
idp.amazon.work
Open in
urlscan Pro
44.215.140.191
Public Scan
Effective URL: https://idp.amazon.work/idp/profile/SAML2/Unsolicited/SSO?providerId=idp-eu-west-1.federate.amazon.com&target=eu-west-1_...
Submission Tags: @phishunt_io
Submission: On March 07 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on January 18th 2024. Valid for: a year.
This is the only time idp.amazon.work was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 13.35.58.44 13.35.58.44 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:e6:... 2606:4700:e6::ac40:ce26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a05:d018:94a... 2a05:d018:94a:8a01:4d8e:2ae8:ad2:f51e | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a05:d018:478... 2a05:d018:478:8a01:c1f5:adc0:d024:703c | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 54.171.1.63 54.171.1.63 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2a05:d018:478... 2a05:d018:478:8a00:ac61:d733:2b58:b0dc | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 99.81.52.199 99.81.52.199 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 44.215.140.191 44.215.140.191 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 67.220.228.229 67.220.228.229 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 13.33.187.26 13.33.187.26 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:264... 2600:9000:2646:9400:1e:97a6:3700:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 63.140.62.222 63.140.62.222 | 16509 (AMAZON-02) (AMAZON-02) | |
41 | 12 |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-44.fra60.r.cloudfront.net
dub.umbrella.amazon.dev |
ASN16509 (AMAZON-02, US)
cognito-identity.eu-west-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
cognito-idp.eu-west-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-1-63.eu-west-1.compute.amazonaws.com
gfep2sffuf.execute-api.eu-west-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-52-199.eu-west-1.compute.amazonaws.com
idp.federate.amazon.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-140-191.compute-1.amazonaws.com
idp.amazon.work |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-26.fra60.r.cloudfront.net
d1ncm6mhz0rrl6.amazon.work |
ASN16509 (AMAZON-02, US)
idp-assets.amazon.work |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
amazonhr.sc.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
amazon.work
idp.amazon.work — Cisco Umbrella Rank: 227063 d1ncm6mhz0rrl6.amazon.work — Cisco Umbrella Rank: 333321 idp-assets.amazon.work — Cisco Umbrella Rank: 321059 |
453 KB |
10 |
amazonaws.com
cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8644 cognito-idp.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 32501 gfep2sffuf.execute-api.eu-west-1.amazonaws.com sts.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 44818 dataplane.rum.eu-west-1.amazonaws.com Failed |
6 KB |
8 |
amazon.dev
dub.umbrella.amazon.dev |
735 KB |
2 |
omtrdc.net
1 redirects
amazonhr.sc.omtrdc.net — Cisco Umbrella Rank: 101414 |
1 KB |
1 |
amazon.com
1 redirects
idp.federate.amazon.com — Cisco Umbrella Rank: 87196 |
1 KB |
1 |
amazoncognito.com
1 redirects
umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com |
1 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 973 |
11 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
781 B |
41 | 8 |
Domain | Requested by | |
---|---|---|
9 | idp.amazon.work |
dub.umbrella.amazon.dev
idp.amazon.work |
8 | dub.umbrella.amazon.dev |
dub.umbrella.amazon.dev
|
6 | d1ncm6mhz0rrl6.amazon.work |
idp.amazon.work
|
4 | cognito-identity.eu-west-1.amazonaws.com |
dub.umbrella.amazon.dev
|
3 | gfep2sffuf.execute-api.eu-west-1.amazonaws.com |
dub.umbrella.amazon.dev
|
2 | amazonhr.sc.omtrdc.net |
1 redirects
idp.amazon.work
|
2 | cognito-idp.eu-west-1.amazonaws.com |
dub.umbrella.amazon.dev
|
1 | idp-assets.amazon.work |
idp.amazon.work
|
1 | sts.eu-west-1.amazonaws.com |
dub.umbrella.amazon.dev
|
1 | idp.federate.amazon.com | 1 redirects |
1 | umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com | 1 redirects |
1 | use.fontawesome.com |
dub.umbrella.amazon.dev
|
1 | fonts.googleapis.com |
dub.umbrella.amazon.dev
|
0 | dataplane.rum.eu-west-1.amazonaws.com Failed |
dub.umbrella.amazon.dev
|
41 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dub.prod.console.umbrella.amazon.dev Amazon RSA 2048 M01 |
2023-08-22 - 2024-04-25 |
8 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02 |
2023-05-08 - 2024-06-05 |
a year | crt.sh |
cognito-idp.eu-west-1.amazonaws.com Amazon RSA 2048 M02 |
2023-04-25 - 2024-05-23 |
a year | crt.sh |
*.execute-api.eu-west-1.amazonaws.com Amazon RSA 2048 M01 |
2023-06-01 - 2024-06-29 |
a year | crt.sh |
idp-ext.amazon.work Amazon RSA 2048 M01 |
2024-01-18 - 2025-01-09 |
a year | crt.sh |
sts.eu-west-1.amazonaws.com Amazon RSA 2048 M01 |
2024-01-18 - 2024-12-25 |
a year | crt.sh |
d1ncm6mhz0rrl6.amazon.work Amazon RSA 2048 M02 |
2024-02-12 - 2025-03-11 |
a year | crt.sh |
idp-assets.amazon.work Amazon RSA 2048 M03 |
2023-09-12 - 2024-10-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://idp.amazon.work/idp/profile/SAML2/Unsolicited/SSO?providerId=idp-eu-west-1.federate.amazon.com&target=eu-west-1_P240307034010004DUBYIPIFOQUR6M0_AgR4KkWPE0x50sFOndW6G1zeFTyawjFKPl4Uco1NHOH-fFoAKAABAAN0eG4AH1AyNDAzMDcwMzQwMTAwMDREVUJZSVBJRk9RVVI2TTAAAQAHYXdzLWttcwBLYXJuOmF3czprbXM6ZXUtd2VzdC0xOjY0MjM5NzE3MDM1MDprZXkvNGI4NDE1M2EtNTJkOS00MzUxLTg4MGQtNTA0MmJmMDgyODdkALgBAgEAeKf4aq6iMkiAjJL5r4kNUZO994vdhR0dkvHsTLrpvUo0AbE219nXBMlbHIFRHJH7JnAAAAB-MHwGCSqGSIb3DQEHBqBvMG0CAQAwaAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAy8tuIrnsbnWaHT9cQCARCAOzk5B1P61URxLb_0uxqW2oZOomZ3_1suS7AStp6QP21HlxQH_2ZNY7iOlD42-B4KeLO8QMKOJQ2qcr1zAgAAEAC6T2-Xn84AxPxzgIj-ISETwxfBboluBBth0PzlLSnDzGL7ugDE1PPh6s0lgMOkgtf_____AAAAAQAAAAAAAAAAAAAAAQAAAE9yxvg7yiHoRCs_Fb8UTv8e6PTao0RCWuQXjTW2gxa8eI7QODX5unT2gHOTMFqUdBbrmygbePav7wO01HxaWA7ib0XuYCE0WL71iELlYq_Fyl4kNZdgXAOYfPBpaUDa6Q&relying_party=umbrella-lms-oidc-prod
Frame ID: 29C4D68F111326EDF1DFF751B0F2130F
Requests: 36 HTTP requests in this frame
Screenshot

Page Title
Amazon A to Z-AnmeldungPage URL History Show full URLs
- https://dub.umbrella.amazon.dev/ Page URL
-
https://umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com/oauth2/authorize?response_type=code&client_id=7etln0s4f21b8h3lbbb19cf2l8&sta...
