otx.alienvault.com
Open in
urlscan Pro
13.32.121.8
Public Scan
Submitted URL: https://otx.alienvault.com/indicator/hostname/server-108-159-227-106.ord56.r.cloudfront.net#:~:text=%C3%97
Effective URL: https://otx.alienvault.com/indicator/hostname/server-108-159-227-106.ord56.r.cloudfront.net
Submission: On May 16 via api from US — Scanned from DE
Effective URL: https://otx.alienvault.com/indicator/hostname/server-108-159-227-106.ord56.r.cloudfront.net
Submission: On May 16 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× Loading... * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Hostname server-108-159-227-106.ord56.r.cloudfront.net Add to Pulse Pulses 2 Passive DNS 1 URLs 0 Files 0 Analysis Overview Verdict Whitelisted IP Address 108.159.227.106 Location United States ASN AS16509 amazon.com inc Nameservers ns-1306.awsdns-35.org. , ns-1597.awsdns-07.co.uk. More WHOIS Registrar: MarkMonitor, Inc., Creation Date:Apr 25, 2008 Related Pulses OTX User-Created Pulses (2) Related Tags 142 Related Tags 12345 , united , command decode , suricata ipv4 , mitre att More Indicator Facts Running webserver Present in Majestic Present in Akamai External Resources Whois, UrlVoid, VirusTotal WHOIS Show 10 25 50 100 entries Search: Record Value Emails abusecomplaints@markmonitor.com Name Legal Department Name Servers NS-1306.AWSDNS-35.ORG Org Amazon.com, Inc. Address PO BOX 81226 City Seattle Country US Creation Date 2008-04-25T00:00:00 Creation Date 2008-04-25T11:25:49 Dnssec unsigned SHOWING 1 TO 10 OF 40 ENTRIES 1 2 3 4 Next RELATED DOMAINS Show 10 25 50 100 entries Search: Domain Related Via alikunlun.com abusecomplaints@markmonitor.com peanut-butterandjelly4life.com abusecomplaints@markmonitor.com symcd.com abusecomplaints@markmonitor.com microsoft.com abusecomplaints@markmonitor.com appspot.com abusecomplaints@markmonitor.com mozilla.net abusecomplaints@markmonitor.com edoctransfer.com abusecomplaints@markmonitor.com tapad.com abusecomplaints@markmonitor.com diablofans.com abusecomplaints@markmonitor.com amazonaws.com abusecomplaints@markmonitor.com SHOWING 1 TO 10 OF 846 ENTRIES 1 2 3 4 5 ... 85 Next Analysis Related Pulses Comments (0) WHOIS Show 10 25 50 100 entries Search: Record Value Emails abusecomplaints@markmonitor.com Name Legal Department Name Servers NS-1306.AWSDNS-35.ORG Org Amazon.com, Inc. Address PO BOX 81226 City Seattle Country US Creation Date 2008-04-25T00:00:00 Creation Date 2008-04-25T11:25:49 Dnssec unsigned SHOWING 1 TO 10 OF 40 ENTRIES 1 2 3 4 Next PASSIVE DNS Status Hostname Query Type Address First Seen Last Seen ASN Country Whitelisted server-108-159-227-106.ord56.r.cloudfront.net A 108.159.227.106 2024-03-23 08:162024-03-24 09:50AS16509 amazon.com inc United States ASSOCIATED FILES Show 10 25 50 100 entries Date Hash Avast AVG Clamav MSDefender No Entries Found HTTP SCANS Record Value 80 TitleERROR: The request could not be satisfied80 Body DOCTYPE HTML PUBLIC //W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd HTML HEAD META HTTP EQUIV= Content Type CONTENT= text/html charset=iso 8859 1 TITLE ERROR: The request could not be satisfied /TITLE /HEAD BODY H1 403 ERROR /H1 H2 The request could not be satisfied. /H2 HR noshade size= 1px Bad request. We can t connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later or contact the app or website owner. BR clear= all If you provide content to customers through CloudFront you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation. BR clear= all HR noshade size= 1px PRE Generated by cloudfront CloudFront Request ID: 00vLWqj8mTJMKNjieOOOC78f2c7GnAbuwIfDvMfUhfowhx Vt2U Aw== /PRE ADDRESS /ADDRESS /BODY /HTML 80 HeaderHTTP/1.1 403 Forbidden Server: CloudFront Date: Wed 13 Mar 2024 13:48:04 GMT Content Type: text/html Content Length: 915 Connection: keep alive X Cache: Error from cloudfront Via: 1.1 42d1133b2b6d58acce5df8db7de3a8b4.cloudfront.net CloudFront X Amz Cf Pop: ORD56 P4 X Amz Cf Id: a32RymIU1QxKs5i9LxfKg4k9R4D9LpfoX4ku0J76zETgK4sO qQZBw== RELATED DOMAINS Show 10 25 50 100 entries Search: Domain Related Via alikunlun.com abusecomplaints@markmonitor.com peanut-butterandjelly4life.com abusecomplaints@markmonitor.com symcd.com abusecomplaints@markmonitor.com microsoft.com abusecomplaints@markmonitor.com appspot.com abusecomplaints@markmonitor.com mozilla.net abusecomplaints@markmonitor.com edoctransfer.com abusecomplaints@markmonitor.com tapad.com abusecomplaints@markmonitor.com diablofans.com abusecomplaints@markmonitor.com amazonaws.com abusecomplaints@markmonitor.com SHOWING 1 TO 10 OF 846 ENTRIES 1 2 3 4 5 ... 