signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de Open in urlscan Pro Puny
signin.aws.amazon.com.redirect.https.78446.ausüberzeugung.de IDN
104.168.250.153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de/c4ca4238a0b923820dcc509a6f75849b/32ed17ace90c63b185e3a4065873eb8e/0feb68b42db0b4498ebd1a98cd667a...
Effective URL:
http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b3...
Submission: On September 16 via manual (September 16th 2020, 5:39:55 am UTC)

Summary HTTP 7 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 104.168.250.153, located in Seattle, United States and belongs to HOSTWINDS, US. The main domain is signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de.

This is the only time signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AWS (Online)

Domain & IP information

	IP Address		AS Autonomous System
1 8	104.168.250.153 104.168.250.153		54290 (HOSTWINDS) (HOSTWINDS)
7	2

8 104.168.250.153 (Seattle, United States) 1 redirects

ASN54290 (HOSTWINDS, US)
PTR: hwsrv-775238.hostwindsdns.com

signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	xn--ausberzeugung-yob.de 1 redirects signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de	1020 KB
7	1

	Domain	Requested by
7	signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de	signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de
1	signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de	1 redirects
7	2

This site contains links to these domains. Also see Links.

Domain
aws.amazon.com
console.aws.amazon.com
signin.aws.amazon.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990
Frame ID: 86ADFCEB1278CD6DE91AA72D0DC656B3
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de/c4ca4238a0b923820dcc509a6f75849b/32ed17ace90c63b185e3a4065873eb8e/0feb68b42d... HTTP 302
http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5e... Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

1020 kB
Transfer

1023 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://aws.amazon.com/
Title: Amazon Web Services Login

Search URL Search Domain Scan URL

URL: https://console.aws.amazon.com/billing/home#/paymenthistory
Title: payment page

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://signin.aws.amazon.com/oauth?Action=logout&redirect_uri=aws.amazon.com
Title: here.

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/free/?sc_ichannel=ha&sc_icampaign=signin_prospects&sc_isegment=en&sc_iplace=sign-in&sc_icontent=freetier&sc_segment=-1

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/agreement/recent-changes/
Title: Recent Changes

