amazonpaydemo.letsoft.org Open in urlscan Pro
31.22.4.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://amazonpaydemo.letsoft.org/
Submission Tags: @phishunt_io
Submission: On March 03 via api (March 3rd 2023, 10:45:54 pm UTC) from DE — Scanned from GB

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 31.22.4.109, located in Newcastle upon Tyne, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is amazonpaydemo.letsoft.org.
TLS certificate: Issued by R3 on March 3rd 2023. Valid for: 3 months.

This is the only time amazonpaydemo.letsoft.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	31.22.4.109 31.22.4.109	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
2	18.66.112.116 18.66.112.116	16509 (AMAZON-02) (AMAZON-02)
6	52.94.230.189 52.94.230.189	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
12	4

1 31.22.4.109 (Newcastle upon Tyne, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv31.byethost31.org

amazonpaydemo.letsoft.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-116.fra56.r.cloudfront.net

static-na.payments-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.94.230.189 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

apay-us.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazon.com apay-us.amazon.com — Cisco Umbrella Rank: 22626	4 KB
3	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 512	6 KB
2	payments-amazon.com static-na.payments-amazon.com — Cisco Umbrella Rank: 14287	30 KB
1	letsoft.org amazonpaydemo.letsoft.org	1 KB
12	4

	Domain	Requested by
6	apay-us.amazon.com	static-na.payments-amazon.com
3	m.media-amazon.com	amazonpaydemo.letsoft.org
2	static-na.payments-amazon.com	amazonpaydemo.letsoft.org
1	amazonpaydemo.letsoft.org
12	4

This site contains no links.

Subject Issuer	Validity	Valid
amazonpaydemo.letsoft.org R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
static-na.payments-amazon.com Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
apay-us.amazon.com Amazon	`2022-10-12` - `2023-09-12`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://amazonpaydemo.letsoft.org/
Frame ID: 3DA73AC737E80A233FB4381262BA11A8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Demo Amazon Pay Testing Site

Page Statistics

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

41 kB
Transfer

105 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
amazonpaydemo.letsoft.org/ 2 KB
1 KB 254ms
88ms Document
text/html 31.22.4.109
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://amazonpaydemo.letsoft.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.22.4.109 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS: sv31.byethost31.org
Software: nginx /
Resource Hash: 7e69464e7d05cbdf60095a2bae12976dff993f41153deefdd676b25013fac0e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 22:45:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 checkout.js Show response
static-na.payments-amazon.com/ 91 KB
27 KB 161ms
54ms Script
application/javascript 18.66.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-na.payments-amazon.com/checkout.js
Requested by: Host: amazonpaydemo.letsoft.org
URL: https://amazonpaydemo.letsoft.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a430ab3f5de275a308ce15823b27b0aefcbb686ead7ef1784452c83286da5ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: N.MQ6Xb8fUVWSTOUh77Y0scFKrJyuXYm
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
date: Fri, 03 Mar 2023 22:44:33 GMT
last-modified: Wed, 15 Feb 2023 08:04:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 909
x-amz-server-side-encryption: AES256
etag: W/"3167dd80c70c95deee63c8ba46e503a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200,public
x-amz-cf-id: C79IB6XJ9lljGxfHIjMulEnmE7Y9KNIlaa4V3ldVM_aeg9P0hrb_XA==

GET
H/1.1 200
OK abTestV2 Show response
apay-us.amazon.com/ 326 B
1013 B 526ms
140ms XHR
application/json 52.94.230.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/abTestV2?countryOfEstablishment=US&ledgerCurrency=USD&isSandbox=true&merchantId=A1SDRD19CWJQ4I

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/checkout.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.230.189 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

6484b5a05c9021f44d4d09d18fdeb8c7e90c281cde7c6162bb94195eba09bad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 22:45:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CWPGACVH4WSD0K9QHY97
x-amzn-RequestId: CWPGACVH4WSD0K9QHY97
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://amazonpaydemo.letsoft.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 326

GET
H/1.1 200
OK promotionalMicrotextMessage Show response
apay-us.amazon.com/ 53 B
498 B 516ms
130ms Fetch
application/json 52.94.230.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/promotionalMicrotextMessage?merchantId=A1SDRD19CWJQ4I&countryOfEstablishment=NA&ledgerCurrency=USD&isSandbox=true

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/checkout.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.230.189 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

384ebd651a0dfe5fa280a6f0e3eab8576fddc562480b8aaf95849abc86585099

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 22:45:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VENT7HYE2W7R2N3WYYCK
x-amzn-RequestId: VENT7HYE2W7R2N3WYYCK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://amazonpaydemo.letsoft.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 53

