idp.federate.amazon.com Open in urlscan Pro
34.195.166.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Effective URL:
https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=LegalPassport-TestEndService1-oidc-implicit-us-west-2-prod&red...
Submission: On April 02 via automatic, source certstream-suspicious (April 2nd 2022, 2:55:51 am UTC) — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 34.195.166.164, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is idp.federate.amazon.com. The Cisco Umbrella rank of the primary domain is 86988.
TLS certificate: Issued by Amazon on July 10th 2021. Valid for: a year.

This is the only time idp.federate.amazon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:9000:201... 2600:9000:201e:9a00:18:5e3a:a640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.195.166.164 34.195.166.164	14618 (AMAZON-AES) (AMAZON-AES)
8	3

5 2600:9000:201e:9a00:18:5e3a:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)

test-client.us-west-2.prod.passport.legal.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.166.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-166-164.compute-1.amazonaws.com

idp.federate.amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	amazon.dev test-client.us-west-2.prod.passport.legal.amazon.dev	197 KB
2	amazon.com idp.federate.amazon.com — Cisco Umbrella Rank: 86988	2 KB
8	2

	Domain	Requested by
5	test-client.us-west-2.prod.passport.legal.amazon.dev	test-client.us-west-2.prod.passport.legal.amazon.dev
2	idp.federate.amazon.com	test-client.us-west-2.prod.passport.legal.amazon.dev
8	2

This site contains no links.

Subject Issuer	Validity	Valid
test-client.us-west-2.prod.passport.legal.amazon.dev Amazon	`2021-05-02` - `2022-05-31`	a year	crt.sh
idp.federate.amazon.com Amazon	`2021-07-10` - `2022-08-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=LegalPassport-TestEndService1-oidc-implicit-us-west-2-prod&redirect_uri=https%3A%2F%2Ftest-client.us-west-2.prod.passport.legal.amazon.dev&response_type=id_token&scope=openid&state=88957bd87fb5448ea0a1749ae0c22d66&nonce=c2ce703e116b4d48b360a76ebe760f10
Frame ID: 2D0AD71A7FD3E365D504E12FA0AA7BCA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://test-client.us-west-2.prod.passport.legal.amazon.dev/ Page URL
https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=LegalPassport-TestEndService1-oidc-implici... Page URL

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

198 kB
Transfer

755 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://test-client.us-west-2.prod.passport.legal.amazon.dev/ Page URL
https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=LegalPassport-TestEndService1-oidc-implicit-us-west-2-prod&redirect_uri=https%3A%2F%2Ftest-client.us-west-2.prod.passport.legal.amazon.dev&response_type=id_token&scope=openid&state=88957bd87fb5448ea0a1749ae0c22d66&nonce=c2ce703e116b4d48b360a76ebe760f10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
test-client.us-west-2.prod.passport.legal.amazon.dev/ 2 KB
1 KB 87ms
13ms Document
text/html 2600:9000:201e:9a00:18:5e3a:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:9a00:18:5e3a:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f22901078730b335b0afab352b71c12f69c7b18289cf07d49f2d2237cb29220a

Request headers

Accept-Language: en-US,en;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 19062
content-encoding: gzip
content-type: text/html
date: Fri, 01 Apr 2022 21:38:04 GMT
etag: W/"e4a5ca856474e5d0ba69b3408e0ce1f6"
last-modified: Mon, 03 May 2021 17:21:07 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
x-amz-cf-id: Q9ErAqxyWhY3Xeh-BOyqdOCPGMJoBoLsFdgfyeK_7TU3Q-XFL-CmsQ==
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: ZoFT2ne3Wfdybub7JAuZtSWT0RP7KdYA
x-cache: Hit from cloudfront

GET
H2 200 2.eb599dc5.chunk.css
test-client.us-west-2.prod.passport.legal.amazon.dev/static/css/ 158 KB
24 KB 396ms
395ms Stylesheet
text/css 2600:9000:201e:9a00:18:5e3a:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/static/css/2.eb599dc5.chunk.css
Requested by: Host: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:9a00:18:5e3a:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25889ddfef87efbe27113bbe078085176ae3d9b27354ffb3c3ddd690204ee5b7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 02 Apr 2022 02:55:46 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 17:21:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"5197ebc4460394148926bb7c9dc30b39"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: be2p0J3fBZrEXiUoO65GWeRkWIz.Gnp4
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
content-type: text/css
x-amz-cf-id: XYUOmXFCnxvC2qQlkbAwa3EJHz_QklL1tWXwZNF48rhhnyEpITpQCg==

GET
H2 200 main.93264309.chunk.css
test-client.us-west-2.prod.passport.legal.amazon.dev/static/css/ 711 B
1 KB 374ms
374ms Stylesheet
text/css 2600:9000:201e:9a00:18:5e3a:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/static/css/main.93264309.chunk.css
Requested by: Host: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:9a00:18:5e3a:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e6f266896fdfc6b53eca158565c55f6f6f3ce12574ad533f51a244e7cff79b1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 02 Apr 2022 02:55:46 GMT
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
last-modified: Mon, 03 May 2021 17:21:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: "5db182c434e76e5c789ac7c3d36fbe24"
x-cache: Miss from cloudfront
x-amz-version-id: qphko8F4Zg5H5DZ8Y5vcgje6XSQxSmaC
accept-ranges: bytes
content-type: text/css
content-length: 711
x-amz-cf-id: f4Eo2zchqoeJif7HmZWyPigs0WRTn7qEBVI_JrakCraHWJK-OCNU_g==

