signinawsamaz0n3048.auth-verify.me Open in urlscan Pro
2606:4700:3033::6815:5f03 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb
Submission: On July 05 via manual (July 5th 2022, 2:57:17 pm UTC) from TR — Scanned from DE

Summary HTTP 13 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::6815:5f03, located in United States and belongs to CLOUDFLARENET, US. The main domain is signinawsamaz0n3048.auth-verify.me.

This is the only time signinawsamaz0n3048.auth-verify.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AWS (Online)

Domain & IP information

	IP Address	AS Autonomous System
5 14	2606:4700:303... 2606:4700:3033::6815:5f03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:223... 2600:9000:223e:2c00:1d:d7f6:39d0:c781	16509 (AMAZON-02) (AMAZON-02)
13	3

14 2606:4700:3033::6815:5f03 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

signinawsamaz0n3048.auth-verify.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223e:2c00:1d:d7f6:39d0:c781 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	auth-verify.me 5 redirects signinawsamaz0n3048.auth-verify.me	202 KB
4	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 789	144 KB
13	2

	Domain	Requested by
14	signinawsamaz0n3048.auth-verify.me	5 redirects signinawsamaz0n3048.auth-verify.me
4	images-na.ssl-images-amazon.com	signinawsamaz0n3048.auth-verify.me
13	2

This site contains links to these domains. Also see Links.

Domain
aws.amazon.com

Subject Issuer	Validity	Valid
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-02-01` - `2023-01-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb
Frame ID: 959E545CC0983438743378A77DFCDBCE
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

13
Requests

31 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

342 kB
Transfer

1173 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://aws.amazon.com/
Title: Amazon Web Services Login

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/agreement/recent-changes/
Title: Recent Changes

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/agreement/
Title: AWS Customer Agreement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://signinawsamaz0n3048.auth-verify.me/static/js/jquery.min.js HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 1

http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/components.min.css HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 2

http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/utilities.min.css HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 3

http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/grid.min.css HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 12

http://signinawsamaz0n3048.auth-verify.me/metrics/pageload HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