GET
H/1.1 200
OK sessionstabilizer Show response
apay-us.amazon.com/gp/widgets/ 91 B
1 KB 546ms
162ms XHR
application/json 52.94.230.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/gp/widgets/sessionstabilizer?ledgerCurrency=USD&isSandbox=true

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/checkout.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.230.189 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5cdd8acd197101a772642e7a02f5892310b7f93c43eb966b4c560de0d4f7cf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 22:45:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P1T8P76DQQ6MGZ7W452W
x-amzn-RequestId: P1T8P76DQQ6MGZ7W452W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://amazonpaydemo.letsoft.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 91

GET
H2 200 logo._CB452516594_.svg
m.media-amazon.com/images/G/01/AmazonPay/Maxo/ 6 KB
3 KB 188ms
51ms Image
image/svg+xml 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/G/01/AmazonPay/Maxo/logo._CB452516594_.svg
Requested by: Host: amazonpaydemo.letsoft.org
URL: https://amazonpaydemo.letsoft.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 10a4abd65568e068c8256fc72a367a643a189ef4975171827fee9f8eb14f8772

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 08:57:40 GMT
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
age: 7825689
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-750,/images/G/01/AmazonPay/Maxo/logo
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-750 /images/G/01/AmazonPay/Maxo/logo
last-modified: Mon, 29 Jul 2019 18:42:25 GMT
server: Server
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: bc946824-ccf2-40b9-aa9b-c15fd83d5df7
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: 87KjTun761QK6Gvhk5Pc8U_lZENFgVcrWgclXxtkJoR58obi_YiHFw==
expires: Fri, 28 Nov 2042 08:57:40 GMT

GET
H2 200 sandbox_icon._CB452516595_.svg
m.media-amazon.com/images/G/01/AmazonPay/Maxo/ 2 KB
2 KB 190ms
53ms Image
image/svg+xml 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/G/01/AmazonPay/Maxo/sandbox_icon._CB452516595_.svg
Requested by: Host: amazonpaydemo.letsoft.org
URL: https://amazonpaydemo.letsoft.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 2340bc52d2c01861bce2b6752befb426f3e142cb0c70b59d97da384cfa994205

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 11:22:37 GMT
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
age: 5916191
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-861,/images/G/01/AmazonPay/Maxo/sandbox_icon
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-861 /images/G/01/AmazonPay/Maxo/sandbox_icon
last-modified: Fri, 07 Jun 2019 17:51:31 GMT
server: Server
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 39426734-43fd-4a40-8f0f-422a371c7d7e
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: T_BvwmQCZvHtcHC089QYcgdENH9L3SMA_r5p047VDjddTeP5ojcn5A==
expires: Sat, 20 Dec 2042 11:22:37 GMT

GET
H2 200 AmazonPay_button_chevron._CB1558391205_.svg
m.media-amazon.com/images/G/01/AmazonPay/Maxo/ 288 B
798 B 187ms
52ms Image
image/svg+xml 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/G/01/AmazonPay/Maxo/AmazonPay_button_chevron._CB1558391205_.svg
Requested by: Host: amazonpaydemo.letsoft.org
URL: https://amazonpaydemo.letsoft.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 250bd018c1f7fe380fb225f942c079f78c35e3fda8d02e22e23a605c92f71906

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 22:02:04 GMT
content-encoding: br
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
age: 3446
x-amz-cf-pop: FRA2-C1
edge-cache-tag: x-cache-665,/images/G/01/AmazonPay/Maxo/AmazonPay_button_chevron
x-nginx-cache-status: HIT
x-cache: Hit from cloudfront
server-timing: provider;desc="cf"
surrogate-key: x-cache-665 /images/G/01/AmazonPay/Maxo/AmazonPay_button_chevron
last-modified: Mon, 20 May 2019 22:26:46 GMT
server: Server
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600,public
x-amz-ir-id: 05e3d9d5-2a1e-4974-99f9-7487229cf789
timing-allow-origin: https://www.amazon.com
x-amz-cf-id: u-W1NZBzWlphhymj79lEpwIyWZ1mzg711JY_L1hGvWBkau2cjYMfxQ==
expires: Fri, 03 Mar 2023 22:26:58 GMT

GET
H2 200 en_US.svg
static-na.payments-amazon.com/assets/maxo/microtext/ 3 KB
2 KB 48ms
48ms Image
image/svg+xml 18.66.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-na.payments-amazon.com/assets/maxo/microtext/en_US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 745fbbdf7d45e7126abb3bfaf5ee035593f0fa5f34d19e507749e8c9704c11fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://amazonpaydemo.letsoft.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 40RJdD3QqJxa1KGKsPQREqOwBxUnZPCh
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
date: Fri, 03 Mar 2023 22:44:13 GMT
last-modified: Tue, 03 Nov 2020 17:40:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 120
etag: W/"d6c9e3dddae87d4c7f2a85c86f15c15f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=1200,public
x-amz-cf-id: 9BNOhTwEhDrmcMKKKRpGj3v29byucZDFrkbW2t3A6dkW2PvTP9VCEQ==

