a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com
Open in
urlscan Pro
3.5.151.153
Malicious Activity!
Public Scan
Submission: On October 26 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
30 | 3.5.151.153 3.5.151.153 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2404:6800:400... 2404:6800:4004:818::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:818::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:820::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.21.56.41 104.21.56.41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
35 | 6 |
ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
amazonaws.com
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com |
1 MB |
1 |
cdnstat.net
cdnstat.net — Cisco Umbrella Rank: 293386 |
715 B |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
276 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49 |
2 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
91 KB |
35 | 6 |
Domain | Requested by | |
---|---|---|
30 | a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com |
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com
|
1 | cdnstat.net |
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com
|
1 | www.googletagmanager.com |
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com
|
35 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-28 - 2023-12-21 |
3 months | crt.sh |
cdnstat.net E1 |
2023-09-18 - 2023-12-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/dyna01_tf0n.html?ph0ne=010-1-650-5401-022
Frame ID: 6036C0CFC74250F706E53C5830FD39BE
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
セキュリティセンターコード0x268d3サービスDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
dyna01_tf0n.html
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/ |
39 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
272 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/css/ |
205 KB 205 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
34 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/css/ |
20 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat2.css
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7a-bg.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
537 KB 537 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg2.jpeg
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
358 KB 359 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
minimize.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setting.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
364 B 770 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
que.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
349 B 755 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
virus-scan.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
def.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cross.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new-img.png
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.min.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.bundle.min.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
82 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fullscreen.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
152 B 571 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
before.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
205 B 624 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light.js
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/js/ |
339 B 758 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 276 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0wa0rni0ng0.mp3
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/media/ |
2 KB 3 KB |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Fm7-alert.mp3
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/media/ |
189 KB 0 |
Media
audio/mp3 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alertmicrosoft.mp3
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/ |
255 B 544 B |
Media
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
cdnstat.net/get/ |
129 B 715 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.ttf
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/fonts/ |
0 0 |
Font
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery function| getVariableFromURl string| phone string| ph0ne object| html5 object| Modernizr object| bootstrap function| addEvent object| modal object| btn undefined| span3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.amazonaws.com/ | Name: _ga Value: GA1.1.173564534.1698296920 |
|
.amazonaws.com/ | Name: _ga_5178NGPW6Z Value: GS1.1.1698296920.1.0.1698296920.0.0.0 |
|
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com/ | Name: PHPREFS Value: full |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a12jpp0rn060-80.s3.ap-southeast-1.amazonaws.com
cdnstat.net
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
104.21.56.41
2404:6800:4004:80b::2003
2404:6800:4004:818::2008
2404:6800:4004:818::200a
2404:6800:4004:820::200e
3.5.151.153
10a99594267aa4bd3ea83586bbc93bea00f127ac756526763bdf856b437e413c
13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea
1a0a593283261b954911178dcaaeb7fdef4fe19a6f71985520696a8842851e12
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
383ced00251e7c1358ca47c6241711d31e3c6b207ae312de4bb89fb5e8a079f1
40dd8a184408b9c6f376673ffd39c74611f4ef9ff0a1daa8b3760015d801883d
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
466835ef2d6f0f0bfddafa405154702e36a5588f69684dd3b6642f9013eb778b
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
759e84c51eb75e42fa6710d794e09e45ec85351fda8eb65c25fbee5ccb545e6d
770e7aa00b8f8ce2709616b0931d44ee479b2bc25283e78085741d1c0dd94b14
8fe45bb754321fc5f0dff361d29fbcac129eb3c1d208aff25bd8d087d6537f42
96d072eabc6c67442adbe23d6618153c5694a79a6d8d550c194c3115a807482f
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
aaa71677278aac45713c723e26817e27639a8e50523de73c143f459f38d0e670
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2901f408265c7a9d8d5cfe0c8865e27289949848862945f8a3eda85898100be
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
ba29481a268b5c4ba810b1e6e5c00a5d2f6132d6b3972a6e9ce26478ee37ba1f
bec425b7eba2e50a985d21ed4fe0e50f78bcc2de4c6a3c5d7c34660bfa6765e7
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
dc5962163e92e47844669e028f42cd533093558e350362f9cda978759d27cd7f
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe
e3092f8eb26e853251345ee04b982f91a1f8bc46628df46d93d2f958e6e5cf39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
ee57ec9b28b82725e9be3a95889b16d6163dc4fd0e51be1816b0e36febe4531b
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274
fe7622e5cee2bcdd0d9e6dcd28d0199d4962db0dbfec9c5917a8e1194d819ffd