fips-us-gov-west-1.quicksight.amazonaws-us-gov.com
Open in
urlscan Pro
52.46.224.223
Public Scan
Effective URL: https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/auth/signin?redirect_uri=https%3A%2F%2Ffips-us-gov-west-1.quicksight.amazonaws-us-gov.com%2Fs...
Submission Tags: @phishunt_io
Submission: On June 20 via api from DE
Summary
TLS certificate: Issued by Amazon on January 12th 2021. Valid for: a year.
This is the only time fips-us-gov-west-1.quicksight.amazonaws-us-gov.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 52.46.224.223 52.46.224.223 | 8987 (AMAZON EX...) (AMAZON EXPANSION) | |
7 | 2600:9000:210... 2600:9000:2104:a600:1:5fdb:3f40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 2 |
ASN8987 (AMAZON EXPANSION, IE)
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com |
ASN16509 (AMAZON-02, US)
d2a5pmzdxflh4t.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
d2a5pmzdxflh4t.cloudfront.net |
1 MB |
3 |
amazonaws-us-gov.com
1 redirects
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com |
15 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
7 | d2a5pmzdxflh4t.cloudfront.net |
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com
|
3 | fips-us-gov-west-1.quicksight.amazonaws-us-gov.com |
1 redirects
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com
|
9 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
docs.aws.amazon.com |
aws.amazon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
web-quicksight-fips.us-gov-west-1.amazonaws.com Amazon |
2021-01-12 - 2021-12-17 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/auth/signin?redirect_uri=https%3A%2F%2Ffips-us-gov-west-1.quicksight.amazonaws-us-gov.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Frame ID: 2CE96192AC602BD839EBD8DAC29D14A0
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/start Page URL
-
https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/start?&state=hashArgs%23
HTTP 302
https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/auth/signin?redirect_uri=https%3A%2F%2Ffips-us-gov-west-1.quicksight.amaz... Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title: Cookie Notice
Search URL Search Domain Scan URL
Title: Terms of Use;
Search URL Search Domain Scan URL
Title: Privacy Policy;
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/start Page URL
-
https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/start?&state=hashArgs%23
HTTP 302
https://fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/auth/signin?redirect_uri=https%3A%2F%2Ffips-us-gov-west-1.quicksight.amazonaws-us-gov.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
start
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/ |
1 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
signin
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/sn/auth/ Redirect Chain
|
57 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.2754b0c128990afa0e67.1.css
d2a5pmzdxflh4t.cloudfront.net/signin/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform-vendors.bundle.2490f1f3a7b3af52c728.2.js
d2a5pmzdxflh4t.cloudfront.net/app/platform/ |
393 KB 394 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform-libs.bundle.56817e5be5836fe16f13.2.js
d2a5pmzdxflh4t.cloudfront.net/app/platform/ |
92 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform_remote.5913ad554dba54e2012a.2.js
d2a5pmzdxflh4t.cloudfront.net/app/platform/ |
169 KB 170 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.en-US.bundle.d433855da29e90274e95.1.js
d2a5pmzdxflh4t.cloudfront.net/signin/ |
525 KB 526 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-bootstrap.bundle.134d7c33344137f4f026.1.js
d2a5pmzdxflh4t.cloudfront.net/signin/ |
118 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.7299216c96119e2cc6e9.1.js
d2a5pmzdxflh4t.cloudfront.net/signin/ |
42 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| __t0 string| __bundler_root object| webpackChunkSpaceNeedleWebsiteStaticContent object| platform_remote object| webpackChunk_amzn_spaceneedle_signin_web object| regeneratorRuntime number| __appStartTime function| _ object| AppConfig1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com/ | Name: JSESSIONID Value: 4C2BE1793DA720E5BE7BAE88F9374623 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d2a5pmzdxflh4t.cloudfront.net
fips-us-gov-west-1.quicksight.amazonaws-us-gov.com
2600:9000:2104:a600:1:5fdb:3f40:21
52.46.224.223
136f5b362aff3afd503a04da7870dc423a648cbeb24d9a3e95e60ca19ff768c2
21ee650fff3e60865c6db8e933feffd2bbe7631274e2373b05bcffccad2e04de
3f69df03515e7d7c728811b973aa8ee4e18111b5a808ab292b6f716888d72817
4fa8dae8309d26d1d648704165c22c04ef086a12b4aa007a44c63008be3afeb3
5fc5ca69d91a9e5f05cfa74cee4db9d9123be5f032bc2b0834dca12c5f4cfb63
b29fcb334f173d3ab4f8655685257dcb89663e20c2ccc0f2183e565543efc93a
b4d92c8b6a5b0dfb219ad784dae91e7f2066c951532380ee0180152b9aa04023
ef36be169f8c544d0115926991cdc3e96229374e1dd7df6d5747c55945c7d363
f08a795a862c56f3f43d69e636308f36829c22cdb26c9f91613d8f3be4f2d411