13 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response signinawsamaz0n3048.auth-verify.me/	180 KB 98 KB	119ms 102ms	Document text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f2a84bc5e1a8051dd24e535d3f6925102b8eb85b55a480b05cc8abbf7b21cdbc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept CF-Cache-Status DYNAMIC CF-RAY 7260f3a76c569b83-FRA Cache-Control private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Tue, 05 Jul 2022 14:57:12 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrvOMsuTuy%2Fq1mfDu2fCyEUywnmtXfXrlpNwpyoiu3Y76d3%2F7w5P5cTLoXiZ7c3t1K%2F2MPHpmJX5YWPKEyHLBIgvzdvdauoYjzeS3YA%2FUb8bJP%2BcBggH%2B1%2B248UpEN5I12PJTHT6p2c59B5S9FeAQgUH9u65bt7qKL078GeNJE15"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked X-AspNet-Version 4.0.30319 X-UA-Compatible IE=edge alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	404.html Show response signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/static/js/jquery.min.js http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	53ms 53ms	Script text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cifD1J5rTjHX2zjXdANt5OPb3na67CucUe01zHxsPTfs1U4fMm3ClD9YOqZcYEsxsx%2BvEQhrcsV8EuTm8lqJmHqh9iD9QrlINGyBKKhbcDfUguhXSGvHcvi1QkupH52cidZhVFNjMRC7yByqIZ6nQykNgvbwWHFTWQG2z3z8NYho"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 7260f3a8cb249152-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Tue, 05 Jul 2022 14:57:13 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vG3AkBT5tkKlofr1qSwd68JKQjOcc7RAovJd15q404Xe499jKP2DTLwU%2Fq0%2FS0PgxLFhzIMBWBoCPQxoN%2FNlhCHj%2BOQFVG0%2BRs5nHUlx7wFzrSRfexkNCEw7eABzr1Bu92eiWz6OC7tK2lbOTby%2FTbRwLqAxltufOXhaVmeeRmBU"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 7260f3a85a499152-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/components.min.css http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	36ms 36ms	Stylesheet text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMDY97lX0H5kiNSB4ib7iyYZ%2Bc%2FfJ2Qkt98lpjMnCfa%2FAfoJZhlJj%2BOxf%2BZcWk%2FyS5p3pXXumbV0LXExg%2FHRPSDRFrdcqTzcvVLUFBFIpuqhg3UBx0uIWt8xf%2BxOJcA038n%2FCkYDd8BZPSPNqEY%2FWA9yIPYriuI8KvQ3K25kkdZA"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 7260f3a8aea89b83-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Tue, 05 Jul 2022 14:57:13 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyJaGSza%2B%2FcYSCd5lfNDBHDiMxB0%2Fk6DzXi%2FYahUNyFnaTJVRvOcNJsU7n%2FTaxJ9GTMlmmXMAJStN%2FjOj9sQ1%2BgYd0Lh%2BQLo929MVfSrmypNREFfxXWmIKoC%2B%2BFIPyDFJUsR11xH8uKlqF3Q4BXtHr9694TGqmJzZ45BGCMlQZlw"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 7260f3a85e309b83-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/utilities.min.css http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	70ms 70ms	Stylesheet text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExEjmSrDWX%2Ft%2BLXdfJZgShlFTzTMYSPh%2BJxAcrSo8ORDMF1DoU2IhBEsVyLj8HD1HiXob61AmYUVQcj2SkLqaJAI25se24KmfU%2Bz2kEHGGnHtSwhUqfMUDQ2Lr8YDDw%2F8nsdYkW3pg1Sxf2Rcg1j4nrwjgJ2OTX3pfFqDmLLKzR6"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 7260f3a8b99abb83-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Tue, 05 Jul 2022 14:57:13 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtO0ysCTJU%2BusToI%2BtGS0FZIfI8QAhSp6D8rbA%2B57r8lbHpvY01Cf84VRmhkrrZnrC09VFcQF5AQxYLTOwR4FYZeHCHx%2F6DIaqIvtb6tk5PD6F%2FN%2FSp7ps2tb3TJtuPNl7F1rrRH8Ysimrz9U2WrpFFHiuEHYI9jz5KPwUD8TmRi"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 7260f3a858fdbb83-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/grid.min.css http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	55ms 55ms	Stylesheet text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5zwBzPiW7KsLkxIojvuanUOexvvp1DsM3seqXuJuGdx0CZgxkQmNHxWZ%2FGpCqZN7Ua9cLO4Xj4Pxr3R3F6GUNkn8qrAe8gxHIIBH7DyNXykKy7hXyKakCt14tuvVA8BdkcjPvMVCGI9FtlY1la6SDkzCcmit%2FBbpBfk6to2CsmR"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 7260f3a8bcea90ac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Tue, 05 Jul 2022 14:57:13 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2rsfEzN2uW58Ui%2F7abG8akcc4qMdG74g%2Fc4tmYsMa3DQvknkX4yYwN5n9WkUaLhqBYWHqKAZMmDAuubnoWKajW55pNYYzbBEb7ScL%2FEiG7Wr3QmQVjPqjLuggmzZcfdcSPxGM2jo4RiXUCN4uicQQluCnPlp0pQ84DCCQqJJrfk"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 7260f3a85c8e90ac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H2	200	fwcim.js Show response images-na.ssl-images-amazon.com/images/G/01/x-locale/common/login/	406 KB 115 KB	92ms 8ms	Script application/x-javascript	2600:9000:223e:2c00:1d:d7f6:39d0:c781 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/x-locale/common/login/fwcim.js Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:2c00:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `b2cc97c937b2669ac42786fb13c686bf7f24222ad042f0cee1764024d251c4d4` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 05 Jul 2022 06:13:05 GMT content-encoding gzip age 32628 edge-cache-tag x-cache-684,/images/G/01/x-locale/common/login/fwcim x-nginx-cache-status HIT x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-684 /images/G/01/x-locale/common/login/fwcim last-modified Wed, 13 Feb 2019 17:16:46 GMT server Server vary Accept-Encoding content-type application/x-javascript via 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront) cache-control max-age=86400,public x-amz-ir-id 027a5578-f70f-45d7-b435-acd8e15681b7 x-amz-cf-pop FRA56-P4 timing-allow-origin https://www.amazon.com x-amz-cf-id BTF_5fh6ghM8cclv1ZOmlC4Kyo5ISv1HCwXEQsfi-zUqGzQ2Q2stEg== expires Tue, 05 Jul 2022 06:25:25 GMT
GET H2	200	61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css images-na.ssl-images-amazon.com/images/I/	137 KB 20 KB	106ms 21ms	Stylesheet text/css	2600:9000:223e:2c00:1d:d7f6:39d0:c781 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:2c00:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 19 Jun 2022 19:16:59 GMT content-encoding br age 1366814 edge-cache-tag x-cache-739,/images/I/61Brdu0o6LL x-nginx-cache-status MISS x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-739 /images/I/61Brdu0o6LL last-modified Wed, 03 Jan 2018 00:13:54 GMT server Server content-type text/css; charset=utf-8 via 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront) cache-control max-age=630720000,public x-amz-ir-id 6d7b09dd-2714-446d-bece-c5c10e7c95db x-amz-cf-pop FRA56-P4 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id 37AEXjgwIp6_OoMEUDRRk7qdBCPdIkVa_c8crKEpvX_0QjsofKguiA== expires Sat, 14 Jun 2042 19:16:59 GMT
GET H2	200	01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css images-na.ssl-images-amazon.com/images/I/	46 KB 8 KB	92ms 8ms	Stylesheet text/css	2600:9000:223e:2c00:1d:d7f6:39d0:c781 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css?AUIClients/AuthenticationPortalAssets Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:2c00:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 27 Jun 2022 11:11:47 GMT content-encoding br age 704726 edge-cache-tag x-cache-442,/images/I/01SdjaY0ZsL x-nginx-cache-status MISS x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-442 /images/I/01SdjaY0ZsL last-modified Sat, 30 May 2015 02:58:48 GMT server Server content-type text/css via 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront) cache-control max-age=630720000,public x-amz-ir-id 081f6359-309b-4be1-b136-77fd519fc1b8 x-amz-cf-pop FRA56-P4 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id nuQOrQin1fohVoOxPKG3Gb7Dn7Ri-BTZGq1tOFl-pSqu3ukdJziONA== expires Sun, 22 Jun 2042 11:11:47 GMT
GET H2	200	11E08O3eXDL.css images-na.ssl-images-amazon.com/images/I/	2 KB 1 KB	104ms 20ms	Stylesheet text/css	2600:9000:223e:2c00:1d:d7f6:39d0:c781 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/11E08O3eXDL.css?AUIClients/CVFAssets Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:2c00:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash `122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 25 Feb 2022 07:16:00 GMT content-encoding gzip age 11259673 edge-cache-tag x-cache-673,/images/I/11E08O3eXDL x-nginx-cache-status HIT x-cache Hit from cloudfront access-control-allow-origin * surrogate-key x-cache-673 /images/I/11E08O3eXDL last-modified Fri, 27 Mar 2020 19:40:05 GMT server Server content-type text/css; charset=utf-8 via 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront) cache-control max-age=630720000,public x-amz-ir-id a50e2207-78cf-4f3c-ae78-177fa76a64af x-amz-cf-pop FRA56-P4 timing-allow-origin https://www.amazon.in, https://www.amazon.com x-amz-cf-id DE6KOVzxh01LJ6m2zAQBGc3HbE4bMJoxu1a6p9lwXM5kXLw3_jg_GQ== expires Mon, 17 Feb 2042 13:38:17 GMT
GET H/1.1	200 OK	jquery-3.0.0.js Show response signinawsamaz0n3048.auth-verify.me/Assets/js/	364 KB 83 KB	144ms 131ms	Script application/javascript	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/Assets/js/jquery-3.0.0.js Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b9065e2a0e1ebbb88f32a1a2b859446cdfa4d7886bf009e0f3e3ff475ae16b98` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 84319 X-UA-Compatible IE=edge Last-Modified Thu, 20 Aug 2020 07:50:12 GMT Server cloudflare ETag "0928488c676d61:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42zF%2B6rNyOguuthsdC6B75d6ewqsHMDzly2PV6tXSdfXgl8hKhbd6gvfCszaX%2B1xnzKIbM4IlpEFDM52n9SNZxyTF04ARzgU9vHJVPJ0OBb7x80e%2FFhx7AwoR5iu1jNo4u22ZzyvZOzqdVzbiSwUmxhbFbHeH2hGDZWJcIL4RvWD"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 7260f3a879893763-MXP Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept
GET H/1.1	200 OK	jquery-migrate-3.3.1.js Show response signinawsamaz0n3048.auth-verify.me/Assets/js/	30 KB 9 KB	106ms 90ms	Script application/javascript	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/Assets/js/jquery-migrate-3.3.1.js Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `127308bdd96abc9b5ccfcb6d55f2bebbbf617bfa619b63c03715d781421b1b22` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 8119 X-UA-Compatible IE=edge Last-Modified Thu, 20 Aug 2020 07:50:12 GMT Server cloudflare ETag "0928488c676d61:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BnRT2FGR2ghpd%2F9zy%2FGorI1kLr2%2BRLkNzchKqkzvRf586PMNY57tjKaIsYn1swbWktN3vMexBi1GMafNmMExKTcX12fgT6%2BYHub9IHKdCBOKtZVnODNB8m76RRDc47ZuY0zdkCTQ1RTmjuJB7LAF6gxmnM3ERB%2BDkag%2B%2B8mRQLH"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 7260f3a87e56839d-MXP Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8d82b1e7faa7f2cdecd63fbe12c5a878d88a70bf383a552c1e66f03d2b795f38` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	TURL Show response signinawsamaz0n3048.auth-verify.me/ContentShow.aspx/	119 B 959 B	67ms 67ms	XHR application/json	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/ContentShow.aspx/TURL Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/Assets/js/jquery-3.0.0.js Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1a160758e9a57ab961d25490a598656bcfa7b18d519b7a6892b89483fd32411a` Request headers Accept application/json, text/javascript, /; q=0.01 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc1k6eqKy8nbQqI%2B0NdX2vfqcGINjGAEiXNPGgkR1ywDPFxsvHjE2zxDDdKDCEmorKPEv7OtRHWi7BtQnZFUmA5QQG799jXLD8yRV2lx1%2BjLhVB3J5mxaYMNvEkL7zc5YPvZjmdrv%2FEWDOsdpSqTgztO90t67y7afAxwMN9yB5y%2B"}],"group":"cf-nel","max_age":604800} Content-Type application/json; charset=utf-8 Cache-Control private, max-age=0 Connection keep-alive CF-RAY 7260f3a98b6c3763-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html Show response signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/metrics/pageload http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	34ms 34ms	XHR text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=7e0dcea8-8e8b-4321-b54f-5c0d8cb1aefb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 05 Jul 2022 14:57:13 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0B9ZVbpjhFEKR09hBtcO2KipcsBOX%2BrrZzjs7GSjjuT1ec74DBlvKO8C%2BPC1TZgAQ7oxB0lUJhyLac2K3bdBD%2BICGBRD1QTiTZ4RY%2FXYxNBtsKmVA06g8D0zXFkClHzi82rMSnRxCKi4KalBNlX2Yc8pSCbUzyXOr7PUq1h3c%2FgX"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 7260f3a9cb52bb83-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Tue, 05 Jul 2022 14:57:13 GMT CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxu6W6QOHFrhYjjfoOcON3D60%2Bl4urMwlMtRz3xld48c5MblXBv%2BYh9FbXut4iIhw7CM%2B04v%2Fh9AwP0W62tDwd2hdKgw3cllvMMj1uXR%2Foffrwu5LCv2bt2HDWOMRlefwybnHpDRiz6DSjnO7C038Ztx0cBMOB8rN6P7DVauUKcz"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Connection keep-alive CF-RAY 7260f3a98af0bb83-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AWS (Online)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			signinawsamaz0n3048.auth-verify.me/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zk2n1zgtjfuoebmdv3e5emh0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images-na.ssl-images-amazon.com
signinawsamaz0n3048.auth-verify.me
2600:9000:223e:2c00:1d:d7f6:39d0:c781
2606:4700:3033::6815:5f03
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381
127308bdd96abc9b5ccfcb6d55f2bebbbf617bfa619b63c03715d781421b1b22
1a160758e9a57ab961d25490a598656bcfa7b18d519b7a6892b89483fd32411a
8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa
8d82b1e7faa7f2cdecd63fbe12c5a878d88a70bf383a552c1e66f03d2b795f38
8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb
b2cc97c937b2669ac42786fb13c686bf7f24222ad042f0cee1764024d251c4d4
b9065e2a0e1ebbb88f32a1a2b859446cdfa4d7886bf009e0f3e3ff475ae16b98
d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76
f2a84bc5e1a8051dd24e535d3f6925102b8eb85b55a480b05cc8abbf7b21cdbc

signinawsamaz0n3048.auth-verify.me Open in urlscan Pro 2606:4700:3033::6815:5f03 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

31 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

342 kBTransfer

1173 kBSize

1 Cookies

5 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

43 JavaScript Global Variables

1 Cookies

Indicators

signinawsamaz0n3048.auth-verify.me Open in urlscan Pro
2606:4700:3033::6815:5f03 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

31 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

342 kB
Transfer

1173 kB
Size

1
Cookies

13 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!