85 Next * User Created (2) CO.gov/PEAK - Postal Engineering | M Brian Sabey and CBI (mail) hostname Indicator Active * Created 2 months ago * Modified 1 month ago by OctoSeek * Public * TLP: White CIDR: 4 | CVE: 2 | FileHash-MD5: 89 | FileHash-SHA1: 82 | FileHash-SHA256: 2406 | URL: 6466 | Domain: 1686 | Email: 7 | Hostname: 1760 Target received urgent postal mail ,directed to login: CO.gov/PEAK | Disappointed so many reports have been modified. Logins OTX account are governmental.with insecure headers. HistoryKillerPro , RedHatDelete glintsintern.com oauth2-proxy.glintsintern.com • https://oauth2-proxy.glintsintern.com/oauth2/start?rd=http://jaegertracing.match-growth.alicloud-production.glintsintern.com/ oauth2-proxy.glintsintern.com have attached to several OTX users. united, command decode, suricata ipv4, mitre att, suricata udpv4, programfiles, ck id, show technique, ck matrix, windir, date, win64, hybrid, general, model, comspec, click, strings, contact, hostnames, urls http, samples, ssl certificate, whois record, historical ssl, resolutions, referrer, siblings, contacted, pe resource, communicating, subdomains, whois whois, copy, ursnif, qakbot, lumma stealer, ransomexx, quasar, ramnit, lskeyc, maxage31536000, http response, final url, ip address, status code, body length, b body, sha256, headers, detection list, blacklist, cisco umbrella, site, safe site, alexa top, million, team top, site top, site safe, heur, ccleaner, adware, downldr, union, bank, cve201711882, xrat, phishing, team, alexa, static engine, passive dns, unknown, title error, scan endpoints, all octoseek, ipv4, pulse submit, url analysis, urls, thu jul, fri dec, hybridanalysis, generic malware, malware, wed dec, free automated, service, thu dec, cidr, sun aug, ip sun, country code, system as, as16509, mon sep, registrant name, amazon, terry ave, code, as36081 state, pulse pulses, files, reverse dns, asnone united, moved, body, certificate, g2 tls, rsa sha256, search, showing, online sun, online sat, online, 12345, as44273 host, status, for privacy, redacted for, cname, domain, nxdomain, ip related, creation date, servers, name servers, next, cloudfront x, sfo5 c1, a domains, nice botet, srellik, sreredrem, hit, men, man, women, spider, mail spammer, gov * 128 Subscribers CO.gov/PEAK - Post Mail Social Engineering | M Brian Sabey and CBI hostname Indicator Active * Created 2 months ago * Modified 1 month ago by scoreblue * Public * TLP: White CIDR: 4 | CVE: 2 | FileHash-MD5: 89 | FileHash-SHA1: 82 | FileHash-SHA256: 2406 | URL: 6466 | Domain: 1686 | Email: 7 | Hostname: 1760 united, command decode, suricata ipv4, mitre att, suricata udpv4, programfiles, ck id, show technique, ck matrix, windir, date, win64, hybrid, general, model, comspec, click, strings, contact, hostnames, urls http, samples, ssl certificate, whois record, historical ssl, resolutions, referrer, siblings, contacted, pe resource, communicating, subdomains, whois whois, copy, ursnif, qakbot, lumma stealer, ransomexx, quasar, ramnit, lskeyc, maxage31536000, http response, final url, ip address, status code, body length, b body, sha256, headers, detection list, blacklist, cisco umbrella, site, safe site, alexa top, million, team top, site top, site safe, heur, ccleaner, adware, downldr, union, bank, cve201711882, xrat, phishing, team, alexa, static engine, passive dns, unknown, title error, scan endpoints, all octoseek, ipv4, pulse submit, url analysis, urls, thu jul, fri dec, hybridanalysis, generic malware, malware, wed dec, free automated, service, thu dec, cidr, sun aug, ip sun, country code, system as, as16509, mon sep, registrant name, amazon, terry ave, code, as36081 state, pulse pulses, files, reverse dns, asnone united, moved, body, certificate, g2 tls, rsa sha256, search, showing, online sun, online sat, online, 12345, as44273 host, status, for privacy, redacted for, cname, domain, nxdomain, ip related, creation date, servers, name servers, next, cloudfront x, sfo5 c1, a domains, nice botet, srellik, sreredrem, hit, men, man, women, spider, mail spammer, gov * 84 Subscribers COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2024 LevelBlue, Inc. * Legal * Status