![](/screenshots/8965c918-61b5-4152-ab22-951ebe3ae282.png)
s3.us-east-2.amazonaws.com
Open in
urlscan Pro
52.219.80.162
Malicious Activity!
Public Scan
Submission: On July 19 via manual from US
Summary
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on February 27th 2018. Valid for: a year.
This is the only time s3.us-east-2.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DocuSign (Online) GDrive and other (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 52.219.80.162 52.219.80.162 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
26 | 2a00:1450:400... 2a00:1450:4001:812::2010 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
38 | 3 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3.us-east-2.amazonaws.com
s3.us-east-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
googleapis.com
storage.googleapis.com |
376 KB |
1 |
amazonaws.com
s3.us-east-2.amazonaws.com |
46 KB |
0 |
msocdn.com
Failed
prod.msocdn.com Failed |
|
38 | 3 |
Domain | Requested by | |
---|---|---|
26 | storage.googleapis.com |
s3.us-east-2.amazonaws.com
storage.googleapis.com |
1 | s3.us-east-2.amazonaws.com | |
0 | prod.msocdn.com Failed |
s3.us-east-2.amazonaws.com
storage.googleapis.com |
38 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
portal.office.com |
g.microsoftonline.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2 |
2018-02-27 - 2019-04-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://s3.us-east-2.amazonaws.com/generation.escow.lkrokuakp883p91v0cyn/x1fhVijse2L9Ev9XDDyeHdvGBxMwUWRJll4Q3CID/swpfvPlLJnIW8dse7r6paSf1YsfJZFIeuco6h5Xu/HE5kJlhbpSICLyYjXezb.html
Frame ID: 9EF589C956C48B23DBB2048089A30D79
Requests: 38 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Feedback
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
HE5kJlhbpSICLyYjXezb.html
s3.us-east-2.amazonaws.com/generation.escow.lkrokuakp883p91v0cyn/x1fhVijse2L9Ev9XDDyeHdvGBxMwUWRJll4Q3CID/swpfvPlLJnIW8dse7r6paSf1YsfJZFIeuco6h5Xu/ |
46 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
HOiJ4OfDtTq3xHxrI7dUD5HHIeBh2UBRlx0QKBdW.css
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
6qL4ibPwNS4b8SVfgKIiBSAyOGSbnSd065dkUpPR.css
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
2T5zERiimo7uDlXjbaztMBJkE9JZ5VJ83SyqWWS9.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
qQlIZYpStXMnL4v0kK6tiGfts71PxMLZeJm0RXcY.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
JNU4BLCww9ARAr4F17f8fSOkpEhSzFj6ylPY3GXa.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
UGmSTMDRsgNsGeyPjRs6tXktbvgWzSwOD5fg6MOJ.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
HBpEWNlfpNyxBiGGoM5Oyxz1sjpkonUMCCAE2ZdT.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
90 KB 90 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
MasterStyles15MVC.css
storage.googleapis.com/documenyfortown/2018/css/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
6UxNTTQB7tpMGLg25hSqLeZqG0WXZntL8G1zXEGm.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
shellg2corecss_11377998.css
storage.googleapis.com/documenyfortown/2018/css/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
azmy9mrV0LwXlhKjDVGupCvxl0YEqnt63Pk65qLC.css
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
14 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
shellg2pluscss_baae2042.css
storage.googleapis.com/documenyfortown/2018/css/ |
0 0 |
Stylesheet
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
zCg6KwRy9WQ3UW9MkaUT8oOPx9GsZBLDOjDSmdML.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
OwJbpoHCcB6RUKKDqi42cAMYVy4In7DZxdSJ4ocZ.png
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
mnUbbnMNfZ00LY8kono5Zv2z764p4ap1HtmzWLET.js
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
93 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nA3TjtgokQVmIG6sUSARJ4GkB1BrSqm7F9WjnF6i.js
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
MuWUablHgkNCs4OHGGCzUNTMTAb7rrFNY2VLiVig.js
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
76 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
8NQnhQpikXWgTU4aZCgrWHjfPQX569DL9FLfCj29.js
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
20 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
social_auth_providers.png
storage.googleapis.com/documenyfortown/2018/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
home_bkgd_1.png
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
0 445 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
office365icons.woff
storage.googleapis.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Light-final.woff
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-SemiLight-final.woff
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Regular-final.woff
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
nzYn08N1wWqOaVXzxLMOUTuhXuJUbLopSL90poC1.woff
storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET S |
Vlh3nUtzWdXCOXC1Iwu90Ibyn9j943OfkFP499GV.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
922 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
zQ2ZrMDfXT4OaCCkdWxiHruhCA2UJBsA8JlpoEHo.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nEU5nBOJtchEG5rdyGmCdgwvCv4A4OkT8EKEuQVy.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
N9sN73LYSIUodTjukSsiKZlfzHriFnvfEvhdjEBH.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
517 B 776 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
Yx7Sm3T2dP2a5TaPvPz770feUkCaXMXzTLuT5CR7.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
CiY3IBcXWyQ6fcejvTJiZKoCojUrFmRf33wQNqNo.png
storage.googleapis.com/56gdffxjg6wdob0pngdvfwzyfhbw1tnm6bwjyqb1/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-SemiLight-final.ttf
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Regular-final.ttf
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
office365icons.ttf
storage.googleapis.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
shellwofficons_f991c945.woff
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
shellttficons_9739c58c.ttf
storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SegoeUI-Light-final.ttf
prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.woff?
