urlscan.io logo urlscan.io
SecurityTrails logo

colo-adfs3.nwf.net Open in urlscan Pro
198.178.148.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://amazonbusiness.nwf.org/
Effective URL: https://colo-adfs3.nwf.net/adfs/ls/wia?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvP...
Submission: On April 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 1 HTTP transactions. The main IP is 198.178.148.127, located in United States and belongs to NWF-ARIN, US. The main domain is colo-adfs3.nwf.net.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 10th 2020. Valid for: 2 years.
This is the only time colo-adfs3.nwf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.222.42.205 15169 (GOOGLE)
1 1 65.9.64.193 16509 (AMAZON-02)
2 2 23.35.238.146 16625 (AKAMAI-AS)
1 2 198.178.148.127 55047 (NWF-ARIN)
1 1
Apex Domain
Subdomains		 Transfer
3 amazon.com
smile.amazon.com — Cisco Umbrella Rank: 17400
www.amazon.com — Cisco Umbrella Rank: 522
4 KB
2 nwf.net
colo-adfs3.nwf.net
2 KB
1 nwf.org
amazonbusiness.nwf.org
361 B
1 3
Domain Requested by
2 colo-adfs3.nwf.net 1 redirects
2 www.amazon.com 2 redirects
1 smile.amazon.com 1 redirects
1 amazonbusiness.nwf.org 1 redirects
1 4

This site contains no links.

Subject Issuer Validity Valid
colo-adfs3.nwf.net
DigiCert SHA2 Secure Server CA		 2020-03-10 -
2022-05-20		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://colo-adfs3.nwf.net/adfs/ls/wia?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvPe%2BWW%2B%2FupZ9%0AmoEaiwVEoQBmsLRVg%2B8FPB%2FvghUwchor3Vo0BaCF7WaxJt21sle70Z3x0XyMhhzzTkjqVylgHFBZ%0ATQ0p1J0h5Ur1tHu4VzIUqh%2Bss6Vtge39YYPaXdLPzvWkOPeKDXRVUxziVIdoHJ8n3hIHdtgX8FqL%0AZRKLNCtNkldLIXWU1zKNZBpn2VusM79GNJoDztVdAVJIGYgkEOkxSpVYKelJ8%2BQF2OmK7nvBFUxd%0Arodbov%2BBNJEZZgjYXCGmaQp1p78thqXt1vzW2OfwPz64WfwAAAD%2F%2FwMA&RelayState=https%253A%252F%252Fwww.amazon.com%252Fmn%252Fap%252Fsignin%253Fdomain_hint%253D10944d16-aa5f-43b7-8e89-c023209e7e3c%2526openid.pape.max_auth_age%253D0%2526openid.return_to%253Dhttps%25253A%25252F%25252Fsmile.amazon.com%2526openid.identity%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526openid.assoc_handle%253Dusamazon%2526openid.mode%253Dcheckid_setup%2526_encoding%253DUTF8%2526ref_%253Db2b_eam_cba%2526openid.claimed_id%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526pageId%253Dauthportal_b2b_login_us%2526openid.ns%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%2526identityProvider%253Dd749551f-4a53-40a8-9636-03f9944cc990%2526relyingParty%253DAMAZON
Frame ID: 316A4B62C9389C9F97655FEC754D3BC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wia
colo-adfs3.nwf.net/adfs/ls/
Redirect Chain
  • http://amazonbusiness.nwf.org/
  • https://smile.amazon.com/bb/feature/sso/action/start?domain_hint=10944d16-aa5f-43b7-8e89-c023209e7e3c&ref_=b2b_sso_dl_atv&openid.return_to=https%3A%2F%2Fsmile.amazon.com
  • https://www.amazon.com/bb/feature/sso/action/start?domain_hint=10944d16-aa5f-43b7-8e89-c023209e7e3c&ref_=b2b_sso_dl_atv&openid.return_to=https%3A%2F%2Fsmile.amazon.com&pldnSite=1
  • https://www.amazon.com/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fsmile.amazon.com&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ass...
  • https://colo-adfs3.nwf.net/adfs/ls/?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvPe%2BWW%2B%2FupZ9%0AmoEaiwVEoQBmsLRVg%2B8FPB%2FvghUwchor3Vo0BaCF7WaxJt21sle70Z...
  • https://colo-adfs3.nwf.net/adfs/ls/wia?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvPe%2BWW%2B%2FupZ9%0AmoEaiwVEoQBmsLRVg%2B8FPB%2FvghUwchor3Vo0BaCF7WaxJt21sle...
0
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://colo-adfs3.nwf.net/adfs/ls/wia?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvPe%2BWW%2B%2FupZ9%0AmoEaiwVEoQBmsLRVg%2B8FPB%2FvghUwchor3Vo0BaCF7WaxJt21sle70Z3x0XyMhhzzTkjqVylgHFBZ%0ATQ0p1J0h5Ur1tHu4VzIUqh%2Bss6Vtge39YYPaXdLPzvWkOPeKDXRVUxziVIdoHJ8n3hIHdtgX8FqL%0AZRKLNCtNkldLIXWU1zKNZBpn2VusM79GNJoDztVdAVJIGYgkEOkxSpVYKelJ8%2BQF2OmK7nvBFUxd%0Arodbov%2BBNJEZZgjYXCGmaQp1p78thqXt1vzW2OfwPz64WfwAAAD%2F%2FwMA&RelayState=https%253A%252F%252Fwww.amazon.com%252Fmn%252Fap%252Fsignin%253Fdomain_hint%253D10944d16-aa5f-43b7-8e89-c023209e7e3c%2526openid.pape.max_auth_age%253D0%2526openid.return_to%253Dhttps%25253A%25252F%25252Fsmile.amazon.com%2526openid.identity%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526openid.assoc_handle%253Dusamazon%2526openid.mode%253Dcheckid_setup%2526_encoding%253DUTF8%2526ref_%253Db2b_eam_cba%2526openid.claimed_id%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526pageId%253Dauthportal_b2b_login_us%2526openid.ns%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%2526identityProvider%253Dd749551f-4a53-40a8-9636-03f9944cc990%2526relyingParty%253DAMAZON
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
198.178.148.127 , United States, ASN55047 (NWF-ARIN, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
0
Date
Wed, 06 Apr 2022 16:08:21 GMT
Server
Microsoft-HTTPAPI/2.0
WWW-Authenticate
Negotiate NTLM

Redirect headers

Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Apr 2022 16:08:21 GMT
Location
https://colo-adfs3.nwf.net:443/adfs/ls/wia?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvPe%2BWW%2B%2FupZ9%0AmoEaiwVEoQBmsLRVg%2B8FPB%2FvghUwchor3Vo0BaCF7WaxJt21sle70Z3x0XyMhhzzTkjqVylgHFBZ%0ATQ0p1J0h5Ur1tHu4VzIUqh%2Bss6Vtge39YYPaXdLPzvWkOPeKDXRVUxziVIdoHJ8n3hIHdtgX8FqL%0AZRKLNCtNkldLIXWU1zKNZBpn2VusM79GNJoDztVdAVJIGYgkEOkxSpVYKelJ8%2BQF2OmK7nvBFUxd%0Arodbov%2BBNJEZZgjYXCGmaQp1p78thqXt1vzW2OfwPz64WfwAAAD%2F%2FwMA&RelayState=https%253A%252F%252Fwww.amazon.com%252Fmn%252Fap%252Fsignin%253Fdomain_hint%253D10944d16-aa5f-43b7-8e89-c023209e7e3c%2526openid.pape.max_auth_age%253D0%2526openid.return_to%253Dhttps%25253A%25252F%25252Fsmile.amazon.com%2526openid.identity%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526openid.assoc_handle%253Dusamazon%2526openid.mode%253Dcheckid_setup%2526_encoding%253DUTF8%2526ref_%253Db2b_eam_cba%2526openid.claimed_id%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526pageId%253Dauthportal_b2b_login_us%2526openid.ns%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%2526identityProvider%253Dd749551f-4a53-40a8-9636-03f9944cc990%2526relyingParty%253DAMAZON
Server
Microsoft-HTTPAPI/2.0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

6 Cookies

Domain/Path Name / Value
.amazon.com/ Name: session-id
Value: 132-7733346-4051531
.amazon.com/ Name: i18n-prefs
Value: USD
.amazon.com/ Name: lc-main
Value: de_DE
.amazon.com/ Name: sp-cdn
Value: "L5Z9:DE"
.amazon.com/ Name: session-id-time
Value: 2279981301l
.amazon.com/ Name: ubid-main
Value: 135-2686241-9893210

1 Console Messages

Source Level URL
Text
network error URL: https://colo-adfs3.nwf.net/adfs/ls/wia?SAMLRequest=fJBBa4NAEIXv%2BRXL3HXX1WhcYkIgFALtpU1z6KVsdW0EnbXOWkt%2FfdeUQA6lx%2BHNvPe%2BWW%2B%2FupZ9%0AmoEaiwVEoQBmsLRVg%2B8FPB%2FvghUwchor3Vo0BaCF7WaxJt21sle70Z3x0XyMhhzzTkjqVylgHFBZ%0ATQ0p1J0h5Ur1tHu4VzIUqh%2Bss6Vtge39YYPaXdLPzvWkOPeKDXRVUxziVIdoHJ8n3hIHdtgX8FqL%0AZRKLNCtNkldLIXWU1zKNZBpn2VusM79GNJoDztVdAVJIGYgkEOkxSpVYKelJ8%2BQF2OmK7nvBFUxd%0Arodbov%2BBNJEZZgjYXCGmaQp1p78thqXt1vzW2OfwPz64WfwAAAD%2F%2FwMA&RelayState=https%253A%252F%252Fwww.amazon.com%252Fmn%252Fap%252Fsignin%253Fdomain_hint%253D10944d16-aa5f-43b7-8e89-c023209e7e3c%2526openid.pape.max_auth_age%253D0%2526openid.return_to%253Dhttps%25253A%25252F%25252Fsmile.amazon.com%2526openid.identity%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526openid.assoc_handle%253Dusamazon%2526openid.mode%253Dcheckid_setup%2526_encoding%253DUTF8%2526ref_%253Db2b_eam_cba%2526openid.claimed_id%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%25252Fidentifier_select%2526pageId%253Dauthportal_b2b_login_us%2526openid.ns%253Dhttp%25253A%25252F%25252Fspecs.openid.net%25252Fauth%25252F2.0%2526identityProvider%253Dd749551f-4a53-40a8-9636-03f9944cc990%2526relyingParty%253DAMAZON
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonbusiness.nwf.org
colo-adfs3.nwf.net
smile.amazon.com
www.amazon.com
198.178.148.127
23.35.238.146
35.222.42.205
65.9.64.193
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855