cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com Open in urlscan Pro
2a05:d050:8020:849:34da:25b8:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms/
Effective URL:
http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/
Submission Tags: phishingcatcher certstream Search All
Submission: On November 22 via api (November 22nd 2019, 6:54:50 am UTC) from CH

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2a05:d050:8020:849:34da:25b8::, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.

This is the only time cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.137.137.121 51.137.137.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a05:d050:802... 2a05:d050:8020:849:34da:25b8::	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2

1 51.137.137.121 (Cardiff, United Kingdom) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d050:8020:849:34da:25b8:: (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	amazonaws.com cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com	552 B
1	cas.ms 1 redirects cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms	288 B
1	2

	Domain	Requested by
1	cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com
1	cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms	1 redirects
1	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/
Frame ID: B7ED124F9DB365808C74DB6F5722D029
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms/ HTTP 307
http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

1
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms/ HTTP 307
http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Forbidden	Primary Request / Show response cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/ Redirect Chain http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms/ http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/	243 B 552 B	73ms 37ms	Document application/xml	2a05:d050:8020:849:34da:25b8:: Amazon.com
General Check archive.org Show headers Download Go to Full URL http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/ Protocol HTTP/1.1 Server 2a05:d050:8020:849:34da:25b8:: Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `887fdc60b2b39dcd887da29a24297369fe0f47c20d54026db5d4b30b3788437a` Request headers Host cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers x-amz-bucket-region eu-west-1 x-amz-request-id A8D620A100ACFAF1 x-amz-id-2 5gu9n5SShd1QmIDwTlHE0kARV8M4rwzfz3tO1L/U2SNFhothY8txezq2jMaZxsN3hrBhTr473bs= Content-Type application/xml Transfer-Encoding chunked Date Fri, 22 Nov 2019 06:54:33 GMT Server AmazonS3 Redirect headers Date Fri, 22 Nov 2019 06:54:34 GMT Connection keep-alive Location http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/ Strict-Transport-Security max-age=31536000 Content-Length 171 X-MCAS-Request-Id f7f03f4a-9889-4d47-81f6-00100c926106
GET DATA	200 OK	truncated /	112 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7a9ebfb7c3ecda0476f5c7350a344469673eb940d967b3bf40054fe667570f0a` Request headers Referer http://cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com
cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com.admin-us2.cas.ms
2a05:d050:8020:849:34da:25b8::
51.137.137.121
7a9ebfb7c3ecda0476f5c7350a344469673eb940d967b3bf40054fe667570f0a
887fdc60b2b39dcd887da29a24297369fe0f47c20d54026db5d4b30b3788437a

cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com Open in urlscan Pro 2a05:d050:8020:849:34da:25b8:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

1 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1 kBTransfer

0 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

cosmos-dials.s3.dualstack.eu-west-1.amazonaws.com Open in urlscan Pro
2a05:d050:8020:849:34da:25b8:: Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions
1 data transactions