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Light-final.woff
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-SemiLight-final.woff
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Regular-final.woff
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/wristbeactingcrazy/Kw10dXHx2vdRqAOpSXV8%20h2bgLvThkmYlrA0ryK9z/nzYn08N1wWqOaVXzxLMOUTuhXuJUbLopSL90poC1.woff
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-SemiLight-final.ttf
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Regular-final.ttf
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/16.00.1279.006/en-US/css/Fabric/0.10.3/fonts/office365icons.ttf?
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/shellwofficons_f991c945.woff
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/mmqz7gp5f9etlruvk5h2x5m9xtfwolm6pxxp0ixf/shellttficons_9739c58c.ttf
- Domain
- prod.msocdn.com
- URL
- https://prod.msocdn.com/16.00.1279.006/en-US/css/webfonts/SegoeUI-Light-final.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DocuSign (Online) GDrive and other (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| Spry object| sprypassword1 object| sprytextfield10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
prod.msocdn.com
s3.us-east-2.amazonaws.com
storage.googleapis.com
prod.msocdn.com
storage.googleapis.com
2a00:1450:4001:812::2010
52.219.80.162
0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468
0e95cbf733f41b43a1e2716643ad7ea8cd5fdfcb2eee2d038f4618c579bcaff7
1b5fe12e21a9d8ff78e007ecf9fa5a819947dc3e6ba7a0ca4951760d1c006adf
1e433631dd88e2b7c65a36d80acd0134287a5b6effc8a68a6a3f8bfe619928d1
23d0712c0ed03b1f4636061df39f42471c13e811d5373ff7875a9b7821743be1
3b20a0c711b489bf56697cc5bc20cbc05b15fa6f4548a2cf83f217c81b3ab948
3df1b7719a1aa90d70ae337b76b6253b01ede9afa038b290498c3abf4ab54027
5e42af64c119b81af72d1f2e232a0f44e79c0950bcc3dcb8d4eaa1c6bd7cce1d
69e875128adeedbc8aa1221b7ebffb20b484685964f4ab9a9772ce2146e52d48
6c519b7788593316c4ebd54d26e2fcdda5e20bd7d6ed59d6e3ea2078bf5ac308
7203ea431e00ea57bbbeef3d0d86e71660c6cf089ed83f7c9bda8d3c7f15cea8
73b1ce58fa539aab1d6d1424607c5ff60fc5e2f2c0becd3a776f7f4f8f3664b0
8a1687e9cc74a616cd14fcb8dac9bc3d901765d7d4d9644183b406f4a0cc155d
970882d4a7e6a84819f31de8d238cb3ada20bf0a4ea307b45bf44988bbfc4602
a79d12b1ece73120a07168f3a409515e43736055e7d40a9daf4f8d619e417a0b
a8b6798721ae62801a74027daff7b0d4f0d10034cb46bc492fc995553c598c92
c7b07a0440ecfbd1f32110a6a5c7e92ecfe0200a65ba5fdd5660a98cf2294c09
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dd3d2eb577e0976c6c3bb2a597839a4b50019e6f34767d692b371aa6a87dd7
e87010b14aca80b1c1f3f2efec982d906303e81f618b7d27dc2fdf281ba44757
ee63a0504d463e639fd21abb1a96d909f530d309b679e6ab953155cf58f07a84
fa2776137cbda7fb85aaa56be710f14e5d3d18e231756cfbe283a2938e7d6620
fc38767c5270e458fa2433d18b22354752e1d7173d7f0a21e4f4b13e0aae5b33