idp-integ.federate.amazon.com
Open in
urlscan Pro
18.204.102.130
Public Scan
Effective URL: https://idp-integ.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJNT8MwDIbv%2FIoq9%2FRr6zqitWgCTUKAkBhw2GXyWm8ErUmJ3fHx68m6DcGFY5z...
Submission Tags: @phishunt_io
Submission: On May 14 via api from DE — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on December 30th 2023. Valid for: a year.
This is the only time idp-integ.federate.amazon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 13.32.151.115 13.32.151.115 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2600:9000:207... 2600:9000:2073:c200:1f:1e90:d200:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2600:1f18:257... 2600:1f18:257:8001:181c:3f3c:2838:f837 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 18.204.102.130 18.204.102.130 | 14618 (AMAZON-AES) (AMAZON-AES) | |
10 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-115.iad66.r.cloudfront.net
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev |
ASN16509 (AMAZON-02, US)
d2beun48pmgqbs.cloudfront.net |
ASN14618 (AMAZON-AES, US)
jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-102-130.compute-1.amazonaws.com
idp-integ.federate.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
cloudfront.net
d2beun48pmgqbs.cloudfront.net |
117 KB |
4 |
amazon.dev
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev |
469 KB |
2 |
amazon.com
idp-integ.federate.amazon.com — Cisco Umbrella Rank: 628615 |
1 KB |
1 |
amazoncognito.com
1 redirects
jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com |
2 KB |
10 | 4 |
Domain | Requested by | |
---|---|---|
4 | d2beun48pmgqbs.cloudfront.net |
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev
d2beun48pmgqbs.cloudfront.net |
4 | ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev |
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev
|
2 | idp-integ.federate.amazon.com |
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev
|
1 | jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com | 1 redirects |
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev Amazon RSA 2048 M03 |
2024-05-14 - 2025-06-12 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
idp-integ.federate.amazon.com Amazon RSA 2048 M02 |
2023-12-30 - 2025-01-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://idp-integ.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJNT8MwDIbv%2FIoq9%2FRr6zqitWgCTUKAkBhw2GXyWm8ErUmJ3fHx68m6DcGFY5zX72s99uTio9kGO3SkrSlEEsYiQFPZWptNIZ4eZ3IsLsqzCUGzTVs17fjFPOBbh8TBlAgd%2B75La6hr0M3R7XSFTw%2B3hXhhbklF0av%2FM%2FZddiQRiGUiV8gQgjcKf2ohNPBlfezGaLZhZZuoD4x03Tqk1nugCK58qDbA%2FaQnf6%2BQ2jBuwjXW6IDxaNa7QKuPTrskIrIiuL4qxDLJV3lSjVM5zrJzORykawlDqOQI8zweIaTjeu2lRB1eG2IwXIg0TocyzmQyfIxHapCpLA7zZLAQwfOJXrqn53kaUgdeheicURZIkzLQICmu1Hx6d6u8VLXOsq3sVpQHvKoPdMHMugb4%2F959Rddy3UsVGtb8%2BSf7%2F3Y4rU6Ue9mBmDryV9Sqn9Usv%2B5n7ytrFzeT6PeU5fH59ybKbw%3D%3D&RelayState=H4sIAAAAAAAAAE2Q3XLaMBCF30XXyPGPLFu-cxKSNEAJMAVMp8NIlowFtgS2DMGZvntFOs30anf2nP1253wAChLQtVDQ1kBv20-fLkzrzQgMALNKWtNeqyfBRUONsMPcDrUhSAYFCpHoDge180ssO1VFvtW51Utjjm1yd9dJ54vsMGGow2jtyJozc4b0WDv0k-5wcbabwm7mmt-OFLZdpJOxbXcg-Qn0USjJb56ayspWemmdXO-UNNpppa3KXhKNQ3ktldWPjS5kJcCvASgt64CHy80rftyxMa2JVuu2F9682s9mpnwZrm7Eg7XJ9z5fEBLlwanb8uVUwXxxXfc9W5WvRROfZSq6C84IgsPltInT9fpeZRJ9T4Mfb90GjSbtxF91UxUuUDEfXeFDWpDtM7sso6kIumCUnflmnJ00vq_PbcroCabw-Khf8DbsWbt3ff9bls1kOFFzn7vhYtQTs1k_e8N8tgrfZu_wmjakRw98HtuPK_vxXqtW6Qv8ihl-xkw7U_4X_d-Y_-WV69pu1yDxIi_EOA5D1wYGkoJWrRiAxmI9z3N5RBgMuBtBFAoXEkwCyHHuBi7yCCKuZRhr3XoRi7w89qEFEYgCv4AU0RxiEUUuFtSPeQF-_wHiIrimaAIAAA.H4sIAAAAAAAAACv8bdocJ2S0S_ejnVzg-gsubWXnli7ZXeXyhVPa2q2o7ywA9pVAzCAAAAA.4
Frame ID: 07CCA16ED150F4AC56BF9664A410A14E
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev/ Page URL
-
https://jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fui.us-east-1.beta.bam.imdbtv-apm...
HTTP 302
https://idp-integ.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJNT8MwDIbv%2FIoq9%2FRr6zqitWgCTUKAkBhw2GXyWm8... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev/ Page URL
-
https://jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fui.us-east-1.beta.bam.imdbtv-apm.amazon.dev&response_type=code&client_id=ot94i3f454eukkng2h6iunl72&state=k6EVZJ6DgbLam9onXsze1RljQQthHEWl&scope=openid%20email%20aws.cognito.signin.user.admin%20profile
HTTP 302
https://idp-integ.federate.amazon.com/api/saml2/v1/sso?SAMLRequest=fZJNT8MwDIbv%2FIoq9%2FRr6zqitWgCTUKAkBhw2GXyWm8ErUmJ3fHx68m6DcGFY5zX72s99uTio9kGO3SkrSlEEsYiQFPZWptNIZ4eZ3IsLsqzCUGzTVs17fjFPOBbh8TBlAgd%2B75La6hr0M3R7XSFTw%2B3hXhhbklF0av%2FM%2FZddiQRiGUiV8gQgjcKf2ohNPBlfezGaLZhZZuoD4x03Tqk1nugCK58qDbA%2FaQnf6%2BQ2jBuwjXW6IDxaNa7QKuPTrskIrIiuL4qxDLJV3lSjVM5zrJzORykawlDqOQI8zweIaTjeu2lRB1eG2IwXIg0TocyzmQyfIxHapCpLA7zZLAQwfOJXrqn53kaUgdeheicURZIkzLQICmu1Hx6d6u8VLXOsq3sVpQHvKoPdMHMugb4%2F959Rddy3UsVGtb8%2BSf7%2F3Y4rU6Ue9mBmDryV9Sqn9Usv%2B5n7ytrFzeT6PeU5fH59ybKbw%3D%3D&RelayState=H4sIAAAAAAAAAE2Q3XLaMBCF30XXyPGPLFu-cxKSNEAJMAVMp8NIlowFtgS2DMGZvntFOs30anf2nP1253wAChLQtVDQ1kBv20-fLkzrzQgMALNKWtNeqyfBRUONsMPcDrUhSAYFCpHoDge180ssO1VFvtW51Utjjm1yd9dJ54vsMGGow2jtyJozc4b0WDv0k-5wcbabwm7mmt-OFLZdpJOxbXcg-Qn0USjJb56ayspWemmdXO-UNNpppa3KXhKNQ3ktldWPjS5kJcCvASgt64CHy80rftyxMa2JVuu2F9682s9mpnwZrm7Eg7XJ9z5fEBLlwanb8uVUwXxxXfc9W5WvRROfZSq6C84IgsPltInT9fpeZRJ9T4Mfb90GjSbtxF91UxUuUDEfXeFDWpDtM7sso6kIumCUnflmnJ00vq_PbcroCabw-Khf8DbsWbt3ff9bls1kOFFzn7vhYtQTs1k_e8N8tgrfZu_wmjakRw98HtuPK_vxXqtW6Qv8ihl-xkw7U_4X_d-Y_-WV69pu1yDxIi_EOA5D1wYGkoJWrRiAxmI9z3N5RBgMuBtBFAoXEkwCyHHuBi7yCCKuZRhr3XoRi7w89qEFEYgCv4AU0RxiEUUuFtSPeQF-_wHiIrimaAIAAA.H4sIAAAAAAAAACv8bdocJ2S0S_ejnVzg-gsubWXnli7ZXeXyhVPa2q2o7ywA9pVAzCAAAAA.4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev/ |
630 B 1005 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katal.assetloader.flo.2ddb78d25220.scoped.min.js
d2beun48pmgqbs.cloudfront.net/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6550f43ef42d9e581397.min.css
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev/ |
433 KB 102 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6550f43ef42d9e581397.min.js
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev/ |
2 MB 365 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katal.flo.components.4897318a4b5bc6545dc5.scoped.css
d2beun48pmgqbs.cloudfront.net/ |
120 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrics.826eef3180693a982a26.js
d2beun48pmgqbs.cloudfront.net/ |
96 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
katal.flo.components.cc87f8643433789bef32.min.js
d2beun48pmgqbs.cloudfront.net/ |
276 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev/i18n/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sso
idp-integ.federate.amazon.com/api/saml2/v1/ Redirect Chain
|
130 B 723 B |
Document
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
idp-integ.federate.amazon.com/ |
520 B 590 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: 1a390255-4705-43d2-abff-5fa1ee7ea60c |
|
jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: ixzcS997c3qu_dVOn-cSyXzzbWhJfr8viAeuw6Y94-EVOr8AXXBnYi4NA3UPuZ4KMsM2WuOn5S4fRKy-CAf9_GbwV7Oe3u3KYvdZLYqo6BmvsAbaq-A-pDoH6_5zbsj022IYYQi5MnR2d05SKz9tZXG1EcQW5PQx-yAr9z4CdR8 |
|
jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: ixzcS997c3qu_dVOn-cSyXzzbWhJfr8viAeuw6Y94-EVOr8AXXBnYi4NA3UPuZ4KMsM2WuOn5S4fRKy-CAf9_GbwV7Oe3u3KYvdZLYqo6BmvsAbaq-A-pDoH6_5zbsj022IYYQi5MnR2d05SKz9tZXG1EcQW5PQx-yAr9z4CdR8 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d2beun48pmgqbs.cloudfront.net
idp-integ.federate.amazon.com
jonsnow-us-east-1-beta.auth.us-east-1.amazoncognito.com
ui.us-east-1.beta.bam.imdbtv-apm.amazon.dev
13.32.151.115
18.204.102.130
2600:1f18:257:8001:181c:3f3c:2838:f837
2600:9000:2073:c200:1f:1e90:d200:21
017d067daa3a0d5df5b345c156e7b17291b85662b27482fe175cb76071995147
40de28756324fde421e8c905ca1bf76a7fb7ad9d9280b5b73abf9eda067e7fe0
59319a4ceb42a72690fd50fc4ecb818baa24e0b3fd902c157ca20aadbb71cefa
5df5c08fb86c5a9f4554259938ba802f0d19075620d625318d749d97eb3a5733
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
a89c468fcdae4419a1c6a4b32186660f721b4ea36ed7ac796e709f953a40ea8b
fa46c0fda73cc6441c3244691c6fe2331f2133521288ce7d15a2c8cdea9dbae8