![](/screenshots/b003fd2a-6e1b-4395-87c4-13ef72af41ab.png)
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com
Open in
urlscan Pro
18.165.98.45
Malicious Activity!
Public Scan
Effective URL: https://8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/index.html?phone=+1-844-200-1340
Submission: On May 01 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on May 1st 2024. Valid for: a year.
This is the only time 8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 18.165.98.45 18.165.98.45 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 185.93.1.244 185.93.1.244 | 60068 (CDN77 _) (CDN77 _) | |
23 | 2 |
ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-45.iad55.r.cloudfront.net
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com |
ASN60068 (CDN77 _, GB)
PTR: 185-93-1-244.bunnyinfra.net
plausible.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
amplifyapp.com
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com |
682 KB |
3 |
plausible.io
plausible.io — Cisco Umbrella Rank: 9772 |
2 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
20 | 8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com |
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com
|
3 | plausible.io |
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com
plausible.io |
23 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.d3qdqt6tx4j73j.amplifyapp.com Amazon RSA 2048 M02 |
2024-05-01 - 2025-05-30 |
a year | crt.sh |
plausible.io R3 |
2024-04-23 - 2024-07-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/index.html?phone=+1-844-200-1340
Frame ID: D439007136241889B8A0EEE548D99FC1
Requests: 23 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
154tapa.css
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.4.4.min.js
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/code.jquery.com/ |
77 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
plausible.io/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
452 KB 453 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mnc.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
187 B 562 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
msmm.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
168 B 463 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bx.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vsc.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
722 B 1015 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
prgrs.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bx1.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bx12.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
58 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dm.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
332 B 626 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cs.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
re.gif
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
14 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
154nvidia.js
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
154jupiter.js
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
503 B 797 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
154jscode.js
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
1 KB 826 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Fm7-alert.wav
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
288 KB 0 |
Media
audio/wave |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
plausible.io/api/ |
2 B 518 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
plausible.io/api/ |
2 B 519 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ai2.mp3
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
0 211 B |
Media
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
msmm.png
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com/Wi0n0Err0Chtpr00010/ |
168 B 284 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| t function| jkdhasjkhdgwqhgehkqgweyuodq string| bcda function| toggleFullScreen function| addEvent function| getQueryParam function| plausible0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8iuyagd87.d3qdqt6tx4j73j.amplifyapp.com
plausible.io
18.165.98.45
185.93.1.244
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272dacb99e8bba5bb2d9202883cb687c5a3b8cd1c71d940df619ae886eb6eddf
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
5358185ace95907142b29b4c4678a7d264a9c615ccb51615e53eeffc36ab25b4
76260d9cdd9f476d56805b75a8d6628af15b38744daa39d96bfec6f745e6bb98
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886
a82c404e5462cf0653a9a7042d1b93e21c15251bb85381cb199a6ed8d75c0542
b1a5978232e5bad9d779ec449bbbb365e393a818d44dae1a38c97bad79ada48f
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
c5157e2d9584db49d0216a46cfc73ff858279218b8f902f1d077801bb0b637e3
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
cb90abac831be0eac558fafab09194485de6bfe7fb78b68da72b5929df4ec534
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855