avivahealth-emailverification.square-health.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 13.225.78.15, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is avivahealth-emailverification.square-health.com.
TLS certificate: Issued by Amazon on November 24th 2020. Valid for: a year.

This is the only time avivahealth-emailverification.square-health.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	13.225.78.15 13.225.78.15	16509 (AMAZON-02) (AMAZON-02)
2	108.128.142.161 108.128.142.161	16509 (AMAZON-02) (AMAZON-02)
6	2

4 13.225.78.15 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-15.fra2.r.cloudfront.net

avivahealth-emailverification.square-health.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.142.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-142-161.eu-west-1.compute.amazonaws.com

poqu6l392e.execute-api.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	square-health.com avivahealth-emailverification.square-health.com	531 KB
2	amazonaws.com poqu6l392e.execute-api.eu-west-1.amazonaws.com	405 B
6	2

	Domain	Requested by
4	avivahealth-emailverification.square-health.com	avivahealth-emailverification.square-health.com
2	poqu6l392e.execute-api.eu-west-1.amazonaws.com	avivahealth-emailverification.square-health.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
avivahealth-emailverification.square-health.com Amazon	`2020-11-24` - `2021-12-23`	a year	crt.sh
*.execute-api.eu-west-1.amazonaws.com Amazon	`2021-07-31` - `2022-08-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://avivahealth-emailverification.square-health.com/
Frame ID: DBB5E5593DF2EEA2658CF5EBE449BF55
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aviva Health

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

532 kB
Transfer

530 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response avivahealth-emailverification.square-health.com/	414 B 737 B	66ms 17ms	Document text/html	13.225.78.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avivahealth-emailverification.square-health.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.15 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-15.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `02592be88eaf9ce4f96eae60f58789478fa880798dfd85cb2912eabd7034b483` Request headers :method GET :authority avivahealth-emailverification.square-health.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 414 date Sun, 24 Oct 2021 19:23:25 GMT last-modified Wed, 13 May 2020 08:37:21 GMT etag "f067b36aac6cbdd1b62e7f1b72b28e35" accept-ranges bytes server AmazonS3 x-cache Hit from cloudfront via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id P5tEsrA6me6ShICksRZU2iMjzImhgKwmA2MZCghoeRLvBs2ddB482w== age 46858
GET H2	200	bundlefile.js Show response avivahealth-emailverification.square-health.com/	495 KB 497 KB	19ms 19ms	Script application/javascript	13.225.78.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avivahealth-emailverification.square-health.com/bundlefile.js Requested by Host: avivahealth-emailverification.square-health.com URL: https://avivahealth-emailverification.square-health.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.15 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-15.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `01839472b7bcb8a28021c4d04c883832e3db16a1c3d9fa7fc89d726613135146` Request headers :path /bundlefile.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority avivahealth-emailverification.square-health.com referer https://avivahealth-emailverification.square-health.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://avivahealth-emailverification.square-health.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 25 Oct 2021 06:34:38 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) last-modified Wed, 13 May 2020 08:37:26 GMT server AmazonS3 age 6585 etag "5f29499b70017f3c15b7e84bc8f0eb92" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 507353 x-amz-cf-id 0pZxarRThAu7nvgw5WH4XW1fGePh_1b9PwLrB31vL5Fp9lDmad2hRA==
POST H2	500	verify-code Show response poqu6l392e.execute-api.eu-west-1.amazonaws.com/PROD/anonymous/	193 B 405 B	188ms 188ms	Fetch application/json	108.128.142.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://poqu6l392e.execute-api.eu-west-1.amazonaws.com/PROD/anonymous/verify-code Requested by Host: avivahealth-emailverification.square-health.com URL: https://avivahealth-emailverification.square-health.com/bundlefile.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.142.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-142-161.eu-west-1.compute.amazonaws.com Software / Resource Hash `fa8580f626ef84fb7dfa302d08e623903abb2800edf58b97d83c8d10042db803` Request headers Referer https://avivahealth-emailverification.square-health.com/ Accept-Language de-DE,de;q=0.9 x-client-name avivahealth User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 x-api-key eB9Zc5xWez3Ahh0xONEef4bWXCxjPcIQaRzXbWZC content-type application/json Response headers access-control-allow-origin * date Mon, 25 Oct 2021 08:24:22 GMT x-amzn-requestid 11c57b01-e89e-44d7-9ecd-829e9dc30b25 x-amz-apigw-id HwV0kFH4DoEF3KA= x-amzn-trace-id Root=1-617669b6-501683dc6ec56b884a6d379d;Sampled=0 content-length 193 content-type application/json
GET H2	200	49f1add789df50d19fb3036c24acb1ca.png avivahealth-emailverification.square-health.com/	6 KB 6 KB	11ms 11ms	Image image/png	13.225.78.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://avivahealth-emailverification.square-health.com/49f1add789df50d19fb3036c24acb1ca.png Requested by Host: avivahealth-emailverification.square-health.com URL: https://avivahealth-emailverification.square-health.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.15 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-15.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `4173017fc622cf9da166aacb1408375b44a677f38ee585d577c534dc4000f0d7` Request headers :path /49f1add789df50d19fb3036c24acb1ca.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority avivahealth-emailverification.square-health.com referer https://avivahealth-emailverification.square-health.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://avivahealth-emailverification.square-health.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 25 Oct 2021 06:34:39 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) last-modified Wed, 13 May 2020 08:37:21 GMT server AmazonS3 age 6584 etag "49f1add789df50d19fb3036c24acb1ca" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 5885 x-amz-cf-id 3KYYMZjgO368rrFD4I_rxiVKUhZdMbsFAA0NnUSIWg8E2btIWvw7jg==
GET H2	200	04f897d678e682324ab0301f091fa40c.otf avivahealth-emailverification.square-health.com/	28 KB 28 KB	12ms 12ms	Font binary/octet-stream	13.225.78.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://avivahealth-emailverification.square-health.com/04f897d678e682324ab0301f091fa40c.otf Requested by Host: avivahealth-emailverification.square-health.com URL: https://avivahealth-emailverification.square-health.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.15 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-15.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `3df9b0592c6a81d7deefdcd93712c87cbaf62a38ffdc355191bd7ed3b27e067f` Request headers :path /04f897d678e682324ab0301f091fa40c.otf pragma no-cache origin https://avivahealth-emailverification.square-health.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority avivahealth-emailverification.square-health.com referer https://avivahealth-emailverification.square-health.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://avivahealth-emailverification.square-health.com/ Origin https://avivahealth-emailverification.square-health.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 19:21:27 GMT via 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront) last-modified Wed, 13 May 2020 08:37:21 GMT server AmazonS3 age 46976 etag "04f897d678e682324ab0301f091fa40c" x-cache Hit from cloudfront content-type binary/octet-stream x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 28436 x-amz-cf-id na-g5n5uhQCcco8lNiwxD3uiHlk8UWtzSKfz00r7DvMdWdLv5jlg3g==
OPTIONS H2	200	verify-code poqu6l392e.execute-api.eu-west-1.amazonaws.com/PROD/anonymous/	0 0	106ms 33ms	Preflight application/json	108.128.142.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://poqu6l392e.execute-api.eu-west-1.amazonaws.com/PROD/anonymous/verify-code Protocol H2 Server 108.128.142.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-142-161.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Accept / Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-api-key,x-client-name Origin https://avivahealth-emailverification.square-health.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 25 Oct 2021 08:24:22 GMT content-type application/json content-length 0 x-amzn-requestid 5ed86dfe-656a-4753-8a9a-c44f38b2f693 access-control-allow-origin * access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-client-name x-amz-apigw-id HwV0jE45joEFuQw= access-control-allow-methods OPTIONS,POST

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| _0x2cf0 function| _0x6cbe

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://poqu6l392e.execute-api.eu-west-1.amazonaws.com/PROD/anonymous/verify-code Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avivahealth-emailverification.square-health.com
poqu6l392e.execute-api.eu-west-1.amazonaws.com
108.128.142.161
13.225.78.15
01839472b7bcb8a28021c4d04c883832e3db16a1c3d9fa7fc89d726613135146
02592be88eaf9ce4f96eae60f58789478fa880798dfd85cb2912eabd7034b483
3df9b0592c6a81d7deefdcd93712c87cbaf62a38ffdc355191bd7ed3b27e067f
4173017fc622cf9da166aacb1408375b44a677f38ee585d577c534dc4000f0d7
fa8580f626ef84fb7dfa302d08e623903abb2800edf58b97d83c8d10042db803

avivahealth-emailverification.square-health.com Open in urlscan Pro 13.225.78.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

532 kBTransfer

530 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

avivahealth-emailverification.square-health.com Open in urlscan Pro
13.225.78.15 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

532 kB
Transfer

530 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions