midway-auth.amazon.com
Open in
urlscan Pro
52.94.220.70
Public Scan
Effective URL: https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-eu-west-1.federate.amazon.com&redirect_uri=https%3A%2F%...
Submission: On February 13 via manual from US
Summary
TLS certificate: Issued by Amazon on August 29th 2019. Valid for: a year.
This is the only time midway-auth.amazon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 4 | 35.172.143.200 35.172.143.200 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 52.16.241.246 52.16.241.246 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 52.94.220.70 52.94.220.70 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-143-200.compute-1.amazonaws.com
amzn.determine.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-241-246.eu-west-1.compute.amazonaws.com
idp.federate.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
amazon.com
1 redirects
idp.federate.amazon.com midway-auth.amazon.com |
160 KB |
4 |
determine.com
3 redirects
amzn.determine.com |
3 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
5 | midway-auth.amazon.com |
amzn.determine.com
midway-auth.amazon.com |
4 | amzn.determine.com | 3 redirects |
1 | idp.federate.amazon.com | 1 redirects |
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.determine.com Go Daddy Secure Certificate Authority - G2 |
2018-06-15 - 2020-07-15 |
2 years | crt.sh |
midway-auth.dub.amazon.com Amazon |
2019-08-29 - 2020-08-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-eu-west-1.federate.amazon.com&redirect_uri=https%3A%2F%2Fidp-eu-west-1.federate.amazon.com%2Fapi%2Fv1%2Fintermediate&response_type=id_token&scope=openid&nonce=93RM80OKAULH3C3LU73LMFOOQ1&state=AYABeKOF6Sl0VmhWjiB9ffEuwREAIwABAAN0eG4AGjkzUk04ME9LQVVMSDNDM0xVNzNMTUZPT1ExAAEAB2F3cy1rbXMAS2Fybjphd3M6a21zOmV1LXdlc3QtMTo2NDIzOTcxNzAzNTA6a2V5LzRiODQxNTNhLTUyZDktNDM1MS04ODBkLTUwNDJiZjA4Mjg3ZAC4AQIBAHiaKf4f%2FKlHEp8JxNsyjAJLJ%2F1tg%2BG95EJW9Xuc9UqBigGjAhyE%2B7G4f3nmQT97muNeAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMPj1j5AiRIsaSvoKXAgEQgDvrH49xmvP7U4MhKX7pcv1dHhyyt9u0E5IODnkS%2FzCDGgOmMlVYGKVu1ZZ6HQmQeq3HhRTIF17O%2Bal%2BUgIAAAAADAAAEAAAAAAAAAAAAAAAAABS1ExvCz%2Bzd0kdR%2F6vL3wi%2F%2F%2F%2F%2FwAAAAEAAAAAAAAAAAAAAAEAAAHTfMGsYbVyudCwJs%2FaalQb3XQDmr54bHJaINMdiL3pfGqvyQfxQrLzo7UwTnidRebCBal3T9ZCXVnhQ9SqCwQPyuRDdO8h0Ox3GGnwK4K1nUEGUGnX0vrxYjquZmIlOyyzWoDw6aQEwqICA2jrN83blzg8Vxw00FLV00eAZ66rqF%2Fq26IwIhXZbWZUikbi%2BiVzsJOR6hw8Fjbv7wAUZYVpKMGeeD8yQds6rC8nHa9dJ5ohMzxRW2LcWGGO3uIauSPdOFrpxotSfzUr%2F8fi25%2BhEPVs9ta1GirOwG%2FMZ9zo9x0dubJfPogYkHnwiXSB7O31fEo6QRPcnG1suDpPYWY5KSZNecLel938Ua25mORS755XuJNn9thP0Igo68pI6zV6xAjbWq8nNP4CVZtOsTa5mh%2FMeflfClA%2BREAMTwOS0uGtrHnvbBz5VoTwc8TkDuJg3jaU5L7Zta2Q3NQxmHnRtspgo5KQYtqI%2B3noXuyYC5V%2BIkGfGzTzdho0rpCdusOD%2BBnqAReVCRK7o7HnFGXY%2Bx8M459IeiJ4IlCc3qwKfSnHeYuj%2BLJ%2Fcww%2FIXKS4zNYoMO8dOP7Vnjz4%2BytoqCY95s80501JfII3sTC4y4nrggN5zAIAI9DhCGmEcmN2YjqwnAU
Frame ID: DFD0DAC4C62B7E736F899C4D32FF22EC
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://amzn.determine.com/
HTTP 301
http://amzn.determine.com/p/index.php HTTP 302
https://amzn.determine.com/l/index.php Page URL
-
https://amzn.determine.com/l/protected/login.php?page=%2Fl%2Findex.php
