urlscan.io logo urlscan.io
SecurityTrails logo

login-recovery.eidu.com Open in urlscan Pro
18.66.112.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://login-recovery.eidu.com/
Submission: On September 30 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 18.66.112.75, located in United States and belongs to AMAZON-02, US. The main domain is login-recovery.eidu.com.
TLS certificate: Issued by Amazon on September 29th 2022. Valid for: a year.
This is the only time login-recovery.eidu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18.66.112.75 16509 (AMAZON-02)
3 1
Apex Domain
Subdomains		 Transfer
3 eidu.com
login-recovery.eidu.com
343 KB
3 1
Domain Requested by
3 login-recovery.eidu.com login-recovery.eidu.com
3 1

This site contains no links.

Subject Issuer Validity Valid
login-recovery.eidu.com
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login-recovery.eidu.com/
Frame ID: EE16F2C408F22B0E21FBDBBD0F7DC758
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EIDU Login recovery

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

343 kB
Transfer

341 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login-recovery.eidu.com/ 		475 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login-recovery.eidu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b26e20e562c8a863a00ca13747f2c62abd36e49791bc85fa09f5d419b0decbb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
475
content-type
text/html
date
Fri, 30 Sep 2022 05:18:11 GMT
etag
"e8a2ebb16bcc8d73d7f4b0426836d5af"
last-modified
Thu, 29 Sep 2022 16:59:33 GMT
server
AmazonS3
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id
j9spLIHivuypxTOqhtCA9e_k6IQWlYjb68ENnlkdIkIVA-n86NgQ-w==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
index.1df313cf.js
login-recovery.eidu.com/assets/ 		341 KB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-recovery.eidu.com/assets/index.1df313cf.js
Requested by
Host: login-recovery.eidu.com
URL: https://login-recovery.eidu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f53f8e84ec380fe60e58e674c8d2255ab71ddc3c6a8f9a9ffc036d4f238d62

Request headers

Referer
https://login-recovery.eidu.com/
Origin
https://login-recovery.eidu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:18:11 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 16:59:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"3496032f8cc2acba2a2e3177931c3c21"
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
348675
x-amz-cf-id
WTO4Dff2SbNxM59WmaLAa_wD4aV2LBhqlsI7Mw-5puz3jbO3X_eyMA==
index.9870603d.css
login-recovery.eidu.com/assets/ 		215 B
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-recovery.eidu.com/assets/index.9870603d.css
Requested by
Host: login-recovery.eidu.com
URL: https://login-recovery.eidu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9870603dc17d95a4b426bb7841668d99fd6c70c833f8308c77a1aa6099e685c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-recovery.eidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:18:11 GMT
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 16:59:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"82ab3a5fa3b36bacee306d6111e5a8fd"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
215
x-amz-cf-id
3B8TjUC0AqnIfRVQsAqUQ8TczdPIeqASQcVTFkVlvEBkBPSIMIci6A==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login-recovery.eidu.com
18.66.112.75
37f53f8e84ec380fe60e58e674c8d2255ab71ddc3c6a8f9a9ffc036d4f238d62
4b26e20e562c8a863a00ca13747f2c62abd36e49791bc85fa09f5d419b0decbb
9870603dc17d95a4b426bb7841668d99fd6c70c833f8308c77a1aa6099e685c3