signin.auth.userzoom.com

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 54.154.221.210, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is signin.auth.userzoom.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 25th 2019. Valid for: 2 years.

This is the only time signin.auth.userzoom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	54.154.221.210 54.154.221.210	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.119 143.204.215.119	16509 (AMAZON-02) (AMAZON-02)
3	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
5	3

2 54.154.221.210 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-221-210.eu-west-1.compute.amazonaws.com

signin.auth.userzoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-119.fra53.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

assets-cdn.userzoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	userzoom.com 1 redirects signin.auth.userzoom.com assets-cdn.userzoom.com	125 KB
1	auth0.com cdn.auth0.com	80 KB
5	2

	Domain	Requested by
3	assets-cdn.userzoom.com	signin.auth.userzoom.com
2	signin.auth.userzoom.com	1 redirects
1	cdn.auth0.com	signin.auth.userzoom.com
5	3

This site contains links to these domains. Also see Links.

Domain
auth0.com

Subject Issuer	Validity	Valid
*.auth.userzoom.com DigiCert SHA2 Secure Server CA	`2019-07-25` - `2021-09-17`	2 years	crt.sh
*.auth0.com Amazon	`2019-06-21` - `2020-07-21`	a year	crt.sh
*.userzoom.com DigiCert SHA2 Secure Server CA	`2018-10-10` - `2020-12-07`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false
Frame ID: 59AF3CE0E0D924BBF99D5F742BEA50A4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://signin.auth.userzoom.com/u/email-verification?ticket=TEUNZpRAvaxCfqzMdtrNokUEAAacmIGQ HTTP 302
https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsb... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

204 kB
Transfer

435 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://auth0.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://signin.auth.userzoom.com/u/email-verification?ticket=TEUNZpRAvaxCfqzMdtrNokUEAAacmIGQ HTTP 302
https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request reset Show response
signin.auth.userzoom.com/lo/
Redirect Chain

https://signin.auth.userzoom.com/u/email-verification?ticket=TEUNZpRAvaxCfqzMdtrNokUEAAacmIGQ
https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false

16 KB
4 KB

53ms
52ms

Document
text/html

54.154.221.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.221.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-221-210.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3fe5b2041c68525062d46da77c01a4365d61c6b05ea3ff1440459e00cc46f3f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:method: GET
:authority: signin.auth.userzoom.com
:scheme: https
:path: /lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: did=s%3Av0%3A1966c1c0-49be-11ea-a458-8f981f345a78.0YMiTc7Bh1VXr7pIPSTF5hlw8mlrgrxE%2BDDio%2BgmoJI; auth0=s%3AQ-tfYvzeJhqYhdbCHF2xFh69Wuh8PMp7.SGMHq9kGrxZGyB4%2BH9vvOoEu%2FwGhWwwMSJoCJ0Rl0zQ; did_compat=s%3Av0%3A1966c1c0-49be-11ea-a458-8f981f345a78.0YMiTc7Bh1VXr7pIPSTF5hlw8mlrgrxE%2BDDio%2BgmoJI; auth0_compat=s%3AQ-tfYvzeJhqYhdbCHF2xFh69Wuh8PMp7.SGMHq9kGrxZGyB4%2BH9vvOoEu%2FwGhWwwMSJoCJ0Rl0zQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Fri, 07 Feb 2020 15:25:40 GMT
content-type: text/html; charset=utf-8
server: nginx
vary: Accept-Encoding
x-auth0-requestid: 4b95fe3b60a6609b19a9
referrer-policy: origin
etag: W/"3f22-bSewp3SHe3t7WqyyoCzGs2Y5joM"
set-cookie: a0_users:sess=eyJjc3JmU2VjcmV0IjoiTDZyc0ltS0FWWC1TVWFhajNEdjVpeUJqIn0=; path=/; secure; httponly a0_users:sess.sig=6KeTgi-ZlsJL5Lq74AVOVxSPt44; path=/; secure; httponly
strict-transport-security: max-age=15724800
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip

Redirect headers

status: 302
date: Fri, 07 Feb 2020 15:25:40 GMT
content-type: text/html; charset=utf-8
content-length: 438
location: https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false#
server: nginx
x-auth0-requestid: c8e24d4d01311efe0bae
set-cookie: did=s%3Av0%3A1966c1c0-49be-11ea-a458-8f981f345a78.0YMiTc7Bh1VXr7pIPSTF5hlw8mlrgrxE%2BDDio%2BgmoJI; Max-Age=157788000; Path=/; Expires=Thu, 06 Feb 2025 21:25:40 GMT; HttpOnly; Secure; SameSite=None auth0=s%3AQ-tfYvzeJhqYhdbCHF2xFh69Wuh8PMp7.SGMHq9kGrxZGyB4%2BH9vvOoEu%2FwGhWwwMSJoCJ0Rl0zQ; Path=/; Expires=Mon, 10 Feb 2020 15:25:40 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A1966c1c0-49be-11ea-a458-8f981f345a78.0YMiTc7Bh1VXr7pIPSTF5hlw8mlrgrxE%2BDDio%2BgmoJI; Max-Age=157788000; Path=/; Expires=Thu, 06 Feb 2025 21:25:40 GMT; HttpOnly; Secure auth0_compat=s%3AQ-tfYvzeJhqYhdbCHF2xFh69Wuh8PMp7.SGMHq9kGrxZGyB4%2BH9vvOoEu%2FwGhWwwMSJoCJ0Rl0zQ; Path=/; Expires=Mon, 10 Feb 2020 15:25:40 GMT; HttpOnly; Secure
vary: Accept
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
strict-transport-security: max-age=15724800
x-robots-tag: noindex, nofollow, nosnippet, noarchive

GET
H2 200 change-password-1.5.1.min.js Show response
cdn.auth0.com/js/ 301 KB
80 KB 671ms
616ms Script
application/javascript 143.204.215.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/change-password-1.5.1.min.js
Requested by: Host: signin.auth.userzoom.com
URL: https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.215.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebbd1f2337a1b9518365fb20542810d58193b83c293c5f16b21d1f41f3779384

Request headers

Referer: https://signin.auth.userzoom.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 09:25:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 19:38:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-version-id: 4trBuCAnKT1TKyaoNEdQTpCVfvrxQDLs
status: 200
cache-control: public, max-age=300
x-amz-replication-status: COMPLETED
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 7USbWcsqZtMAxUXlNQFW1yBViiyuPBbhDhqC_N0iL8cdZroziAPUOA==
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)

GET
H/1.1 200
OK OpenSans-Regular-webfont.woff
assets-cdn.userzoom.com/fonts/open-sans/regular/ 22 KB
23 KB 203ms
43ms Font
application/font-woff 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-cdn.userzoom.com/fonts/open-sans/regular/OpenSans-Regular-webfont.woff
Requested by: Host: signin.auth.userzoom.com
URL: https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://signin.auth.userzoom.com/
Origin: https://signin.auth.userzoom.com

Response headers

Date: Fri, 07 Feb 2020 15:25:41 GMT
Last-Modified: Wed, 30 Oct 2019 07:52:48 GMT
Server: AmazonS3
x-amz-request-id: 5A0E152EC6340EA9
ETag: "79515ad0788973c533405f7012dfeccd"
X-HW: 1581089140.dop005.wa1.t,1581089141.cds004.wa1.shn,1581089141.dop005.wa1.t,1581089141.cds002.wa1.c
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2659025
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 22660
x-amz-id-2: MPCMjihRxXRhEttqgqhSP3y6TD6Izu/9f9Lk/1KB1OPDLPJErPj/LffxSuztzjQtE7YYLyc+xWY=

GET
H/1.1 200
OK userzoom-claim.svg
assets-cdn.userzoom.com/images/logos/ 74 KB
74 KB 156ms
40ms Image
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-cdn.userzoom.com/images/logos/userzoom-claim.svg
Requested by: Host: signin.auth.userzoom.com
URL: https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: e3ab5304e36c1d62e5ccfacd44510dff5975fd9ca2d56968015ac9183375da0f

