login.idam.ccxdev.com Open in urlscan Pro
13.211.63.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.idam.ccxdev.com/
Submission: On September 01 via automatic, source certstream-suspicious (September 1st 2020, 8:50:28 am UTC)

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 13.211.63.164, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is login.idam.ccxdev.com.
TLS certificate: Issued by Amazon on September 1st 2020. Valid for: a year.

This is the only time login.idam.ccxdev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	13.211.63.164 13.211.63.164	16509 (AMAZON-02) (AMAZON-02)
1	3.104.34.32 3.104.34.32	16509 (AMAZON-02) (AMAZON-02)
9	3

7 13.211.63.164 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com

login.idam.ccxdev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.104.34.32 (Sydney, Australia)

ASN16509 (AMAZON-02, US)

idam.cybercx.idslns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ccxdev.com login.idam.ccxdev.com	1 MB
1	idslns.com idam.cybercx.idslns.com
9	2

	Domain	Requested by
7	login.idam.ccxdev.com	login.idam.ccxdev.com
1	idam.cybercx.idslns.com	login.idam.ccxdev.com
9	2

This site contains no links.

Subject Issuer	Validity	Valid
login.idam.ccxdev.com Amazon	`2020-09-01` - `2021-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.idam.ccxdev.com/
Frame ID: B0498A42D8FEEBC58CDBFE886D14B177
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1501 kB
Transfer

1499 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.idam.ccxdev.com/ 5 KB
5 KB 1039ms
435ms Document
text/html 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.idam.ccxdev.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 1c1e530cef7ef8ac2d9cdf0191f44e58e8b5661442545f336b347da9b060a60b

Request headers

:method: GET
:authority: login.idam.ccxdev.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:09 GMT
content-type: text/html;charset=utf-8
content-length: 5442

GET
H2 200 okta-sign-in.min.js Show response
login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/js/ 1 MB
1 MB 296ms
295ms Script
application/javascript 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/js/okta-sign-in.min.js
Requested by: Host: login.idam.ccxdev.com
URL: https://login.idam.ccxdev.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: a37cdd2f1fcb66fbb2b4c984ab39b4d05673850c0a6f4d3dd16cbc2a711c423f

Request headers

Referer: https://login.idam.ccxdev.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:10 GMT
etag: 1598947037196
content-type: application/javascript

GET
H2 200 okta-sign-in.min.css
login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/css/ 182 KB
182 KB 841ms
840ms Stylesheet
text/css 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/css/okta-sign-in.min.css
Requested by: Host: login.idam.ccxdev.com
URL: https://login.idam.ccxdev.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 59ffef4f4b6f7143866694e8bdf4904d9646a7681966e333fc473d39f88a012a

Request headers

Referer: https://login.idam.ccxdev.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:10 GMT
etag: 1598947037196
content-type: text/css

OPTIONS
H/1.1 200
OK me
idam.cybercx.idslns.com/api/v1/sessions/ 0
0 956ms
344ms Other 3.104.34.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://idam.cybercx.idslns.com/api/v1/sessions/me

Protocol

HTTP/1.1

Server

3.104.34.32 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://okta.report-uri.com/r/d/xss/enforce

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Origin: https://login.idam.ccxdev.com
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 01 Sep 2020 08:50:12 GMT
Server: nginx
Content-Length: 0
x-okta-request-id: X04LRDNnmtmZE-B9LrpWrQAABAc
x-xss-protection: 1; mode=block; report=https://okta.report-uri.com/r/d/xss/enforce
p3p: CP="HONK"
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9994
x-rate-limit-reset: 1598950235
vary: Origin
cache-control: no-cache, no-store
pragma: no-cache
expires: 0
x-frame-options: SAMEORIGIN
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Strict-Transport-Security: max-age=315360000; includeSubDomains
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET me
idam.cybercx.idslns.com/api/v1/sessions/ 0
0

GET
H2 200 login_background-sandbox.png
login.idam.ccxdev.com/images/ 233 KB
233 KB 290ms
290ms Image
image/png 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.idam.ccxdev.com/images/login_background-sandbox.png
Requested by: Host: login.idam.ccxdev.com
URL: https://login.idam.ccxdev.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 668c27ebd3ebaa43759a28c6d0dc4be63b6c44b75f974957f0861ca2a947bcf1

Request headers

Referer: https://login.idam.ccxdev.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:12 GMT
etag: 1598947037246
content-type: image/png

GET
H2 200 login_logo.png
login.idam.ccxdev.com/images/ 2 KB
2 KB 288ms
287ms Image
image/png 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.idam.ccxdev.com/images/login_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: c107ed8e081860846c15796ac931e7a5055c4bca9b9ddcbdaf3062205fb9a139

Request headers

Referer: https://login.idam.ccxdev.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:12 GMT
etag: 1598947037246
content-length: 2373
content-type: image/png

GET
H2 200 montserrat-light-webfont.woff
login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/font/ 22 KB
22 KB 288ms
288ms Font
application/font-woff 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/font/montserrat-light-webfont.woff
Requested by: Host: login.idam.ccxdev.com
URL: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/css/okta-sign-in.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

Request headers

Origin: https://login.idam.ccxdev.com
Referer: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:13 GMT
etag: 1598947037196
content-length: 22112
content-type: application/font-woff

GET
H2 200 montserrat-regular-webfont.woff
login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/font/ 21 KB
22 KB 288ms
288ms Font
application/font-woff 13.211.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/font/montserrat-regular-webfont.woff
Requested by: Host: login.idam.ccxdev.com
URL: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/css/okta-sign-in.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.211.63.164 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-211-63-164.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3

Request headers

Origin: https://login.idam.ccxdev.com
Referer: https://login.idam.ccxdev.com/scripts/com/okta/widget/4.0.2.0/css/okta-sign-in.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 08:50:13 GMT
etag: 1598947037196
content-length: 21980
content-type: application/font-woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: idam.cybercx.idslns.com
URL: https://idam.cybercx.idslns.com/api/v1/sessions/me

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

idam.cybercx.idslns.com
login.idam.ccxdev.com
idam.cybercx.idslns.com
13.211.63.164
3.104.34.32
1c1e530cef7ef8ac2d9cdf0191f44e58e8b5661442545f336b347da9b060a60b
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
59ffef4f4b6f7143866694e8bdf4904d9646a7681966e333fc473d39f88a012a
668c27ebd3ebaa43759a28c6d0dc4be63b6c44b75f974957f0861ca2a947bcf1
a37cdd2f1fcb66fbb2b4c984ab39b4d05673850c0a6f4d3dd16cbc2a711c423f
c107ed8e081860846c15796ac931e7a5055c4bca9b9ddcbdaf3062205fb9a139
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace

login.idam.ccxdev.com Open in urlscan Pro 13.211.63.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1501 kBTransfer

1499 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

login.idam.ccxdev.com Open in urlscan Pro
13.211.63.164 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1501 kB
Transfer

1499 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions