![](/screenshots/3cbe3e53-f73d-449e-92de-0484608087ab.png)
gamma.na.rtw.whs.amazon.dev
Open in
urlscan Pro
2600:9000:206f:d200:12:99f0:2ec0:93a1
Public Scan
Submission Tags: @phishunt_io
Submission: On February 26 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on February 26th 2024. Valid for: a year.
This is the only time gamma.na.rtw.whs.amazon.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2600:9000:206... 2600:9000:206f:d200:12:99f0:2ec0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:235... 2600:9000:2359:3600:14:9281:8200:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 52.30.68.186 52.30.68.186 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 52.94.218.63 52.94.218.63 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 4 |
ASN16509 (AMAZON-02, US)
gamma.na.rtw.whs.amazon.dev |
ASN16509 (AMAZON-02, US)
d1uznvntk80v7s.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-68-186.eu-west-1.compute.amazonaws.com
internal-cdn.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
amazon.dev
gamma.na.rtw.whs.amazon.dev |
2 MB |
3 |
amazon.com
2 redirects
internal-cdn.amazon.com — Cisco Umbrella Rank: 127389 midway-auth.amazon.com — Cisco Umbrella Rank: 86048 |
2 KB |
1 |
cloudfront.net
d1uznvntk80v7s.cloudfront.net |
1 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
6 | gamma.na.rtw.whs.amazon.dev |
gamma.na.rtw.whs.amazon.dev
|
2 | midway-auth.amazon.com |
1 redirects
gamma.na.rtw.whs.amazon.dev
|
1 | internal-cdn.amazon.com | 1 redirects |
1 | d1uznvntk80v7s.cloudfront.net |
gamma.na.rtw.whs.amazon.dev
|
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gamma.na.rtw.whs.amazon.dev Amazon RSA 2048 M02 |
2024-02-26 - 2025-03-27 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gamma.na.rtw.whs.amazon.dev/
Frame ID: 8DF7E5C7DEF867D4A0B33177331CC412
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://internal-cdn.amazon.com/badgephotos.amazon.com/?uid= HTTP 307
- https://midway-auth.amazon.com/SSO/redirect?redirect_uri=https%3A%2F%2Finternal-cdn.amazon.com%2Fbadgephotos.amazon.com%2F%3Fuid%3D&client_id=https%3A%2F%2Finternal-cdn.amazon.com%3A443&scope=openid&response_type=id_token&nonce=fac2d1e5aaddf8085b285d15835b26a2e752f3d91bbf8e244bf88e956c7e748c&sentry_handler_version=midwaygateway&response_mode=query&state=%2Fbadgephotos.amazon.com%2F%3Fuid%3D HTTP 302
- https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fredirect_uri%3Dhttps%253A%252F%252Finternal-cdn.amazon.com%252Fbadgephotos.amazon.com%252F%253Fuid%253D%26client_id%3Dhttps%253A%252F%252Finternal-cdn.amazon.com%253A443%26scope%3Dopenid%26response_type%3Did_token%26nonce%3Dfac2d1e5aaddf8085b285d15835b26a2e752f3d91bbf8e244bf88e956c7e748c%26sentry_handler_version%3Dmidwaygateway%26response_mode%3Dquery%26state%3D%252Fbadgephotos.amazon.com%252F%253Fuid%253D&require_digital_identity=false
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
gamma.na.rtw.whs.amazon.dev/ |
515 B 955 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webcomponents-loader.2.8.0.js
d1uznvntk80v7s.cloudfront.net/webcomponents/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.fc02de28.js
gamma.na.rtw.whs.amazon.dev/ |
2 MB 529 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.c782aa66.css
gamma.na.rtw.whs.amazon.dev/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
226 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
midway-auth.amazon.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.f8d4e821.png
gamma.na.rtw.whs.amazon.dev/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nda.523f5f10.png
gamma.na.rtw.whs.amazon.dev/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.93d03ca4.i18next.json
gamma.na.rtw.whs.amazon.dev/i18n/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| WebComponents object| litHtmlVersions object| regeneratorRuntime function| JSCompiler_renameProperty object| litElementVersions object| KatalReady boolean| KATAL_CONVERT_WEBLAB_META_ELEMENT_EXECUTED function| _3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
internal-cdn.amazon.com/ | Name: amzn_sso_rfp Value: 225d0be46f24254b |
|
midway-auth.amazon.com/ | Name: kerberos_disabled Value: 1 |
|
midway-auth.amazon.com/ | Name: session Value: eyJraWQiOiIzMDEiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..dYbhRe6Qrcrwz608Z--hzQ.fXoBpsdgcSJBgK6AV7G_CpRH8k3-g8gKHAWIuQVr7Am1Ij6R5qbN69-qU-Sj-71AXquiYHBWU87SLkiiwndWOYz40Ay8js_hAVlgDyNQuoDJZssL-Tc_w0YsWFz6j0u7KGbgN7Hy1QxTNJSEb0KDWvkWcaN15ILy6Iqj4hJn1Z2jd9HcM3M1YZ_dAX2K-eOV94JceRTTr7Nnmq_XkLjRnqzMEV_EzpzVpnKKWMv8VSXfv2TmiBwnfdSpKe8_3Po2.CaRdC2WKaeUWRFWINh-Yjw |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d1uznvntk80v7s.cloudfront.net
gamma.na.rtw.whs.amazon.dev
internal-cdn.amazon.com
midway-auth.amazon.com
2600:9000:206f:d200:12:99f0:2ec0:93a1
2600:9000:2359:3600:14:9281:8200:21
52.30.68.186
52.94.218.63
08b4be362fc2e53d008e3ed35a6464b4aef593a7efeaf6d32603f17d19fcdebe
150c7c00df479e9fe05fceff40fbdb59d2eecf2f9c7267e5e7843924c7e9d548
2c6f39d1cbab0ba205045652d75dfd6a599a406d9d549193d8ce5669edcf94ba
70f4e3e919eb41762cce0d6873a7cfbad372cb23f3e1ade4ec5bce5620d17a68
8dfa7cc8846643e39ee7c2e79ccf2aa75cd94f12960ce5e6abe061660f886dc9
b66698213e72425072a6f687c502a4c4dabe79dbe241bfef92017ca33f525070
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee29086a772864cf4473dc68d0de68897523b626c083cbb08ee2a33b00b119cb
f4cf32f20ca0d1fe63552ff1fe08589782217ce9e32c4f3d2c4271b8390b5564