Request headers

Referer: https://signin.auth.userzoom.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 07 Feb 2020 15:25:41 GMT
Last-Modified: Fri, 07 Feb 2020 08:20:07 GMT
Server: AmazonS3
x-amz-request-id: 980BD217FB958B7D
ETag: "39071d36dc3b5f64a94e103da2d13200"
X-HW: 1581089141.dop004.wa1.t,1581089141.cds003.wa1.shn,1581089141.dop004.wa1.t,1581089141.cds011.wa1.c
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=2669709
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 75724
x-amz-id-2: mcp+U5wm591Pw8JFJju8B5txnJFvt1WWkSaZvEEAP+RveC4DQtV9HPy4idax96oLwvwZ8u2dryE=

GET
H/1.1 200
OK OpenSans-Semibold-webfont.woff
assets-cdn.userzoom.com/fonts/open-sans/semi-bold/ 22 KB
23 KB 41ms
41ms Font
application/font-woff 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-cdn.userzoom.com/fonts/open-sans/semi-bold/OpenSans-Semibold-webfont.woff
Requested by: Host: signin.auth.userzoom.com
URL: https://signin.auth.userzoom.com/lo/reset?ticket=7WC4QU15Oah6Fo2nejsHREmZoCVRUM6O&email=sinead.reid%40lloydsbanking.com&message=This%20URL%20can%20be%20used%20only%20once&success=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://signin.auth.userzoom.com/
Origin: https://signin.auth.userzoom.com

Response headers

Date: Fri, 07 Feb 2020 15:25:41 GMT
Last-Modified: Wed, 30 Oct 2019 07:52:48 GMT
Server: AmazonS3
x-amz-request-id: FC079EF80790553F
ETag: "697574b47bcfdd2c45e3e63c7380dd67"
X-HW: 1581089140.dop005.wa1.t,1581089141.cds004.wa1.shn,1581089141.dop005.wa1.t,1581089141.cds002.wa1.c
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2464498
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 22908
x-amz-id-2: mWWKYFF6Gunh4Nd48fb2jHTvQHL2MKRQ28E4A++GH3WUBSlusozSXLF7uRvl0n5tJANU3CpWKJE=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
signin.auth.userzoom.com/	1969-12-31 23:59:59	Name: a0_users:sess.sig Value: 6KeTgi-ZlsJL5Lq74AVOVxSPt44
signin.auth.userzoom.com/	1970-01-19 07:15:48	Name: auth0_compat Value: s%3AQ-tfYvzeJhqYhdbCHF2xFh69Wuh8PMp7.SGMHq9kGrxZGyB4%2BH9vvOoEu%2FwGhWwwMSJoCJ0Rl0zQ
signin.auth.userzoom.com/	1969-12-31 23:59:59	Name: a0_users:sess Value: eyJjc3JmU2VjcmV0IjoiTDZyc0ltS0FWWC1TVWFhajNEdjVpeUJqIn0=
signin.auth.userzoom.com/	1970-01-21 03:01:17	Name: did_compat Value: s%3Av0%3A1966c1c0-49be-11ea-a458-8f981f345a78.0YMiTc7Bh1VXr7pIPSTF5hlw8mlrgrxE%2BDDio%2BgmoJI
signin.auth.userzoom.com/	1970-01-19 07:15:48	Name: auth0 Value: s%3AQ-tfYvzeJhqYhdbCHF2xFh69Wuh8PMp7.SGMHq9kGrxZGyB4%2BH9vvOoEu%2FwGhWwwMSJoCJ0Rl0zQ
signin.auth.userzoom.com/	1970-01-21 03:01:17	Name: did Value: s%3Av0%3A1966c1c0-49be-11ea-a458-8f981f345a78.0YMiTc7Bh1VXr7pIPSTF5hlw8mlrgrxE%2BDDio%2BgmoJI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-cdn.userzoom.com
cdn.auth0.com
signin.auth.userzoom.com
143.204.215.119
205.185.216.10
54.154.221.210
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
3fe5b2041c68525062d46da77c01a4365d61c6b05ea3ff1440459e00cc46f3f6
e3ab5304e36c1d62e5ccfacd44510dff5975fd9ca2d56968015ac9183375da0f
ebbd1f2337a1b9518365fb20542810d58193b83c293c5f16b21d1f41f3779384

signin.auth.userzoom.com Open in urlscan Pro 54.154.221.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

204 kBTransfer

435 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

signin.auth.userzoom.com Open in urlscan Pro
54.154.221.210 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

204 kB
Transfer

435 kB
Size

6
Cookies

5 HTTP transactions
0 data transactions