HTTP 302
https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=umbrella-lms-oidc-prod&redirect_uri=https%... HTTP 302
https://idp.amazon.work/idp/profile/SAML2/Unsolicited/SSO?providerId=idp-eu-west-1.federate.amazon.c... Page URL
Detected technologies

Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://dub.umbrella.amazon.dev/ Page URL
-
https://umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com/oauth2/authorize?response_type=code&client_id=7etln0s4f21b8h3lbbb19cf2l8&state=cn5xeHd6akxDdjBLMTV6aVVtcjlfQzFZLld-amMzenJ0R21IejlZYnBSVkRV%3B%252F&redirect_uri=https%3A%2F%2Fdub.umbrella.amazon.dev&scope=openid%20profile&code_challenge=x6pVnzi112AKrgMN3s8g-M6m72YVsq2ttoUpKnYZk3o&code_challenge_method=S256&nonce=cn5xeHd6akxDdjBLMTV6aVVtcjlfQzFZLld-amMzenJ0R21IejlZYnBSVkRV
HTTP 302
https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=umbrella-lms-oidc-prod&redirect_uri=https%3A%2F%2Fumbrella-prod-userpool.auth.eu-west-1.amazoncognito.com%2Foauth2%2Fidpresponse&scope=openid&response_type=code&state=H4sIAAAAAAAAAKWRX0_CMBTFv0sT3-ikZeyfT4IhoqIRdAkYY9r1Dsa6dm6d4Izf3WuifgHfTm_P-eX29IMIkhDo6AFaR9nLsp127-U8PpABkXgzAwWNcEDv5hdTnGU4C8FpM2z9nDMZ7UZaSsniLOc6QoNCw865uk1OT1Unva6SDWgtPFGJ3hpPwRu6AF2ZVYAyR_kD35LkidgaTKHwVDc2LzSQ5wHZfdvN-AiXKhDl8ULtJzeLhzQQaeqyvc7v-9nmRisqqkUP5mq45GwOe71Zm8kqLZfp2QmfIbFAzDGoU9MXjPHz62a7uB210ZYugirk67R95c7Zx_rarDflyGJij4kVHwcoy3_ugAiNiN8-KD5P0a6FprZWe6JzO-_vG37KyuzWFM56ma0wXZGEhcM4jHg0jLEekuRCtzAgDWJlzJgQ0qejkPnUZ35AY87GlGexCnLgTMiYfH4BxUq1ae4BAAA.H4sIAAAAAAAAAPNLZpW23qyUFGGzKVMmsOBSpaLTJV-D6PkvxOeveJAcPBsAw0UQiyAAAAA.3 HTTP 302
https://idp.amazon.work/idp/profile/SAML2/Unsolicited/SSO?providerId=idp-eu-west-1.federate.amazon.com&target=eu-west-1_P240307034010004DUBYIPIFOQUR6M0_AgR4KkWPE0x50sFOndW6G1zeFTyawjFKPl4Uco1NHOH-fFoAKAABAAN0eG4AH1AyNDAzMDcwMzQwMTAwMDREVUJZSVBJRk9RVVI2TTAAAQAHYXdzLWttcwBLYXJuOmF3czprbXM6ZXUtd2VzdC0xOjY0MjM5NzE3MDM1MDprZXkvNGI4NDE1M2EtNTJkOS00MzUxLTg4MGQtNTA0MmJmMDgyODdkALgBAgEAeKf4aq6iMkiAjJL5r4kNUZO994vdhR0dkvHsTLrpvUo0AbE219nXBMlbHIFRHJH7JnAAAAB-MHwGCSqGSIb3DQEHBqBvMG0CAQAwaAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAy8tuIrnsbnWaHT9cQCARCAOzk5B1P61URxLb_0uxqW2oZOomZ3_1suS7AStp6QP21HlxQH_2ZNY7iOlD42-B4KeLO8QMKOJQ2qcr1zAgAAEAC6T2-Xn84AxPxzgIj-ISETwxfBboluBBth0PzlLSnDzGL7ugDE1PPh6s0lgMOkgtf_____AAAAAQAAAAAAAAAAAAAAAQAAAE9yxvg7yiHoRCs_Fb8UTv8e6PTao0RCWuQXjTW2gxa8eI7QODX5unT2gHOTMFqUdBbrmygbePav7wO01HxaWA7ib0XuYCE0WL71iELlYq_Fyl4kNZdgXAOYfPBpaUDa6Q&relying_party=umbrella-lms-oidc-prod Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 36- https://amazonhr.sc.omtrdc.net/b/ss/amazonhramazonidp-prod/1/H.25.1/s37595400510165?AQB=1&ndh=1&t=7%2F2%2F2024%204%3A40%3A11%204%20-60&ns=amazonhr&pageName=External%20Enter%20Password%20-%20Device%20not%20remembered%20&g=https%3A%2F%2Fidp.amazon.work%2Fidp%2Fprofile%2FSAML2%2FUnsolicited%2FSSO%3FproviderId%3Didp-eu-west-1.federate.amazon.com%26target%3Deu-west-1_P240307034010004DUBYIPIFOQUR6M0_AgR4KkWPE0x50sFOndW6G1zeFTyawjFKPl4Uco1NHOH-fFoAKAABAAN0eG4AH1AyNDAzMDcwMzQwMTAwMDREVUJZSVBJRk9RVVI2TTA&r=https%3A%2F%2Fdub.umbrella.amazon.dev%2F&c2=10%3A30PM&v2=D%3Dc2&c3=Wednesday&v3=D%3Dc3&c4=Weekday&v4=D%3Dc4&c5=New&v5=D%3Dc5&c6=1&v6=D%3Dc6&c7=First%20Visit&v7=D%3Dc7&c35=1&v35=1&c36=101&v36=101&v39=D%3Dc27&c42=External%20Enter%20Password%20-%20Device%20not%20remembered%20&v42=External%20Enter%20Password%20-%20Device%20not%20remembered%20&v43=External%20Enter%20Password%20-%20Device%20not%20remembered%20&v44=kiosk-device-false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1 HTTP 302
