urlscan.io logo urlscan.io
SecurityTrails logo

ap-southeast-1.signin.aws.amazon.com Open in urlscan Pro
15.197.21.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd
Submission: On June 14 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 15.197.21.1, located in United States and belongs to AMAZON-02, US. The main domain is ap-southeast-1.signin.aws.amazon.com. The Cisco Umbrella rank of the primary domain is 229416.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 14th 2023. Valid for: a year.
This is the only time ap-southeast-1.signin.aws.amazon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 15.197.21.1 16509 (AMAZON-02)
7 1
Apex Domain
Subdomains		 Transfer
7 amazon.com
ap-southeast-1.signin.aws.amazon.com — Cisco Umbrella Rank: 229416
805 KB
7 1
Domain Requested by
7 ap-southeast-1.signin.aws.amazon.com ap-southeast-1.signin.aws.amazon.com
7 1
Subject Issuer Validity Valid
ap-southeast-1.signin.aws
Amazon RSA 2048 M01		 2023-03-14 -
2024-03-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd
Frame ID: 81FAC7C8FE2F73594A6118D6F7DD597E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bad Request

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

805 kB
Transfer

808 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request d46c2fc1-50b7-4903-b2ba-65e728db8cbd
ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c8288bd24ce5a1a82fdfe850c6d1ca835c5e9d0b1f7ba5eee8fc0feaa0357de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

allow
POST
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 14 Jun 2023 08:27:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
Server
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
style.css
ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/ 		580 KB
582 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Requested by
Host: ap-southeast-1.signin.aws.amazon.com
URL: https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bc01d1ed11f60d28513ee23b0714586672d308b39884697dad01600b065ac370
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-ByQt1pqsFi9NF4y7QdWweQ=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-ByQt1pqsFi9NF4y7QdWweQ=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 08:27:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-ByQt1pqsFi9NF4y7QdWweQ=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-ByQt1pqsFi9NF4y7QdWweQ=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
last-modified
Wed, 31 May 2023 19:38:40 GMT
server
Server
etag
W/"594398-1685561920000"
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
content-length
594398
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
aws_smile-header-desktop-en-white_59x35.png
ap-southeast-1.signin.aws.amazon.com/static/images/logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap-southeast-1.signin.aws.amazon.com/static/images/logos/aws_smile-header-desktop-en-white_59x35.png
Requested by
Host: ap-southeast-1.signin.aws.amazon.com
URL: https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2ed301628c09c91f0b52fa2c005971d7439ebc504ac5eaa36f864d90d26e9198
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-IKqnya7grvJ8StfAAq5w/Q=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-IKqnya7grvJ8StfAAq5w/Q=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 08:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-IKqnya7grvJ8StfAAq5w/Q=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-IKqnya7grvJ8StfAAq5w/Q=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
content-encoding
gzip
server
Server
x-frame-options
DENY
vary
accept-encoding
content-type
text/html
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
AmazonEmber_Rg.woff2
ap-southeast-1.signin.aws.amazon.com/static/fonts/amazon-ember/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ap-southeast-1.signin.aws.amazon.com/static/fonts/amazon-ember/AmazonEmber_Rg.woff2
Requested by
Host: ap-southeast-1.signin.aws.amazon.com
URL: https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
925a2905616c4815dd77a2a6c5781cc6a92ff14e5b3cb2de2a548229324b85b5
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-f6MCdFj517vnGlRaIxGEPw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-f6MCdFj517vnGlRaIxGEPw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Origin
https://ap-southeast-1.signin.aws.amazon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 08:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-f6MCdFj517vnGlRaIxGEPw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-f6MCdFj517vnGlRaIxGEPw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
last-modified
Wed, 31 May 2023 19:38:40 GMT
server
Server
etag
W/"37504-1685561920000"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
content-length
37504
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
AmazonEmber_Lt.woff2
ap-southeast-1.signin.aws.amazon.com/static/fonts/amazon-ember/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ap-southeast-1.signin.aws.amazon.com/static/fonts/amazon-ember/AmazonEmber_Lt.woff2
Requested by
Host: ap-southeast-1.signin.aws.amazon.com
URL: https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d1d02f339d6fc5b3f54f00811805b2c022be10f0f391dbc81c5864bbb801ebb0
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-5b5beDTh4XrCB4N3FbJf+Q=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-5b5beDTh4XrCB4N3FbJf+Q=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Origin
https://ap-southeast-1.signin.aws.amazon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 08:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-5b5beDTh4XrCB4N3FbJf+Q=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-5b5beDTh4XrCB4N3FbJf+Q=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
last-modified
Wed, 31 May 2023 19:38:40 GMT
server
Server
etag
W/"35620-1685561920000"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
content-length
35620
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
AmazonEmber_Bd.woff2
ap-southeast-1.signin.aws.amazon.com/static/fonts/amazon-ember/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ap-southeast-1.signin.aws.amazon.com/static/fonts/amazon-ember/AmazonEmber_Bd.woff2
Requested by
Host: ap-southeast-1.signin.aws.amazon.com
URL: https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f0bad40d3c9d66a18d2caabe414275b51923133f71d7bb2331e6ecc0b3994c93
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-GPlLxaWS94d5QRHFfrPnLg=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-GPlLxaWS94d5QRHFfrPnLg=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Origin
https://ap-southeast-1.signin.aws.amazon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 08:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-GPlLxaWS94d5QRHFfrPnLg=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-GPlLxaWS94d5QRHFfrPnLg=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
last-modified
Wed, 31 May 2023 19:38:40 GMT
server
Server
etag
W/"35988-1685561920000"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
content-length
35988
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
fontawesome-webfont.woff
ap-southeast-1.signin.aws.amazon.com/static/fonts/fontawesome/4.7.0/ 		96 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ap-southeast-1.signin.aws.amazon.com/static/fonts/fontawesome/4.7.0/fontawesome-webfont.woff
Requested by
Host: ap-southeast-1.signin.aws.amazon.com
URL: https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.21.1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-epDmP35J0b/jzHxeCFsjiQ=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-epDmP35J0b/jzHxeCFsjiQ=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ap-southeast-1.signin.aws.amazon.com/static/styles/ep-style/style.css
Origin
https://ap-southeast-1.signin.aws.amazon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 08:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-epDmP35J0b/jzHxeCFsjiQ=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-epDmP35J0b/jzHxeCFsjiQ=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
last-modified
Wed, 31 May 2023 19:38:40 GMT
server
Server
etag
W/"98024-1685561920000"
x-frame-options
DENY
content-type
font/woff
accept-ranges
bytes
content-length
98024
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Domain/Path Name / Value
.amazon.com/ Name: aws-ubid-main
Value: 331-0470026-5211115

3 Console Messages

Source Level URL
Text
network error URL: https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd
Message:
Failed to load resource: the server responded with a status of 405 ()
security error URL: https://ap-southeast-1.signin.aws.amazon.com/platform/saml/acs/d46c2fc1-50b7-4903-b2ba-65e728db8cbd(Line 4)
Message:
The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network error URL: https://ap-southeast-1.signin.aws.amazon.com/static/images/logos/aws_smile-header-desktop-en-white_59x35.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block