![](/screenshots/b842569c-ae9c-4440-a0c9-437fa80d587d.png)
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com
Open in
urlscan Pro
52.219.104.4
Malicious Activity!
Public Scan
Effective URL: http://elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2.html
Submission: On August 30 via manual from GB — Scanned from GB
Summary
This is the only time elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UK Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 52.216.36.72 52.216.36.72 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 52.219.104.4 52.219.104.4 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 2 |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
amazonaws.com
s3.amazonaws.com elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com |
850 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
16 | elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com |
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com
|
1 | s3.amazonaws.com | |
17 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
s3.amazonaws.com Amazon |
2022-04-01 - 2023-03-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2.html
Frame ID: BCA74E5A30EA92FA8608F8FD08D3EDD6
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/b842569c-ae9c-4440-a0c9-437fa80d587d.png)
Page Title
Register your details - Cost of Living PaymentPage URL History Show full URLs
- https://s3.amazonaws.com/relatorios-inoprime/24/RSCHDEL5235.html Page URL
- http://elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2.html Page URL
Detected technologies
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s3.amazonaws.com/relatorios-inoprime/24/RSCHDEL5235.html Page URL
- http://elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
RSCHDEL5235.html
s3.amazonaws.com/relatorios-inoprime/24/ |
165 B 521 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
step2.html
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/ |
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-govuk.02c1e0f5c755799daa22.css
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
54 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-common.05b79b0d9cca8c220a8d.css
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
178 KB 178 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js.download
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
49 KB 50 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js.download
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
149 KB 150 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk_logo_crown_print.1f27d633e8ee5dd6b2dc.png
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.b3968944d81d470d83d2.css
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.19cbfea38844b01d03e1.js.download
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
10 KB 10 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
claimant.def6069b5a0c522fde14.js.download
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/step2_files/ |
381 KB 381 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk_logo_crown.c5ab2acf8e317746f37e.png
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/images/govuk/ |
243 B 243 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GDSTransportWebsite-Light.328f803c1225e3e5a477.woff2
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GDSTransportWebsite-Bold.eb02843dd7cb8b40bfd3.woff2
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open-government-licence.a3af4682908e608fdee1.png
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/images/govuk/ |
243 B 243 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
govuk-crest.403d21ad3e77f2fc321f.png
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/images/govuk/ |
243 B 243 B |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GDSTransportWebsite-Bold.fe13e7cd6a11d8ac1393.woff
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GDSTransportWebsite-Light.ce858125dfcfb3c7f511.woff
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com/paymentgateway/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UK Government (Government)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| gaTagManagerPropertyIdElem string| gaTagManagerPropertyId object| dataLayer object| html5 object| google_tag_data function| ga object| gaplugins function| setImmediate function| clearImmediate object| regeneratorRuntime object| uc object| google_tag_manager0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
elasticbeanstalk-us-east-2-755929794809.s3.amazonaws.com
s3.amazonaws.com
52.216.36.72
52.219.104.4
071bacca390f604a4cec9af5f9c87ac6d9b951365a5e8b7806ef27952c3c0097
0a1955adf4905c2c735df4f2bd6838005029ac81bcf954e3e867c0b086cb8dc4
0ded813a4b1def09ce1b5ce005507d3b04e80a7bb272f0259dc45d177ccccd94
1ec79564fd62f522a8ab158db7b225fc0d1e216c3b64a17c3e8278447a0db5a2
334971dac2aa27b5180da766aa3088f6d98dfc504ff197a83c8fd520e6ccd61f
432666b7c47e6a94638f4743e1e579bab2074f7bdbabf9d7a8142d24047f0767
5bb7ce9cafce26264afb1ad00c851433f2cfd9c75eecae78c870a9ec7ac03d43
78910ec0b2d46b9f4933556ba3d6863ca9bbcbefa8a4c811dce36f7026d04de8
83a12c9d331c99fedf0d8d76e3b079fca3ec3c263be260f2c66a94fa89406ae4
8e6034dcb463cf2080dbf7fa5a843ea6b8bc1383b5e09c98ef84787b4dab36e4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b5f556ebed8090c450bea4d7fc6d09d6b38d03a2407d2dd609273bc216600ddc
d74376b96542eba11147502d425bcecda1e54c8b1fc768b3c667e6dede29b6c3