- https://amazonhr.sc.omtrdc.net/b/ss/amazonhramazonidp-prod/1/H.25.1/s37595400510165?AQB=1&pccr=true&vidn=32F49B8DF62AFF48-60000DA1F8F54A24&ndh=1&t=7%2F2%2F2024%204%3A40%3A11%204%20-60&ns=amazonhr&pageName=External%20Enter%20Password%20-%20Device%20not%20remembered%20&g=https%3A%2F%2Fidp.amazon.work%2Fidp%2Fprofile%2FSAML2%2FUnsolicited%2FSSO%3FproviderId%3Didp-eu-west-1.federate.amazon.com%26target%3Deu-west-1_P240307034010004DUBYIPIFOQUR6M0_AgR4KkWPE0x50sFOndW6G1zeFTyawjFKPl4Uco1NHOH-fFoAKAABAAN0eG4AH1AyNDAzMDcwMzQwMTAwMDREVUJZSVBJRk9RVVI2TTA&r=https%3A%2F%2Fdub.umbrella.amazon.dev%2F&c2=10%3A30PM&v2=D%3Dc2&c3=Wednesday&v3=D%3Dc3&c4=Weekday&v4=D%3Dc4&c5=New&v5=D%3Dc5&c6=1&v6=D%3Dc6&c7=First%20Visit&v7=D%3Dc7&c35=1&v35=1&c36=101&v36=101&v39=D%3Dc27&c42=External%20Enter%20Password%20-%20Device%20not%20remembered%20&v42=External%20Enter%20Password%20-%20Device%20not%20remembered%20&v43=External%20Enter%20Password%20-%20Device%20not%20remembered%20&v44=kiosk-device-false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
dub.umbrella.amazon.dev/ |
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
592 B 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.4.1/css/ |
49 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.86f8dc65934a02b1.js
dub.umbrella.amazon.dev/ |
6 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.377b7b26d1ccffe0.js
dub.umbrella.amazon.dev/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.88c40bab8ce13b56.js
dub.umbrella.amazon.dev/ |
3 MB 560 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.a41dec6b09ef3c3b.css
dub.umbrella.amazon.dev/ |
187 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AmazonEmber_Rg.ce2ee0f467434586.ttf
dub.umbrella.amazon.dev/ |
104 KB 104 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
dub.umbrella.amazon.dev/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en_US.json
dub.umbrella.amazon.dev/assets/i18n/generated/ |
79 KB 19 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cognito-identity.eu-west-1.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
cognito-identity.eu-west-1.amazonaws.com/ |
63 B 316 B |
Fetch
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
cognito-idp.eu-west-1.amazonaws.com/eu-west-1_RsCuykI9w/.well-known/ |
951 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jwks.json
cognito-idp.eu-west-1.amazonaws.com/eu-west-1_RsCuykI9w/.well-known/ |
916 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cognito-identity.eu-west-1.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
cognito-identity.eu-west-1.amazonaws.com/ |
996 B 1 KB |
Fetch
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pendo-metadata
gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pendo-metadata
gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
SSO
idp.amazon.work/idp/profile/SAML2/Unsolicited/ Redirect Chain
|
26 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
sts.eu-west-1.amazonaws.com/ |
2 KB 2 KB |
Fetch
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pendo-metadata
gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pendo-metadata
gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pendo-metadata
gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pendo-metadata
gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
20004401-b305-4208-ba7a-372398833953
dataplane.rum.eu-west-1.amazonaws.com/appmonitors/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loader.css
idp.amazon.work/ |
41 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
d1ncm6mhz0rrl6.amazon.work/bootstrap/3.3.4/css/ |
115 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
d1ncm6mhz0rrl6.amazon.work/jquery/1.11.2/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
d1ncm6mhz0rrl6.amazon.work/bootstrap/3.3.4/js/ |
35 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chosen.jquery.min.js
d1ncm6mhz0rrl6.amazon.work/jquery/chosen/2.2.0/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
javascript.js
idp.amazon.work/ |
9 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture.js
idp.amazon.work/ |
44 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture_helper.js
idp.amazon.work/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid.xhr.js
idp.amazon.work/midway/sentryJS/openid.xhr/1.0.2/ |
21 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webauthn.js
idp.amazon.work/ |
6 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
assets_logo.svg
idp.amazon.work/ |
37 KB 38 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
66f8dca7-68ff-4300-a857-39bc2e007be2
idp-assets.amazon.work/fetch/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s37595400510165
amazonhr.sc.omtrdc.net/b/ss/amazonhramazonidp-prod/1/H.25.1/ Redirect Chain
|
43 B 272 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkbox_sprite.png
idp.amazon.work/ |
496 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonEmber_Lt.ttf
d1ncm6mhz0rrl6.amazon.work/fonts/ |
102 KB 102 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AmazonEmber_Rg.ttf
d1ncm6mhz0rrl6.amazon.work/fonts/ |
104 KB 104 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gfep2sffuf.execute-api.eu-west-1.amazonaws.com
- URL
- https://gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/pendo-metadata
- Domain
- gfep2sffuf.execute-api.eu-west-1.amazonaws.com
- URL
- https://gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/pendo-metadata
- Domain
- gfep2sffuf.execute-api.eu-west-1.amazonaws.com
- URL
- https://gfep2sffuf.execute-api.eu-west-1.amazonaws.com/prod/pendo-metadata
- Domain
- dataplane.rum.eu-west-1.amazonaws.com
- URL
- https://dataplane.rum.eu-west-1.amazonaws.com/appmonitors/20004401-b305-4208-ba7a-372398833953?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=6c9d809ef7fe42860695fc7fa8e0c1fbb8af29331a7b1b3b0f1ccb795c7550a4&X-Amz-Credential=ASIA4OU6UWXVYETHIVOO%2F20240307%2Feu-west-1%2Frum%2Faws4_request&X-Amz-Date=20240307T034010Z&X-Amz-Expires=60&X-Amz-Security-Token=IQoJb3JpZ2luX2VjELz%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCWV1LXdlc3QtMSJHMEUCIF%2BGGYDgyzMxkKCHuzMMw5FgeZ0OCmXBKk7dvKGTPH2mAiEAtdUWHcjIkAlT0%2F7040dzi8KO0tHO2lgtD0vFLPCoX6IqjQMItf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARADGgw4NTYxMDQ5NDEwMzUiDNHmzbZEshXLZXe96irhAtRdQW2oXPn3Ppho0YYZrkJNHf5TOgoE6GobnyNA3lgGOhlsqR2MS7PLd0xO%2FkKjmmZM1XtbnyRGXtaQDXNdgz1vNoVcDR137DwZR3R4GQfUAxaaP48G%2BHbOvRQQVGEc6LDRviGyZa7xTIr5Jn%2