POST
H/1.1 200
OK uedata
apay-us.amazon.com/cs/ 0
535 B 131ms
130ms Ping
application/octet-stream 52.94.230.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/cs/uedata

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/checkout.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.230.189 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://amazonpaydemo.letsoft.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 03 Mar 2023 22:45:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A0C5EK4RXSXWF3S9119B
x-amzn-RequestId: A0C5EK4RXSXWF3S9119B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://amazonpaydemo.letsoft.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK uedata
apay-us.amazon.com/cs/ 0
535 B 137ms
137ms Ping
application/octet-stream 52.94.230.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/cs/uedata

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/checkout.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.230.189 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://amazonpaydemo.letsoft.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 03 Mar 2023 22:45:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TXGMZFFXWX1Y9BMDH8ZN
x-amzn-RequestId: TXGMZFFXWX1Y9BMDH8ZN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://amazonpaydemo.letsoft.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK uedata
apay-us.amazon.com/cs/ 0
535 B 134ms
134ms Ping
application/octet-stream 52.94.230.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apay-us.amazon.com/cs/uedata

Requested by

Host: static-na.payments-amazon.com
URL: https://static-na.payments-amazon.com/checkout.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.230.189 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://amazonpaydemo.letsoft.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 03 Mar 2023 22:45:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z8CJXYPKCVBWA931Y22Z
x-amzn-RequestId: Z8CJXYPKCVBWA931Y22Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://amazonpaydemo.letsoft.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| checkout object| amazon

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
amazonpaydemo.letsoft.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb3cd056276f94a9c1a319632bec42a3
amazonpaydemo.letsoft.org/	1970-01-20 10:06:09	Name: language Value: en_US
amazonpaydemo.letsoft.org/	1970-01-20 10:06:09	Name: ledgerCurrency Value: USD
.amazon.com/	1970-01-20 18:50:19	Name: session-token Value: "0mcY3dyXTcX3tnNT77en0lHFmkRtXI1Wt/BICAXUFtz1JXYbijSR6WLMGjBQ0d3oWHs6N7HRR1MQQ+J5x7Ro2yDgyO0OUdZKjKIDrbHJ3mUCFd3MHBsQtEeSwSLacPcebGpfgTkDLRK/jJs5FL3Y4pOlGzqkFWPTsEJgBMO++sCHR77J6j05V7/rsF39UPGjH+xdrc4gbojHp14lWOPOJA=="
.amazon.com/	1970-01-20 18:50:19	Name: session-id Value: 141-3230557-0616860
.amazon.com/	1970-01-20 18:50:19	Name: session-id-time Value: 2082758400
.amazon.com/	1970-01-20 18:50:19	Name: session-id-apay Value: 141-3230557-0616860
amazonpaydemo.letsoft.org/	1970-01-20 18:50:19	Name: apay-session-set Value: Yp7j6J4Y57RP4BkgOpwzAf%2FELZYz5nGgAyQMaZ%2BQZEwuOVpvPwsf8lFQxCfBZCE%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonpaydemo.letsoft.org
apay-us.amazon.com
m.media-amazon.com
static-na.payments-amazon.com
18.66.112.116
2600:9000:20eb:8400:1d:d7f6:39d2:2dc1
31.22.4.109
52.94.230.189
10a4abd65568e068c8256fc72a367a643a189ef4975171827fee9f8eb14f8772
2340bc52d2c01861bce2b6752befb426f3e142cb0c70b59d97da384cfa994205
250bd018c1f7fe380fb225f942c079f78c35e3fda8d02e22e23a605c92f71906
384ebd651a0dfe5fa280a6f0e3eab8576fddc562480b8aaf95849abc86585099
4a430ab3f5de275a308ce15823b27b0aefcbb686ead7ef1784452c83286da5ff
5cdd8acd197101a772642e7a02f5892310b7f93c43eb966b4c560de0d4f7cf8c
6484b5a05c9021f44d4d09d18fdeb8c7e90c281cde7c6162bb94195eba09bad1
745fbbdf7d45e7126abb3bfaf5ee035593f0fa5f34d19e507749e8c9704c11fe
7e69464e7d05cbdf60095a2bae12976dff993f41153deefdd676b25013fac0e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

amazonpaydemo.letsoft.org Open in urlscan Pro 31.22.4.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

41 kBTransfer

105 kBSize

8 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

8 Cookies

Indicators

amazonpaydemo.letsoft.org Open in urlscan Pro
31.22.4.109 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

41 kB
Transfer

105 kB
Size

8
Cookies

12 HTTP transactions
0 data transactions