ScanMalware.com

Security Scan Report: lonoz2acc.s3.us-west-1.amazonaws.com

Site favicon
Submitted: Nov 4, 2025, 8:11:22 AMCompleted: Nov 4, 2025, 8:12:16 AMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main domain is lonoz2acc.s3.us-west-1.amazonaws.com and was registered NaN years ago.

Submitted URL: https://lonoz2acc.s3.us-west-1.amazonaws.com/index.html#[email protected]

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Credential‑harvesting phishing page impersonating IONOS; confirmed scam.

Risk Factors
Cloud storage domain (s3.amazonaws.com) presenting a credential‑harvesting form
Brand impersonation of IONOS on an unranked domain
Email address in URL fragment used to lure victims
Login form collecting passwords on a suspicious domain
Domain age information unavailable

Details

Page Title

Webmail Login

Scan Type

public

Language

🇺🇸

English

(57% confidence)

Category

technology software

(39%)

Domain Information

The domain name 'lonoz2acc.s3.us-west-1.amazonaws.com' uses the commercial generic top-level domain (.com), featuring subdomain 'lonoz2acc.s3.us-west-1'. The registrable portion 'amazonaws' spans 9 characters holding 4 vowels versus 5 consonants. Splitting it apart reveals three words: amazon, aw, s. Median word length comes out to 2 characters. Most frequently, 'amazonky' shows up in Czech. You will also see it in Slovak and Croatian contexts. Taken together, it feels Czech.

Screenshot

Security scan screenshot of https://lonoz2acc.s3.us-west-1.amazonaws.com/index.html#redacted@abuse.ionos.com

Page Load Overview

39.09s
Total Load Time
19
HTTP Requests
5
Domains
675 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:57%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:57%
Script Type:Latin
Text Length:642 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software39% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
39%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4217.160.86.24Germany
AS8560IONOS SE
1208.95.112.1United States
AS53334TUT-AS
1104.18.50.34United States
AS13335CLOUDFLARENET
1213.165.66.58Germany
AS8560IONOS SE
1104.18.54.45United States
AS13335CLOUDFLARENET
152.219.112.185San Jose, California, United States
AS16509AMAZON-02
152.219.113.73San Jose, California, United States
AS16509AMAZON-02
152.219.194.162San Jose, California, United States
AS16509AMAZON-02
152.219.120.137San Jose, California, United States
AS16509AMAZON-02
116.15.0.16San Jose, California, United States
AS16509AMAZON-02
1916--

Detected Technologies3

PasswordField
100%
Amazon Web Services
40%
Amazon S3
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1394451C177C1BC8102875B76732BB6E6F52A4CE97188488EF018BC90F6BD912FAE4575

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:zfnNAsxSmR2EXy7u6CPsTeqa5qKk1MMckHg8dsK3k+26foN2ic+95YrnHs:zNxSmR2Et6CwJSNkdckHg8db0+2c82Pg

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:277161:IAQCCbEiQOEExcMAKWIV4LCaTpAIRBAVQgKCEi1DK5hSZBkUfCIpI1GAC6MEKGIEAKRABBgUAW4oTEJSxYDiOAwDAVKCeNFh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fcdffc3ffffffff
Perceptual Hash:b33b898d26268f8d
Difference Hash:d018184c200000cc
Wavelet Hash:3f0c1c000f0f27ff
Color Hash:#53ac80

Other Hashes

Crop Resistant:d018184c200000cc

Scan History

Scan history not available

Unable to load historical scan data