FmkGPwxzyorgEV3FElaJ6r%2BnJ1p6Wi65%2B%2B1imZJvapBHKyJjxJEtXltFXjRSlYgP%2FoeEAwc1r3zJEd2WN6%2FV3G%2FJBHh%2FhvKao3u%2FykK6crIp%2Ferx1a7mcb4%2B4l4uQyJm9yQBrzMUEJ%2FYbcazPEapjp2Xko0b%2FCSIpJvJQr16EiC8WMtSp%2Bu9lTc9JwQFZhBbnhZ54J5yj61pwuZWUKL5t6r5D1NWj3FNmjGzMePOznUpCIyUt5rCt8S93KeBpJyMkEeWMmpcfHJv%2B37cfb%2BXlM5EpC1S7JGn5aFf9fCEZan%2Bby2UQDbx7vOLkHw5chrA9%2FUimsMJnupK8GOocC4KvuI8J7FjNBVxFl5%2Fko4d1sjBnspH1G4P1lH1ciICj2c%2FVyUwDry9iBu1vHW6VFNm%2BvLwo%2FgxFjrvXD1yiNovaOZVCwNDsK%2BRmeQBNoJFMWcjNgcAflwBIBlPixt3HGBJ52KVQsMjq4EEcQ0CvjYOeCBO1eNuX9Xkz7NtkLFEY08bXjpfccz5fomXbA5wvbup3fygn7njTfZYjtiREWCr16ivBLeap3y6LtB37ZcpPLQoe1GZB9vKDD%2Bt%2Ba8GbXqfc7TI1cSMMbyV63Z3GdOwcNu1TVjLyzaKDb7x7VD0ORYm5yvfwthtdzn48bjXbpWFqBJ33q6lRaF0JgOynSehHWewWndA4%3D&X-Amz-Signature=736d265694a8034e676b5af466ef14014be6f93d1af2f91d6fd8f36a48e01438&X-Amz-SignedHeaders=content-type%3Bhost
Verdicts & Comments Add Verdict or Comment
57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| jQuery111205583383687972894 function| showTooltips function| addLanguageChangeHandler function| setupPasswordRulesPopover function| bindCallbacksToResendPin function| toast function| showLoaderToast function| showErrorBanner function| disableOtpSubmissionButtonUponClick function| togglePasswordVisibilty function| autofillWebOTP function| closeBanner string| checkurl object| s function| s_doPlugins string| s_code string| s_objectID function| s_gi function| s_giqf string| s_account string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq function| setOmniturePageTitle function| trackOmnitureLinkClick function| trackRememberThisDevice function| faqClick function| logOmnitureFailure function| isKiosk object| Amazon function| getBytes function| base64Decode function| base64Encode function| base64URLDecode function| base64URLEncode function| inflateCreationOptions function| inflateRequestOptions function| deflateCredential function| serializeCredential function| deserializeOptions function| registerWebauthn function| loginWebauthn function| isWebAuthnSupported function| isiOS16 function| submitResetPassword string| f0 object| s_i_amazonhr21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.dub.umbrella.amazon.dev/ | Name: cwr_u Value: 6be229af-cb58-4d35-8669-8a195e343cd1 |
|
umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: c9304dbb-c310-4d7a-aa5d-442cf8cb96b3 |
|
umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com/ | Name: csrf-state Value: cn5xeHd6akxDdjBLMTV6aVVtcjlfQzFZLld-amMzenJ0R21IejlZYnBSVkRV |
|
umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com/ | Name: csrf-state-legacy Value: cn5xeHd6akxDdjBLMTV6aVVtcjlfQzFZLld-amMzenJ0R21IejlZYnBSVkRV |
|
.amazon.work/ | Name: amzn-idp-login-transaction-id Value: c802aa30-1c20-4467-b09a-4cec677d5b31 |
|
.amazon.work/ | Name: amzn-idp-passport-anonymous-session Value: 66f8dca7-68ff-4300-a857-39bc2e007be2 |
|
.amazon.work/ | Name: amzn-idp-client-id Value: umbrella-lms-oidc-prod |
|
.amazon.work/ | Name: amzn-idp-pref-lang Value: de |
|
.amazon.work/ | Name: amzn-idp-pref-country Value: DE |
|
idp.amazon.work/ | Name: JSESSIONID Value: 8C260BE1D302245F64A5D6667EE55D40 |
|
.dub.umbrella.amazon.dev/ | Name: cwr_s Value: eyJzZXNzaW9uSWQiOiJkZTk1YjhhOS01YjAzLTQ0NDYtOTRmMS1lMWFlODg3NTVhY2UiLCJyZWNvcmQiOnRydWUsImV2ZW50Q291bnQiOjEyLCJwYWdlIjp7InBhZ2VJZCI6Ii8iLCJpbnRlcmFjdGlvbiI6MCwic3RhcnQiOjE3MDk3ODI4MDk0NzJ9fQ== |