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/agreement/
Title: AWS Customer Agreement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de/c4ca4238a0b923820dcc509a6f75849b/32ed17ace90c63b185e3a4065873eb8e/0feb68b42db0b4498ebd1a98cd667a08/ffc5e01f578535fd6f95f889cb31939d HTTP 302
http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 2da5efa401cf1b118c49488b30de5990 Show response signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/ Redirect Chain http://signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de/c4ca4238a0b923820dcc509a6f75849b/32ed17ace90c63b185e3a4065873eb8e/0feb68b42db0b4498ebd1a98cd667a08/ffc5e01f578535fd6f95f88... http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990	199 KB 199 KB	413ms 388ms	Document text/html	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash `a07a86b3b207ef36bacb5d7d495f6913c12b06acd864d1005c1e1e8491405889` Request headers Host signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 05:39:35 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Date Wed, 16 Sep 2020 05:39:34 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Location http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	fwcim.js Show response signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/	380 KB 380 KB	375ms 362ms	Script text/javascript	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/fwcim.js Requested by Host: signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de URL: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / Resource Hash `262e5fddc5440a2f204fc13751d053bd603aa447df1c05f918dc1fa9bebefcc9` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 05:39:36 GMT Last-Modified Sat, 17 Mar 2018 21:04:28 GMT Server Apache/2.2.15 (CentOS) ETag "8172c-5f03f-567a212016f00" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 389183
GET H/1.1	200 OK	components.css signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/	383 KB 383 KB	369ms 356ms	Stylesheet text/css	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/components.css Requested by Host: signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de URL: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / Resource Hash `d13820cdf75388b299511df5691dd2d6cb2be9c6b879e30f0af767201e6d124e` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 05:39:36 GMT Last-Modified Sat, 17 Mar 2018 21:04:29 GMT Server Apache/2.2.15 (CentOS) ETag "8172b-5fb9e-567a21210b140" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 392094
GET H/1.1	200 OK	grid.css signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/	18 KB 19 KB	345ms 332ms	Stylesheet text/css	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/grid.css Requested by Host: signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de URL: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / Resource Hash `295437df86381a56ae94b2a5491f916167b1f85db261f4ac2f53111973c09f15` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 05:39:36 GMT Last-Modified Sat, 17 Mar 2018 21:04:28 GMT Server Apache/2.2.15 (CentOS) ETag "8172d-4937-567a212016f00" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 18743
GET H/1.1	200 OK	utilities.css signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/	3 KB 4 KB	368ms 355ms	Stylesheet text/css	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/utilities.css Requested by Host: signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de URL: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / Resource Hash `0b1e68b1025d14dce1b3c8cf22e6d3e73ce099bc1ec98e3c11857db320f166fb` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 05:39:36 GMT Last-Modified Sat, 17 Mar 2018 21:04:28 GMT Server Apache/2.2.15 (CentOS) ETag "8172f-ddc-567a212016f00" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 3548
GET H/1.1	200 OK	Prospect_image.jpg signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/	34 KB 34 KB	348ms 336ms	Image image/jpeg	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/Prospect_image.jpg Requested by Host: signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de URL: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / Resource Hash `e5dfc9d690f14190add2294bc8db4ece80ff5f3f8c07c73c85ca94a872940b24` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 16 Sep 2020 05:39:37 GMT Last-Modified Sat, 17 Mar 2018 21:04:28 GMT Server Apache/2.2.15 (CentOS) ETag "8172e-86e7-567a212016f00" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 34535
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8d82b1e7faa7f2cdecd63fbe12c5a878d88a70bf383a552c1e66f03d2b795f38` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	511 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `095a716973efa65689c85d85b231e0acbba9789870424b963d514a7cfdb563bc` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/components.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	226 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e89be6bba4cc671c3fe91a5b721d263f88c1e3d1e1bbcccbb035fd7b524f6aa7` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	389 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `15ad7487d0aa0f1bd6531ecb0f95310350d79b3c095a951ad96e327a880cbd4b` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/components.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	622 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a53ae559feabec44a9d5a9f722f34d9fb0f70d010d9fc0b36ba3bc5caadf37bc` Request headers Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/amazon/en/Amazon%20Web%20Services%20Sign-In_files/components.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
POST H/1.1	404 Not Found	pageload Show response signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/metrics/	347 B 527 B	384ms 371ms	XHR text/html	104.168.250.153 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/metrics/pageload Requested by Host: signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de URL: http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 Protocol HTTP/1.1 Server 104.168.250.153 Seattle, United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-775238.hostwindsdns.com Software Apache/2.2.15 (CentOS) / Resource Hash `a419ac0161631d40553862e8e54c8cd64fc80aeedde3039dae6ddab3ff6566db` Request headers Accept / Referer http://signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de/en/4/0feb68b42db0b4498ebd1a98cd667a08/b582fbe63705cd70f0cbc45e67ae5f00/2da5efa401cf1b118c49488b30de5990 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 16 Sep 2020 05:39:38 GMT Server Apache/2.2.15 (CentOS) Connection close Content-Length 347 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AWS (Online)

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

signin.aws.amazon.com.redirect.https.78417.xn--ausberzeugung-yob.de
signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de
104.168.250.153
095a716973efa65689c85d85b231e0acbba9789870424b963d514a7cfdb563bc
0b1e68b1025d14dce1b3c8cf22e6d3e73ce099bc1ec98e3c11857db320f166fb
15ad7487d0aa0f1bd6531ecb0f95310350d79b3c095a951ad96e327a880cbd4b
262e5fddc5440a2f204fc13751d053bd603aa447df1c05f918dc1fa9bebefcc9
295437df86381a56ae94b2a5491f916167b1f85db261f4ac2f53111973c09f15
8d82b1e7faa7f2cdecd63fbe12c5a878d88a70bf383a552c1e66f03d2b795f38
a07a86b3b207ef36bacb5d7d495f6913c12b06acd864d1005c1e1e8491405889
a419ac0161631d40553862e8e54c8cd64fc80aeedde3039dae6ddab3ff6566db
a53ae559feabec44a9d5a9f722f34d9fb0f70d010d9fc0b36ba3bc5caadf37bc
d13820cdf75388b299511df5691dd2d6cb2be9c6b879e30f0af767201e6d124e
e5dfc9d690f14190add2294bc8db4ece80ff5f3f8c07c73c85ca94a872940b24
e89be6bba4cc671c3fe91a5b721d263f88c1e3d1e1bbcccbb035fd7b524f6aa7

signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de Open in urlscan Pro Puny signin.aws.amazon.com.redirect.https.78446.ausüberzeugung.de IDN 104.168.250.153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

1 Countries

1020 kBTransfer

1023 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

89 JavaScript Global Variables

0 Cookies

Indicators

signin.aws.amazon.com.redirect.https.78446.xn--ausberzeugung-yob.de Open in urlscan Pro Puny
signin.aws.amazon.com.redirect.https.78446.ausüberzeugung.de IDN
104.168.250.153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

1020 kB
Transfer

1023 kB
Size

0
Cookies

7 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!