![](/screenshots/361a66a6-f9da-4f0e-806d-cff6af1efa42.png)
s3.ap-northeast-3.amazonaws.com
Open in
urlscan Pro
52.95.183.45
Malicious Activity!
Public Scan
Submission: On March 28 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on December 22nd 2023. Valid for: a year.
This is the only time s3.ap-northeast-3.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 52.95.183.45 52.95.183.45 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2404:6800:400... 2404:6800:4004:81e::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.67.208.186 172.67.208.186 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 5 |
ASN16509 (AMAZON-02, US)
PTR: s3.ap-northeast-3.amazonaws.com
s3.ap-northeast-3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
amazonaws.com
s3.ap-northeast-3.amazonaws.com |
1 MB |
1 |
userstatics.com
userstatics.com — Cisco Umbrella Rank: 153582 |
643 B |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34 |
256 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
100 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
24 | s3.ap-northeast-3.amazonaws.com |
s3.ap-northeast-3.amazonaws.com
|
1 | userstatics.com |
s3.ap-northeast-3.amazonaws.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
s3.ap-northeast-3.amazonaws.com
|
27 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.ap-northeast-3.amazonaws.com Amazon RSA 2048 M01 |
2023-12-22 - 2024-12-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
userstatics.com E1 |
2024-01-29 - 2024-04-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/index.html
Frame ID: 5DC189A0F4196C0426944FE1AC67E964
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/361a66a6-f9da-4f0e-806d-cff6af1efa42.png)
Page Title
システムセキュリティDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/ |
39 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tapa.css
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/css/ |
20 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/css/ |
216 KB 216 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/js/ |
83 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/js/ |
59 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
emojione.min.js
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/js/ |
295 KB 296 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.compat.js
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f24.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
244 KB 244 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mnc.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
187 B 581 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
168 B 562 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
364 B 758 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vsc.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
722 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bel.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
276 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dm.png
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
re.gif
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/images/ |
14 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
297 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
349 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beep.mp3
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/media/ |
8 KB 9 KB |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jp.mp3
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/media/ |
96 KB 0 |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
s3.ap-northeast-3.amazonaws.com/ |
349 B 667 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 256 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w3
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/ |
0 402 B |
Other
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
userstatics.com/get/ |
133 B 643 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w3.html
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/ |
243 B 520 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w1.html
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/ |
243 B 520 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
181 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w3.html
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/ |
243 B 520 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w1.html
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04/ |
243 B 520 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| $ function| jQuery object| bootstrap function| chat function| showd2 object| modal object| btn undefined| span function| beep1 number| e number| isNS function| mischandler function| mousehandler function| win_onkeydown_handler function| addEvent function| gtag object| dataLayer object| emojione function| plausible object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
s3.ap-northeast-3.amazonaws.com/2a0r1.0r0r1-pc-locked-up-err0r-0x202x0122/ErW0ind0SmW0Security04 | Name: PHPREFS Value: full |
|
.amazonaws.com/ | Name: _ga_1M4S24RWTF Value: GS1.1.1711612882.1.0.1711612882.0.0.0 |
|
.amazonaws.com/ | Name: _ga Value: GA1.1.405256807.1711612882 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s3.ap-northeast-3.amazonaws.com
userstatics.com
www.google-analytics.com
www.googletagmanager.com
172.67.208.186
2404:6800:4004:80b::200e
2404:6800:4004:81e::2008
52.95.183.45
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
1d7bf0274e1af305049264ef2fc63865877f1a9b82a62b917a5c06d2a3d21e79
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
426eec34428ca37958c3697503680648f7d9658ae0fe6300e80ddc17797ceb85
436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
542811a30e54b71893378ca38b1d61d9edf0d7690c74f295de678f35d724def5
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d
8800cc8f729a63f3b3867bcb8a40316734c3c4d9993fc9d983b76679c9fabe41
894b01775217b76dd0159336e0255ec8c870ee27d488916a4ba414a3869addec
8d230724c915ed0aa4826c22fd60d275859f5238de908bfda3a410ec3a920259
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
a730edcd4b908800a016ce50d04448e5b459d6a48a8a0ef3bcaa8de0f9ae8b35
a7456fc87a6c4f97c805cbc27e18114e05d14d7d09ac85fc9fb559658bdba6e1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
c7934f219d907354ae8e6387a5d1ee52f6eed412a956ee1fdcacfcc43f96e08a
ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f58d3c255603ef8b7b5f52aa1b12302712616092a29c5045ea6f60e5749c0a7b
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fa0ce18c1882fbdf4d71d3d73275503cb2dada1d6a69b2818ac74b995514ed20