GET
H2 200 2.864b7c25.chunk.js Show response
test-client.us-west-2.prod.passport.legal.amazon.dev/static/js/ 589 KB
169 KB 472ms
472ms Script
application/javascript 2600:9000:201e:9a00:18:5e3a:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/static/js/2.864b7c25.chunk.js
Requested by: Host: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:9a00:18:5e3a:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e99f7c03c7f9095be96cc90b04ee040d3f026873ab6c8fe60026fec456220988

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 02 Apr 2022 02:55:46 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 17:21:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"d71918089cdb573d08fe229e0b89df1b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: Z4_PHS3ARNeJhyw.bWko1IJ8.KCSYdlq
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: r35mP5zb_HL5gX9isoluP1T1HjSv_tU8ZsjnxNctuWvjoiHMpUvINw==

GET
H2 200 main.b4210224.chunk.js Show response
test-client.us-west-2.prod.passport.legal.amazon.dev/static/js/ 5 KB
2 KB 373ms
372ms Script
application/javascript 2600:9000:201e:9a00:18:5e3a:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/static/js/main.b4210224.chunk.js
Requested by: Host: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:9a00:18:5e3a:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d79f1dfa464c745634484a15e98e6a2f60b60916d1885e2e3834ab726298112b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 02 Apr 2022 02:55:46 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 17:21:07 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: W/"c7f2588eef1cf5d4ab73eed976f32216"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: SGlSnMTmEf5diQmXQiNPcmt2z.ksG68o
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
content-type: application/javascript
x-amz-cf-id: rdNngCxR-eCgpVmFUq_6kucnhmjl0srLsKNLKDe1nrf-2n0ANvkU8A==

GET Logo.png
test-client.us-west-2.prod.passport.legal.amazon.dev/images/ 0
0

GET
H2 200 openid-configuration
idp.federate.amazon.com/.well-known/ 856 B
1 KB 48ms
10ms XHR
application/json 34.195.166.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.federate.amazon.com/.well-known/openid-configuration

Requested by

Host: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/static/js/2.864b7c25.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.195.166.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-195-166-164.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 02:55:46 GMT
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6247bb32-5f7f0c0d625410eb67440274;
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1
referrer-policy: origin

GET
H2 400 Primary Request authorize Show response
idp.federate.amazon.com/api/oauth2/v1/ 120 B
543 B 38ms
18ms Document
application/json 34.195.166.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=LegalPassport-TestEndService1-oidc-implicit-us-west-2-prod&redirect_uri=https%3A%2F%2Ftest-client.us-west-2.prod.passport.legal.amazon.dev&response_type=id_token&scope=openid&state=88957bd87fb5448ea0a1749ae0c22d66&nonce=c2ce703e116b4d48b360a76ebe760f10

Requested by

Host: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/static/js/2.864b7c25.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.195.166.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-195-166-164.compute-1.amazonaws.com

Software

Resource Hash

b9465987d34c582cf846cf662810ea50695006ef73f2d4c3cf861c52f5c46690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://test-client.us-west-2.prod.passport.legal.amazon.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 120
content-type: application/json
date: Sat, 02 Apr 2022 02:55:46 GMT
pragma: no-cache
referrer-policy: origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-amzn-trace-id: Root=1-6247bb32-616a6b8a06846d130132e238;
x-content-type-options: nosniff
x-transaction-id: P220402025546796IADCDQ4RKRF5HX6 P220402025546796IADCDQ4RKRF5HX6
x-xss-protection: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: test-client.us-west-2.prod.passport.legal.amazon.dev
URL: https://test-client.us-west-2.prod.passport.legal.amazon.dev/images/Logo.png

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idp.federate.amazon.com/api/oauth2/v1/authorize?client_id=LegalPassport-TestEndService1-oidc-implicit-us-west-2-prod&redirect_uri=https%3A%2F%2Ftest-client.us-west-2.prod.passport.legal.amazon.dev&response_type=id_token&scope=openid&state=88957bd87fb5448ea0a1749ae0c22d66&nonce=c2ce703e116b4d48b360a76ebe760f10 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

idp.federate.amazon.com
test-client.us-west-2.prod.passport.legal.amazon.dev
test-client.us-west-2.prod.passport.legal.amazon.dev
2600:9000:201e:9a00:18:5e3a:a640:93a1
34.195.166.164
25889ddfef87efbe27113bbe078085176ae3d9b27354ffb3c3ddd690204ee5b7
7e6f266896fdfc6b53eca158565c55f6f6f3ce12574ad533f51a244e7cff79b1
b9465987d34c582cf846cf662810ea50695006ef73f2d4c3cf861c52f5c46690
d79f1dfa464c745634484a15e98e6a2f60b60916d1885e2e3834ab726298112b
e99f7c03c7f9095be96cc90b04ee040d3f026873ab6c8fe60026fec456220988
f22901078730b335b0afab352b71c12f69c7b18289cf07d49f2d2237cb29220a

idp.federate.amazon.com Open in urlscan Pro 34.195.166.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

88 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

198 kBTransfer

755 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

idp.federate.amazon.com Open in urlscan Pro
34.195.166.164 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

198 kB
Transfer

755 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions