33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com
Open in
urlscan Pro
2600:1f18:257:8002:4a05:fd97:c3fb:4166
Public Scan
Submitted URL: https://www.uat.fols.spectrum.net/
Effective URL: https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/login?response_type=code&state=083004080000002900037184000000812039&client_id=33etrdq7rrrlr5uoib...
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/login?response_type=code&state=083004080000002900037184000000812039&client_id=33etrdq7rrrlr5uoib...
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 5 IPs
in 1 countries
across 4 domains to perform 20 HTTP transactions.
The main IP is 2600:1f18:257:8002:4a05:fd97:c3fb:4166, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com.
TLS certificate: Issued by Amazon on February 27th 2022. Valid for: a year.
This is the only time 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on February 27th 2022. Valid for: a year.
This is the only time 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 14 | 13.32.110.57 13.32.110.57 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2606:50c0:800... 2606:50c0:8000::153 | 54113 (FASTLY) (FASTLY) | |
| 1 2 | 2600:1f18:257... 2600:1f18:257:8002:4a05:fd97:c3fb:4166 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 4 | 2600:9000:20e... 2600:9000:20eb:a000:6:8de6:8640:21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 20 | 5 |
14
13.32.110.57
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-57.vie50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-57.vie50.r.cloudfront.net
| www.uat.fols.spectrum.net |
2
2600:1f18:257:8002:4a05:fd97:c3fb:4166
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com |
4
2600:9000:20eb:a000:6:8de6:8640:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d3oia8etllorh5.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
spectrum.net
www.uat.fols.spectrum.net |
843 KB |
| 4 |
cloudfront.net
d3oia8etllorh5.cloudfront.net |
476 KB |
| 2 |
amazoncognito.com
1 redirects
33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com |
13 KB |
| 1 |
github.io
kjur.github.io — Cisco Umbrella Rank: 120475 |
88 KB |
| 20 | 4 |
| Domain | Requested by | |
|---|---|---|
| 14 | www.uat.fols.spectrum.net |
www.uat.fols.spectrum.net
|
| 4 | d3oia8etllorh5.cloudfront.net |
33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com
|
| 2 | 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com |
1 redirects
www.uat.fols.spectrum.net
|
| 1 | kjur.github.io |
www.uat.fols.spectrum.net
|
| 20 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| fols.spectrum.net Amazon |
2022-05-15 - 2023-06-13 |
a year | crt.sh |
| *.github.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-07 - 2023-04-07 |
a year | crt.sh |
| *.auth.us-east-1.amazoncognito.com Amazon |
2022-02-27 - 2023-03-28 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/login?response_type=code&state=083004080000002900037184000000812039&client_id=33etrdq7rrrlr5uoib2hphj9n7&redirect_uri=https://d3kpz3lw426w1l.cloudfront.net/index.html&scope=openid&code_challenge_method=S256&code_challenge=jmKVvmCFqT_7LSJPDdegFF1KCIZR2X064swE82tU5SQ
Frame ID: 4CF2BF197A3A3C91FEDE016CFAF0805C
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
SigninPage URL History Show full URLs
- https://www.uat.fols.spectrum.net/ Page URL
-
https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/oauth2/authorize?response_type=code&state=0830040800000029000371840000008120...
HTTP 302
https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/login?response_type=code&state=083004080000002900037184000000812039&client_i... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.uat.fols.spectrum.net/ Page URL
-
https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/oauth2/authorize?response_type=code&state=083004080000002900037184000000812039&client_id=33etrdq7rrrlr5uoib2hphj9n7&redirect_uri=https://d3kpz3lw426w1l.cloudfront.net/index.html&scope=openid&code_challenge_method=S256&code_challenge=jmKVvmCFqT_7LSJPDdegFF1KCIZR2X064swE82tU5SQ
HTTP 302
https://33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/login?response_type=code&state=083004080000002900037184000000812039&client_id=33etrdq7rrrlr5uoib2hphj9n7&redirect_uri=https://d3kpz3lw426w1l.cloudfront.net/index.html&scope=openid&code_challenge_method=S256&code_challenge=jmKVvmCFqT_7LSJPDdegFF1KCIZR2X064swE82tU5SQ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
www.uat.fols.spectrum.net/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.ad272e32.css
www.uat.fols.spectrum.net/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chunk-vendors.de095d85.css
www.uat.fols.spectrum.net/css/ |
213 KB 213 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.2754120f.js
www.uat.fols.spectrum.net/js/ |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chunk-vendors.61e7bd0d.js
www.uat.fols.spectrum.net/js/ |
345 KB 346 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jsrsasign-latest-all-min.js
kjur.github.io/jsrsasign/ |
326 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
verifier.js
www.uat.fols.spectrum.net/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
userprofile.js
www.uat.fols.spectrum.net/js/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fols_logo.79560ea7.png
www.uat.fols.spectrum.net/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
covid_banner.05a9ff64.png
www.uat.fols.spectrum.net/img/ |
118 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Team5.97a73ccb.png
www.uat.fols.spectrum.net/img/ |
278 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thumb1.87a5b5b9.jpg
www.uat.fols.spectrum.net/img/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thumb2.88c4920d.jpg
www.uat.fols.spectrum.net/img/ |
30 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thumb3.ecbb6641.jpg
www.uat.fols.spectrum.net/img/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
thumb4.35410ad0.jpg
www.uat.fols.spectrum.net/img/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
140 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
140 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/ Redirect Chain
|
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
d3oia8etllorh5.cloudfront.net/20221014152150/css/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cognito-login.css
d3oia8etllorh5.cloudfront.net/20221014152150/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amazon-cognito-advanced-security-data.min.js
d3oia8etllorh5.cloudfront.net/20221014152150/js/ |
262 KB 263 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.js
d3oia8etllorh5.cloudfront.net/20221014152150/js/ |
87 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless boolean| __fwcimLoaded object| AWSCognitoContextData object| _crypto function| setImmediate function| clearImmediate object| AmazonCognitoAdvancedSecurityData function| Zepto function| $ function| getAdvancedSecurityData function| getUrlParameter function| onSubmit function| jQuery object| $inputs object| fwcim3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: c7e04e02-1b87-4f1f-8958-0c9d4daef804 |
|
| 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: "" |
|
| 33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: "" |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
33etrdq7rrrlr5uoib2hphj9n7.auth.us-east-1.amazoncognito.com
d3oia8etllorh5.cloudfront.net
kjur.github.io
www.uat.fols.spectrum.net
13.32.110.57
2600:1f18:257:8002:4a05:fd97:c3fb:4166
2600:9000:20eb:a000:6:8de6:8640:21
2606:50c0:8000::153
0e0bc03867fe2f853d3c1cbcd1c3b4175218dcd5c72600e67a47d45b07fe6996
226c5c3ed759ea50990edec4743bf210ec8fa0065bbe5db086c5953b61a4e158
434c3117b6f6992bd63a399dd20d252094a2e7e79c060839ba83f8c1a23472cc
4e1ff3c06b6c530b6591e02b79833367100b5f7b266948b49abeacd40d370205
5d8c21a7a06f35b264452c5c0c0ec2cd46d24590b9aae39c3b815eb42b9f9a70
621362b5b7b6513a58acef7fe9fe717093d1186a25b4a429c20e09e2a54c9ace
707fe87c0144f42fb3d5a867bb2f0e749fdb32ab25a78014f1496d75a20edf47
7ae177fecdbc4dae81c93de1debd1442369e283b671dc1ecdfc1939e22d7b4b9
7c84c240c3fa51385e9ab66e537c6493dcf2d3f491a16fb3035fc0e9f8ebeaeb
82622c86a4be0cc2a87c6714c28051154a0bbacf88cabd88ce8963ef91afcc44
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
c1a4df9ed3c94b7a9d6e5dca67da614d982effa62850cb0d6e2fa26053916749
f463ba275f63ebcccc6f0e23def64c8c5debada0ade4bceaf3ee56aafd42949e
f79c5cebbc2da4b6f87df2b86dc87494998ae748488c6c6a4263717a5f256d12
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ffd8b82fb860c63b98b33b23f2364aa2f8f748024d08b7435ca8ca1a7350bb80