![](/screenshots/78baf64d-f9a5-4103-91fe-48f2dcc41f71.png)
idp.federate.amazon.com
Open in
urlscan Pro
3.210.206.5
Public Scan
Effective URL: https://idp.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJda8IwFIbv9ytK7tOmtbou2A6ZCIIyUDfYbkZMj5phky4ndR%2B%2FfrHWMW%2B8z...
Submission Tags: @phishunt_io
Submission: On June 13 via api from DE — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on April 10th 2024. Valid for: a year.
This is the only time idp.federate.amazon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 18.164.124.44 18.164.124.44 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2600:9000:21d... 2600:9000:21da:600:1f:1e90:d200:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2600:1f18:257... 2600:1f18:257:8001:91fe:499b:7bcd:13ff | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 3.210.206.5 3.210.206.5 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 52.46.136.120 52.46.136.120 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-44.jfk50.r.cloudfront.net
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev |
ASN16509 (AMAZON-02, US)
d2beun48pmgqbs.cloudfront.net |
ASN14618 (AMAZON-AES, US)
jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-206-5.compute-1.amazonaws.com
idp.federate.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
amazon.com
idp.federate.amazon.com — Cisco Umbrella Rank: 77844 unagi-na.amazon.com — Cisco Umbrella Rank: 870 |
2 KB |
4 |
cloudfront.net
d2beun48pmgqbs.cloudfront.net |
122 KB |
4 |
amazon.dev
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev |
469 KB |
1 |
amazoncognito.com
1 redirects
jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com |
2 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
4 | d2beun48pmgqbs.cloudfront.net |
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev
d2beun48pmgqbs.cloudfront.net |
4 | ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev |
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev
|
2 | unagi-na.amazon.com |
d2beun48pmgqbs.cloudfront.net
|
2 | idp.federate.amazon.com |
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev
|
1 | jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com | 1 redirects |
12 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev Amazon RSA 2048 M02 |
2024-06-13 - 2025-07-11 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
idp.federate.amazon.com Amazon RSA 2048 M03 |
2024-04-10 - 2025-05-08 |
a year | crt.sh |
unagi-na.amazon.com Amazon RSA 2048 M01 |
