aquamarine-orangutan.w5.wpsandbox.pro
Open in
urlscan Pro
3.228.174.136
Malicious Activity!
Public Scan
Effective URL: http://aquamarine-orangutan.w5.wpsandbox.pro/strato/
Submission: On April 30 via manual from DE — Scanned from DE
Summary
This is the only time aquamarine-orangutan.w5.wpsandbox.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Strato AG (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 3.209.27.49 3.209.27.49 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 3.228.174.136 3.228.174.136 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-27-49.compute-1.amazonaws.com
friendly-caracal.w5.wpsandbox.pro |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-174-136.compute-1.amazonaws.com
aquamarine-orangutan.w5.wpsandbox.pro |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
wpsandbox.pro
1 redirects
friendly-caracal.w5.wpsandbox.pro aquamarine-orangutan.w5.wpsandbox.pro |
729 KB |
1 | 1 |
Domain | Requested by | |
---|---|---|
1 | aquamarine-orangutan.w5.wpsandbox.pro | |
1 | friendly-caracal.w5.wpsandbox.pro | 1 redirects |
1 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://aquamarine-orangutan.w5.wpsandbox.pro/strato/
Frame ID: FEC5826378F9DC6DD2D0565EB77E47FE
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
STRATO Kunden-Login | Schneller Zugang zu Ihren ProduktenPage URL History Show full URLs
-
https://friendly-caracal.w5.wpsandbox.pro/
HTTP 302
http://aquamarine-orangutan.w5.wpsandbox.pro/strato/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://friendly-caracal.w5.wpsandbox.pro/
HTTP 302
http://aquamarine-orangutan.w5.wpsandbox.pro/strato/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
aquamarine-orangutan.w5.wpsandbox.pro/strato/ Redirect Chain
|
729 KB 729 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
360 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Strato AG (Online)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aquamarine-orangutan.w5.wpsandbox.pro
friendly-caracal.w5.wpsandbox.pro
3.209.27.49
3.228.174.136
07abf84dc80eea9c193c4d850314b1fbfb9e8cee076098e4dafb2d77bbfd72de
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6becec5e255dbfe530636ec910e8e2d906f8b0a3fc97411944b5558ae90d2925
76868546c85c1adaa0ef82c36c651974b6508777eb6e86fe0b634ccb4cdf3686
9ecf41b271d80d4cf43ae33ed7074ab86e712d6d4919bc25bad6ba26c8f341bd
dce1ba22e3cc5c8bb1376dbb739f4787b6c627e3f68dda89ebbaf01c88b6d178
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f64159a333393ddc3f7b0fbcdeb475a4cb0533130c3d830b7e8caca12b2dcdd3