|
.amazon.work/ | Name: s_cc Value: true |
|
.amazon.work/ | Name: s_nr Value: 1709782811795-New |
|
.amazon.work/ | Name: s_vnum Value: 2141782811795%26vn%3D1 |
|
.amazon.work/ | Name: s_invisit Value: true |
|
.amazon.work/ | Name: s_dslv Value: 1709782811795 |
|
.amazon.work/ | Name: s_dslv_s Value: First%20Visit |
|
.amazon.work/ | Name: s_c27 Value: External%20Enter%20Password%20-%20Device%20not%20remembered%20 |
|
.amazon.work/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
.amazonhr.sc.omtrdc.net/ | Name: s_vi Value: [CS]v1|32F49B8DF62AFF48-60000DA1F8F54A24[CE] |
|
.amazon.work/ | Name: s_ppv Value: 100 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazonhr.sc.omtrdc.net
cognito-identity.eu-west-1.amazonaws.com
cognito-idp.eu-west-1.amazonaws.com
d1ncm6mhz0rrl6.amazon.work
dataplane.rum.eu-west-1.amazonaws.com
dub.umbrella.amazon.dev
fonts.googleapis.com
gfep2sffuf.execute-api.eu-west-1.amazonaws.com
idp-assets.amazon.work
idp.amazon.work
idp.federate.amazon.com
sts.eu-west-1.amazonaws.com
umbrella-prod-userpool.auth.eu-west-1.amazoncognito.com
use.fontawesome.com
dataplane.rum.eu-west-1.amazonaws.com
gfep2sffuf.execute-api.eu-west-1.amazonaws.com
13.33.187.26
13.35.58.44
2600:9000:2646:9400:1e:97a6:3700:93a1
2606:4700:e6::ac40:ce26
2a00:1450:4001:828::200a
2a05:d018:478:8a00:ac61:d733:2b58:b0dc
2a05:d018:478:8a01:c1f5:adc0:d024:703c
2a05:d018:94a:8a01:4d8e:2ae8:ad2:f51e
44.215.140.191
54.171.1.63
63.140.62.222
67.220.228.229
99.81.52.199
009b85ba66f64d1c777e48ffc3fe34e4146cab594bf079a27e8551a3cd2a97e7
0188ca6ecc718416efc1847656423cfcdf71c14fbdf5fd029686fe558793ebda
11ba2147c6423f1a853fd51f19fa9a562abf4297f46ec1ee73fe88db8e3a61d7
167419d53aaf347fa8513aef58b7483844566f70bbdc208038fb19541d38feba
227557eb4ed819cd763c2757135a6f3932457df061088d27eba1b80fa628a813
22bb044c73fb18ff24b45b67ab6d120db65a4e933f57fb2bed965d658fd5140d
2a5fa996e0dadb71c08af0c7348a97f915e5161b34510cf8ded5623486700dd2
2b7e5c998ccea110fab8b15c1dbcc0bf6748a06f3a8caa4240e7e7b2c2312b16
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30f6132094ec3f14ff285e23bb22ebd34805c4a9bf59114a405e25ecd03b4ab7
3ae2fba07b004578c4d9479c1ab340941b8acb8f27e1a7f5343a74b3dcffed29
4230ea5c276e013d912c8e79365adf3adb8cf4f32cba3ccb880fdb309ef28073
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
5008af1de2ddcbb3fe65efd8b478ae92011b26d97c52b2b80e1bb9d64adc8245
85f57b7736e45e9fa33516f54dc0d8e00b39e29d07a425ac27a506f0e4c05a8f
8d001762907d743767f1af5c3398fd97d1be7aed3cb7c819a500156c49524484
904df6c2377cb20770255c2b374ec8b8c16a20626dc1cb9bcd9395fda6075169
93ad2fc3efa90d01bad30e8cc663fca83d381b85158b90753d33da11b793bb5c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a514645abbf8979dfe8bea7514730ae0e9c077204e89f3688967887f992f12bf
aae090aefd692a1f590f51f7b915b0ae11b5f345221b05211d5156b60ff75b3e
bab96f955a050ea92584a912dae9bc4969639b7a2255fa5c5fdd9a3367bf7383
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
df2fbf7d2c3fede6bf7c2b856f3c0ff0e4d3d40b5c78ee2d0aff9487d3852fdd
e1490642009de1808081ab072d3bddc20bc0b61ad3517d72a2e4a490c6f48845
e517916c2b04267b9a2feda107f0c1428964c0d301b97512943a558c2401b37e
ebf849ceb32514b145471cf0bdaa33cbf62abea2dc76b7a45f6606ebea89d20a
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5