HTTP 302
https://idp.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=nVLLbtswEPwVgXeJEuPENmEbcGIUMZC2RuzmkEuxIlc1AT5... HTTP 302
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-eu-west-1.federate.amazon.com&redir... Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://amzn.determine.com/
HTTP 301
http://amzn.determine.com/p/index.php HTTP 302
https://amzn.determine.com/l/index.php Page URL
-
https://amzn.determine.com/l/protected/login.php?page=%2Fl%2Findex.php
HTTP 302
https://idp.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=nVLLbtswEPwVgXeJEuPENmEbcGIUMZC2RuzmkEuxIlc1AT5ULpXX11eREjQpkBx6IjjcmZ0d7oLA2Vauu3T01%2Fi7Q0rZg7Oe5PCwZF30MgAZkh4ckkxK7tdfr6QoStnGkIIKlr2hfM4AIozJBM%2By7WbJflbzutJqWp%2Bp5nRSTs%2F0dCKmAPNZU2o1b2qh5rNKTHQJLLvBSD1zyXqhnk7U4dZTAp96qBRlXoq8OjlUMymEPJ3csmzTT2M8pIF1TKklybnRbdGgxggJC3DwFHyhguPQGv48gOB3FScKLFu%2Fmr0InjqHcY%2Fxzij8cX31Vw7cky80JozOeByU7rEelLgLurNYtMd2vNN4ihwUDajGBjqbcmpZtnsJ89x4bfyvz3OsxyKSl4fDLt993x%2FYavGsLYdc4uo%2F7TlMoCHBP%2B4W%2FK32YtyZb72r7WYXrFGP2ZcQHaSPTVdFNSBG581QKtGBsWutIxL1WVsb7i8i9p%2ByZCl2yPhq7Pp%2BOVd%2FAA%3D%3D&RelayState=https%3A%2F%2Famzn.determine.com%2Fl%2Fprotected%2Flogin.php%3Fpage%3D%252Fl%252Findex.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=OYEoPo9gcU86Vk5mjUaLEbSB%2Fo0MWCVabfiHNuXL9skE3ACUXr%2Bb0tTNqUL2GRlyUt11%2FrHnIlrt4uCNCmL30ebBQS%2BjGE1wrGceo5ojnuQ8AMALVLnHhBWF4w14%2BXqrOdHCOr5XXpIVGidxjBn2By0gE6s3w25KTToZiTNSS78MMRMj1%2BfSzisZgayian6j0iNnnIYl4FGKOWuNwz7E9Ddc%2FBzuddU3TmCWfOUu6EKP9%2FRJ25Qf4WIL1R9%2ByDA2sMiZtIBQakWQxhy8c0HwUgb0IoHCs%2FYmHYTW3m1o%2BszWdF21Ksb1O3gnvE2KIiZV64Ok%2Fuv03A9OhMBZYmo9Kw%3D%3D HTTP 302
https://midway-auth.amazon.com/SSO/redirect?client_id=https%3A%2F%2Fidp-eu-west-1.federate.amazon.com&redirect_uri=https%3A%2F%2Fidp-eu-west-1.federate.amazon.com%2Fapi%2Fv1%2Fintermediate&response_type=id_token&scope=openid&nonce=93RM80OKAULH3C3LU73LMFOOQ1&state=AYABeKOF6Sl0VmhWjiB9ffEuwREAIwABAAN0eG4AGjkzUk04ME9LQVVMSDNDM0xVNzNMTUZPT1ExAAEAB2F3cy1rbXMAS2Fybjphd3M6a21zOmV1LXdlc3QtMTo2NDIzOTcxNzAzNTA6a2V5LzRiODQxNTNhLTUyZDktNDM1MS04ODBkLTUwNDJiZjA4Mjg3ZAC4AQIBAHiaKf4f%2FKlHEp8JxNsyjAJLJ%2F1tg%2BG95EJW9Xuc9UqBigGjAhyE%2B7G4f3nmQT97muNeAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMPj1j5AiRIsaSvoKXAgEQgDvrH49xmvP7U4MhKX7pcv1dHhyyt9u0E5IODnkS%2FzCDGgOmMlVYGKVu1ZZ6HQmQeq3HhRTIF17O%2Bal%2BUgIAAAAADAAAEAAAAAAAAAAAAAAAAABS1ExvCz%2Bzd0kdR%2F6vL3wi%2F%2F%2F%2F%2FwAAAAEAAAAAAAAAAAAAAAEAAAHTfMGsYbVyudCwJs%2FaalQb3XQDmr54bHJaINMdiL3pfGqvyQfxQrLzo7UwTnidRebCBal3T9ZCXVnhQ9SqCwQPyuRDdO8h0Ox3GGnwK4K1nUEGUGnX0vrxYjquZmIlOyyzWoDw6aQEwqICA2jrN83blzg8Vxw00FLV00eAZ66rqF%2Fq26IwIhXZbWZUikbi%2BiVzsJOR6hw8Fjbv7wAUZYVpKMGeeD8yQds6rC8nHa9dJ5ohMzxRW2LcWGGO3uIauSPdOFrpxotSfzUr%2F8fi25%2BhEPVs9ta1GirOwG%2FMZ9zo9x0dubJfPogYkHnwiXSB7O31fEo6QRPcnG1suDpPYWY5KSZNecLel938Ua25mORS755XuJNn9thP0Igo68pI6zV6xAjbWq8nNP4CVZtOsTa5mh%2FMeflfClA%2BREAMTwOS0uGtrHnvbBz5VoTwc8TkDuJg3jaU5L7Zta2Q3NQxmHnRtspgo5KQYtqI%2B3noXuyYC5V%2BIkGfGzTzdho0rpCdusOD%2BBnqAReVCRK7o7HnFGXY%2Bx8M459IeiJ4IlCc3qwKfSnHeYuj%2BLJ%2Fcww%2FIXKS4zNYoMO8dOP7Vnjz4%2BytoqCY95s80501JfII3sTC4y4nrggN5zAIAI9DhCGmEcmN2YjqwnAU Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://amzn.determine.com/ HTTP 301
- http://amzn.determine.com/p/index.php HTTP 302
- https://amzn.determine.com/l/index.php
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
index.php
amzn.determine.com/l/ Redirect Chain
|
314 B 691 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
redirect
midway-auth.amazon.com/SSO/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-f3d0745d990b2e37b629789741f0fc270710f0224ca1c3c35ca5f981200a4e26.css
midway-auth.amazon.com/assets/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-d874f49ae40d9b7a13a55c346e176bfc652b88291f77de43ca868068a705f90c.js
midway-auth.amazon.com/assets/ |
145 KB 145 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
posture-error-7c7ee27072306e5fcae693af49d180adaaac6d843cb726e35e11000c240ec993.js
midway-auth.amazon.com/assets/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
posture-validation
midway-auth.amazon.com/api/ |
62 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| onAeaAndroidDevice function| biometricsOnLoadAndroid function| promptForTouchIDAndroid function| hideBiometricsErrorMessage function| showBiometricsErrorMessage function| parseQuery function| lsTest function| validateNextUrl function| validateSuccessUrl function| authenticationSuccess2 function| getIDToken function| u2fSupported function| requestU2fChallenge2 function| showErrorMessage function| hideErrorMessage function| showGeneralErrorMessage function| hideGeneralErrorMessage function| onAeaiOSDevice function| showBiometricsIfAvailable function| biometricsAvailableCallback function| showBiometricsPane function| biometricsOnLoad function| promptForTouchID function| biometricsAuthenticationCallback function| midwayOnLoad function| submitPassword function| submitOTP function| handleU2fResponse2 function| finishedAuth function| showMidwayErrorMessage function| hideMidwayErrorMessage function| oneTimeLDAPOnLoad function| submitOneTimeLDAPPassword function| showOneTimeLDAPErrorMessage function| hideOneTimeLDAPErrorMessage object| u2f undefined| js_api_version function| $ function| jQuery object| jQuery112407158987186155281 object| Raven1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
midway-auth.amazon.com/ | Name: session Value: eyJraWQiOiIxMDQiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..Q7P23GgE8cD6waUtYTvbGg.OwAybzOTB_P5pNewH2WVd3sryobBwssChdbHA7LwPT_ZybZrDygNg39nZGdhmOfythXw9sfuRnj8kbD9dnj-wzpaQu2FgQkqmQJmAH7FmxmRCSFIzDr3ZM2atZ0qprAH2X8dzgmFSBG4ZgYNJaJL21vAWAKhi9ja7p8gTZ7V9XUSRXqVP-ggrBN8gXQYU_GNEDU7HJSUL6FptGryZVJDCrcqhNGp9-CYRhkcj6_rR9rrvpVkp3mj5-cIuo6iPCvB.JXwI7E-6jL4Klh663vOi9Q |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amzn.determine.com
idp.federate.amazon.com
midway-auth.amazon.com
35.172.143.200
52.16.241.246
52.94.220.70
6e61d3756d5addc5f728fdb2e17825c13ab50ea161bdaabe429f12fb2a5ea3e9
7c7ee27072306e5fcae693af49d180adaaac6d843cb726e35e11000c240ec993
983b538f52e65c407d2fc87d2b3874ecd4791fe55ac34ab5205e39db731eee1d
d2a89214fa1664e95810309986103c86194eaafca7806149168cc4ea53613980
d874f49ae40d9b7a13a55c346e176bfc652b88291f77de43ca868068a705f90c
f3d0745d990b2e37b629789741f0fc270710f0224ca1c3c35ca5f981200a4e26