2024-01-18 - 2025-01-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://idp.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJda8IwFIbv9ytK7tOmtbou2A6ZCIIyUDfYbkZMj5phky4ndR%2B%2FfrHWMW%2B8zMn7cXiS4f1XtQ8OYFEZnZM4ZCQALU2p9DYnT6sJzch9cTNEUe2Tmo8at9ML%2BGgAXTBCBOu878FobCqwS7AHJeFpMcvJzrkaeRS9%2BzttPmmDFAQ6GtPamjIUPij8m4WiEj%2FG1261ciaUporawkiVtQWsfQaQYOxLlRau3fSc7xXhBkqwwkEX0%2FpFrbqMQxwhGhJMxzl5Ez3IeuWG0RTkgKZp0qciWTPKjtNsLfu32dpLERuYanRCu5wkLEkpG9C4t2IpZxlnd2E8SF5J8Hzmlhy5eZIa%2BYlUThqruRGokGtRAXIn%2BXI0n3Ev5R6BM9LsSXECy9tCG0yMrYS77j1OVEk3rZSDdsp9X3Rft4vzo5HiKDsR4x15jjX%2Fe5S3WMYLOX2cvwyj%2F1sW3fHyNxS%2F&RelayState=H4sIAAAAAAAAAE1Q2Y7aMBT9Fz_jTFYceMtQlkCAEYhRoKqQ4yUJxHGIHRio-u81U82oT_fq3LNcnd8AgyHoFGRYaegcHeJsSLxe7kEPZOYSCfyQ9YRR1mLNDEgM6GFWKY5Q7Tc10XmAgg5nmNZNZQjUEAqtGzV8eelK69vaalpJrQwLqxQ001eIG2HhT3uLsqtRMqMkkj5TuFm30TIxaw6GP4FsWF3SJ0fg8pmCb8oiMq9LLS1VmlmbJNZamIqyNncTxsuKgV89UBiv5K1_95GYqQLluVrPebjbPi6Lwtl26QXvnjlnQ1v4KjrM-pPxcfcjQex0HJT3s3pXm9Qh_IHyxomCS1wtMyGPO1psLhPqL9rDerWpEj-u0j27H0ZK82ty7YqPMcn6OxKP0GJ2k029vohitRXE-zjPl3vNXFW1KMUxYydnNZ6k63jLi3SyuT3aVIav5-n7aHor3-ZcepWYosMsamDiB4vpbHoeR-bjynx8krWq5Q1-1ww_a8adLv6r_l_NX30RKYxagKGDnNANnH44MIWBIceVYj3QGluUYZ95fAA9mwfQ5w6FmYswpCGjg2Bgc2S7xkMb6hF7LPQot6HPSB_6vhtA7GY2tJ9omJEAhRn48xeQxDICaQIAAA.H4sIAAAAAAAAAGubvHaCTmXiF3Zfq47i5-ckbrbN7jbd2GD0Wmvi7dyYWmkAWa8VWyAAAAA.4
Frame ID: D523A611D77B1946DF7F9E143F318902
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/78baf64d-f9a5-4103-91fe-48f2dcc41f71.png)
Page URL History Show full URLs
- https://ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev/ Page URL
-
https://jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fui.us-east-1.prod.bam.imdbtv-apm...
HTTP 302
https://idp.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJda8IwFIbv9ytK7tOmtbou2A6ZCIIyUDfYbkZMj5phky4... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev/ Page URL
-
https://jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fui.us-east-1.prod.bam.imdbtv-apm.amazon.dev&response_type=code&client_id=3aelsf77n4pnctg575uabadnpl&state=LP6y47mHsh7ggsOJf8USzqKh1SuXqaUL&scope=openid%20email%20aws.cognito.signin.user.admin%20profile
HTTP 302
https://idp.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJda8IwFIbv9ytK7tOmtbou2A6ZCIIyUDfYbkZMj5phky4ndR%2B%2FfrHWMW%2B8zMn7cXiS4f1XtQ8OYFEZnZM4ZCQALU2p9DYnT6sJzch9cTNEUe2Tmo8at9ML%2BGgAXTBCBOu878FobCqwS7AHJeFpMcvJzrkaeRS9%2BzttPmmDFAQ6GtPamjIUPij8m4WiEj%2FG1261ciaUporawkiVtQWsfQaQYOxLlRau3fSc7xXhBkqwwkEX0%2FpFrbqMQxwhGhJMxzl5Ez3IeuWG0RTkgKZp0qciWTPKjtNsLfu32dpLERuYanRCu5wkLEkpG9C4t2IpZxlnd2E8SF5J8Hzmlhy5eZIa%2BYlUThqruRGokGtRAXIn%2BXI0n3Ev5R6BM9LsSXECy9tCG0yMrYS77j1OVEk3rZSDdsp9X3Rft4vzo5HiKDsR4x15jjX%2Fe5S3WMYLOX2cvwyj%2F1sW3fHyNxS%2F&RelayState=H4sIAAAAAAAAAE1Q2Y7aMBT9Fz_jTFYceMtQlkCAEYhRoKqQ4yUJxHGIHRio-u81U82oT_fq3LNcnd8AgyHoFGRYaegcHeJsSLxe7kEPZOYSCfyQ9YRR1mLNDEgM6GFWKY5Q7Tc10XmAgg5nmNZNZQjUEAqtGzV8eelK69vaalpJrQwLqxQ001eIG2HhT3uLsqtRMqMkkj5TuFm30TIxaw6GP4FsWF3SJ0fg8pmCb8oiMq9LLS1VmlmbJNZamIqyNncTxsuKgV89UBiv5K1_95GYqQLluVrPebjbPi6Lwtl26QXvnjlnQ1v4KjrM-pPxcfcjQex0HJT3s3pXm9Qh_IHyxomCS1wtMyGPO1psLhPqL9rDerWpEj-u0j27H0ZK82ty7YqPMcn6OxKP0GJ2k029vohitRXE-zjPl3vNXFW1KMUxYydnNZ6k63jLi3SyuT3aVIav5-n7aHor3-ZcepWYosMsamDiB4vpbHoeR-bjynx8krWq5Q1-1ww_a8adLv6r_l_NX30RKYxagKGDnNANnH44MIWBIceVYj3QGluUYZ95fAA9mwfQ5w6FmYswpCGjg2Bgc2S7xkMb6hF7LPQot6HPSB_6vhtA7GY2tJ9omJEAhRn48xeQxDICaQIAAA.H4sIAAAAAAAAAGubvHaCTmXiF3Zfq47i5-ckbrbN7jbd2GD0Wmvi7dyYWmkAWa8VWyAAAAA.4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev/ |
