected patterns
- headers server /^AmazonS3$/i
Detected patterns
- headers server /^AmazonS3$/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: GOV.UK
Search URL Search Domain Scan URL
Title: Accessibility statement
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Privacy notice
Search URL Search Domain Scan URL
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: Open Government Licence v3.0
Search URL Search Domain Scan URL
Title: © Crown copyright
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.htm
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk-frontend.css
www.access.service.gov.uk/assets/stylesheets/ |
128 KB 129 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scp.css
www.access.service.gov.uk/assets/stylesheets/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
js
www.googletagmanager.com/gtag/ |
100 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
js
www.googletagmanager.com/gtag/ |
100 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
js
www.googletagmanager.com/gtag/ |
100 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-start.js
www.access.service.gov.uk/assets/javascripts/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
static_wdp.js
www.access.service.gov.uk/iojsrpv3/general5/ |
39 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wdp.js
mpsnare.iesnare.com/general5/ |
44 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dyn_wdp.js
www.access.service.gov.uk/iojsrpv3/5.4.0/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
www.access.service.gov.uk/iojsrpv3/5.4.0/ |
477 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
mpsnare.iesnare.com/5.4.0/ |
477 B 910 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vr.png
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CData.js
www.access.service.gov.uk/login/assets/javascripts/ |
34 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-reputation.js
www.access.service.gov.uk/login/assets/javascripts/ |
18 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sub.png
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/ |
863 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.js
www.access.service.gov.uk/assets/javascripts/ |
59 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-complete.js
www.access.service.gov.uk/assets/javascripts/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.js
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/iojs/5.4.0/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
light-94a07e06a1-v2.woff2
www.access.service.gov.uk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bold-b542beb274-v2.woff2
www.access.service.gov.uk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
time.mp3
mpsnare.iesnare.com/ |
504 B 881 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
time.mp3
mpsnare.iesnare.com/ |
504 B 881 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
light-f591b13f7d-v2.woff
www.access.service.gov.uk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bold-affa96571d-v2.woff
www.access.service.gov.uk/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
help-with-this-page
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/help/assist/ |
348 B 685 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
web-chat-configuration
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com/help/assist/ |
348 B 685 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk-crest.png
www.access.service.gov.uk/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.access.service.gov.uk
- URL
- https://www.access.service.gov.uk/assets/fonts/light-94a07e06a1-v2.woff2
- Domain
- www.access.service.gov.uk
- URL
- https://www.access.service.gov.uk/assets/fonts/bold-b542beb274-v2.woff2
- Domain
- www.access.service.gov.uk
- URL
- https://www.access.service.gov.uk/assets/fonts/light-f591b13f7d-v2.woff
- Domain
- www.access.service.gov.uk
- URL
- https://www.access.service.gov.uk/assets/fonts/bold-affa96571d-v2.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| forEach object| dataLayer function| sendEvent function| sendEventWithLabel function| sendEventOnClick object| IGLOO function| Fingerprint2 function| Basdf function| onDeviceProfile object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| GOVUKFrontend string| GoogleAnalyticsObject object| gaGlobal object| gaData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mpsnare.iesnare.com
www-access-service-gov-uk-account-details.s3.eu-west-2.amazonaws.com
www.access.service.gov.uk
www.google-analytics.com
www.googletagmanager.com
www.access.service.gov.uk
2600:9000:211e:8a00:3:6111:2f00:93a1
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
52.95.149.34
54.216.48.107
1eb889a0056afde014bc3d573b6462b07ed5f0bd96863e0889885a8c07231633
261dffc5c3c9faab5065e3edc902737d44ed47bf9cebd5bf62917aa34021b7ec
2a9a1ff5e09f2acc2b274a6ff6d6e29777c0949ff63fbd1851df4f454a49a5d8
33453bac8f0d23b43d3e39ace3626267e5e8560b3f502d9ef09b0b68cecf9307
34b835d4ae794c20382e9fbee6b60563951b2175c45d5e0c31910cf7d171be24
3820387aafb295129f967fdfa6058490d026d0f546b80cea2722d4f56cea6cc6
653a4b3745663f19b30ded61dad00805cf91e5e4b969a9b67863abe22e95d0d5
66ebcf9697f45047bd536172aebead8db5a2e7117dcd50ede9b0c07966300c60
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de8586bd2be189d9cf5040f0437766a1e39cd76fc40f8fc7affde1773d09403
7f69d65f217374bfea7ca3c9cd4a09956f8056c37a91edf65d3d7e8c83393e93
85b4c71a68564f6f36c30c3c6817b95a2b164e0f95f4814b906355ae41192bc3
86995d209eb177584f8b0405d783346336bb3ad7acd2c06c4dc574ed0526d25e
8d8d44a78ca96c671df25a0a0e3f9de05a064931da8d6b0c1be035291706fc14
947a463f9f881606668f4ae46dcbfc1869263785613dacf9dd385616de3015d1
9a184c870b25bf7b299f7fb8bd05d7d2d4e3964b581d07dde036f9083ddfd431
ac9d70a6ecf77dc7bb9eb40abe50e020cf98f14986d988f1fcd0a8b0ce0dca72
b5e8ba2157c4d193f5e18f0ed0f48705ed992b5f80293c0b34e56872f69ba0de
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
d20fd04624b05deb1432b6e1d29f23beb84497ce7e0177469a8fdff53f5d14f6
e31924058df0daa2632c283b1cefaebce7b74a432b949d01735468fcbe18ac35
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8b514dcc01cdf1d3e7aea64a8dc5983dcb67f0bb075bfac7173751abe73210f
fe2c3c8f5d3d089bfbc2dcce25c1b5f5afd1bfbc761e0e136b292bb7f6044bad