630 B 1006 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katal.assetloader.flo.2ddb78d25220.scoped.min.js
d2beun48pmgqbs.cloudfront.net/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6550f43ef42d9e581397.min.css
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev/ |
433 KB 101 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6550f43ef42d9e581397.min.js
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev/ |
2 MB 365 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katal.flo.components.4897318a4b5bc6545dc5.scoped.css
d2beun48pmgqbs.cloudfront.net/ |
120 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics.826eef3180693a982a26.js
d2beun48pmgqbs.cloudfront.net/ |
96 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katal.flo.components.cc87f8643433789bef32.min.js
d2beun48pmgqbs.cloudfront.net/ |
276 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev/i18n/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sso
idp.federate.amazon.com/api/saml2/v1/ Redirect Chain
|
130 B 721 B |
Document
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
com.amazon.eel.katal.metrics.core.nexus
unagi-na.amazon.com/1/events/ |
2 B 623 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
com.amazon.eel.katal.metrics.core.nexus.sellercentral
unagi-na.amazon.com/1/events/ |
2 B 623 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
idp.federate.amazon.com/ |
520 B 590 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: 6dbf5b14-4ac9-4799-bdc1-e845da56640b |
|
jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: K4sAZH6FE_UDL7ej_9iyksVsRX1cfz7gp1A5qIlMbmo_UdhRqFd4KrZONRlL4IlXYeyZCstfvLvuhxEcb6UcIC7KHwopnOqmhNSmc3xkJMYte2slr7XaIeej1NEFXOISfhXFRwzrXo8BkGVCGwiPJfo3lmG7ZHAp-L45KGHGkEA |
|
jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: K4sAZH6FE_UDL7ej_9iyksVsRX1cfz7gp1A5qIlMbmo_UdhRqFd4KrZONRlL4IlXYeyZCstfvLvuhxEcb6UcIC7KHwopnOqmhNSmc3xkJMYte2slr7XaIeej1NEFXOISfhXFRwzrXo8BkGVCGwiPJfo3lmG7ZHAp-L45KGHGkEA |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d2beun48pmgqbs.cloudfront.net
idp.federate.amazon.com
jonsnow-us-east-1-prod.auth.us-east-1.amazoncognito.com
ui.us-east-1.prod.bam.imdbtv-apm.amazon.dev
unagi-na.amazon.com
18.164.124.44
2600:1f18:257:8001:91fe:499b:7bcd:13ff
2600:9000:21da:600:1f:1e90:d200:21
3.210.206.5
52.46.136.120
40de28756324fde421e8c905ca1bf76a7fb7ad9d9280b5b73abf9eda067e7fe0
52ae7b367312e7df0b201ad053c4f3bb3f50dd3dd4a13d356dd546c457d8f9ba
59319a4ceb42a72690fd50fc4ecb818baa24e0b3fd902c157ca20aadbb71cefa
85cf93a176eab45b472c2b2fe5b4ce5381e6d7d83a6b03399d298c6ccbfd9997
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
a89c468fcdae4419a1c6a4b32186660f721b4ea36ed7ac796e709f953a40ea8b
fa46c0fda73cc6441c3244691c6fe2331f2133521288ce7d15a2c8cdea9dbae8