urlscan.io logo urlscan.io
SecurityTrails logo

atoz-pic-app.amazon.work Open in urlscan Pro
2600:9000:20a0:a00:a:6b72:180:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://atoz-pic-app.amazon.work/
Submission Tags: @phishunt_io
Submission: On March 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2600:9000:20a0:a00:a:6b72:180:93a1, located in United States and belongs to AMAZON-02, US. The main domain is atoz-pic-app.amazon.work.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 27th 2024. Valid for: a year.
This is the only time atoz-pic-app.amazon.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2600:9000:20a... 16509 (AMAZON-02)
1 18.244.18.21 16509 (AMAZON-02)
4 2600:1f18:41d... 14618 (AMAZON-AES)
1 67.220.243.61 16509 (AMAZON-02)
12 5
Apex Domain
Subdomains		 Transfer
6 amazonaws.com
client.rum.us-east-1.amazonaws.com — Cisco Umbrella Rank: 10773
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 2804
sts.us-east-1.amazonaws.com — Cisco Umbrella Rank: 9614
dataplane.rum.us-east-1.amazonaws.com Failed
35 KB
4 amazon.work
atoz-pic-app.amazon.work
1 MB
12 2
Domain Requested by
4 cognito-identity.us-east-1.amazonaws.com client.rum.us-east-1.amazonaws.com
4 atoz-pic-app.amazon.work atoz-pic-app.amazon.work
1 sts.us-east-1.amazonaws.com client.rum.us-east-1.amazonaws.com
1 client.rum.us-east-1.amazonaws.com atoz-pic-app.amazon.work
0 dataplane.rum.us-east-1.amazonaws.com Failed client.rum.us-east-1.amazonaws.com
12 5

This site contains no links.

Subject Issuer Validity Valid
atoz-pic-app.amazon.work
Amazon RSA 2048 M02		 2024-03-27 -
2025-04-25		 a year crt.sh
client.rum.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-09-14 -
2024-10-13		 a year crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon RSA 2048 M02		 2023-05-08 -
2024-06-05		 a year crt.sh
sts.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-18 -
2024-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://atoz-pic-app.amazon.work/
Frame ID: 5330319D7CF209874B9B2B1FA3CFECC8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PIC Website

Page Statistics

12
Requests

83 %
HTTPS

50 %
IPv6

2
Domains

5
Subdomains

5
IPs

1
Countries

1231 kB
Transfer

5623 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
atoz-pic-app.amazon.work/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://atoz-pic-app.amazon.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a00:a:6b72:180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51ade1837e0cf881690d92ae1609de3ca5fdcf919b8871020c9a128c9d70da51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
4982
content-encoding
gzip
content-type
text/html
date
Wed, 27 Mar 2024 19:01:17 GMT
etag
W/"3c69a1e5dc168fca7d6650ad11953202"
last-modified
Wed, 27 Mar 2024 18:51:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 20048fca6de376fc3e9a3975b6f01be4.cloudfront.net (CloudFront)
x-amz-cf-id
Nxpd0CjKZHXWku_jjMF_WcUMZG2sTnUWcXE7-6vD10wMC2XPv609wg==
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
iqNPOMI0Ph13umM24wD_1jvlgWBQ.5wj
x-cache
Hit from cloudfront
vendor.4b45c2b6.chunk.min.js
atoz-pic-app.amazon.work/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://atoz-pic-app.amazon.work/vendor.4b45c2b6.chunk.min.js
Requested by
Host: atoz-pic-app.amazon.work
URL: https://atoz-pic-app.amazon.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a00:a:6b72:180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae318ab01fe3e530580b3edac91c47c35d1eb4b26c2ee64b830fde8e43d11c8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://atoz-pic-app.amazon.work/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 20:24:20 GMT
x-amz-version-id
lL_Axrkap7zmAJNUQcfe5fnk5UF_1686
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 18:51:18 GMT
server
AmazonS3
via
1.1 20048fca6de376fc3e9a3975b6f01be4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
etag
W/"7ffe1d1cd2a20ba056a740468cf9a22f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
akowqFGnzVEM5CN6C6voS1ufcGOIdNymB4gMtDFqcPGqT6690KGwHg==
main.8128d1b9acdf2f695546.js
atoz-pic-app.amazon.work/ 		603 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atoz-pic-app.amazon.work/main.8128d1b9acdf2f695546.js
Requested by
Host: atoz-pic-app.amazon.work
URL: https://atoz-pic-app.amazon.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a00:a:6b72:180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
194430405139723b1e73b74ac354d7a8bc822833d860c9ffe6679943f5b199f5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://atoz-pic-app.amazon.work/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 20:24:20 GMT
x-amz-version-id
sHB5UQuIwLHaoP1HfYW3GpoQp.VdRnGv
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 18:51:18 GMT
server
AmazonS3
via
1.1 20048fca6de376fc3e9a3975b6f01be4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
etag
W/"de7cc7165f59916ae621c6ce4e7f4383"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
fS45zC0TF2QBK2IFwW56IZ8XoQTAHukDq05l_LLY3aP8LVMUnE5RMA==
cwr.js
client.rum.us-east-1.amazonaws.com/1.12.0/ 		133 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.rum.us-east-1.amazonaws.com/1.12.0/cwr.js
Requested by
Host: atoz-pic-app.amazon.work
URL: https://atoz-pic-app.amazon.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06c42d69370899f6792a4f88bd1210b30f083f2c60223b0d479a5ca181e91920

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://atoz-pic-app.amazon.work/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5Zf6D8.yXZaVmQnvZtsYf3GoOdAKatl7
content-encoding
br
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 01:23:49 GMT
last-modified
Thu, 17 Nov 2022 17:57:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
241230
etag
W/"fb51ff8baea4c07e688d2cf9030ef369"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=604800
x-amz-cf-id
Jyd78HTalj8iA9Z5GGO5rcyP2IbLd6HamE8OnPU7LcQ6ThigIwB97A==
/
cognito-identity.us-east-1.amazonaws.com/ 		63 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.12.0/cwr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7402:45d9:bb7a:7a3:422d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
25dd185a8fc79fa7676ff28816966e0fc5c53b27313c458916dbb5a9602b46ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/x-amz-json-1.1
Referer
https://atoz-pic-app.amazon.work/
x-amz-target
AWSCognitoIdentityService.GetId
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 27 Mar 2024 20:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
1a304719-2776-47cb-9dfe-b5be9edda91d
content-length
63
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7402:45d9:bb7a:7a3:422d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://atoz-pic-app.amazon.work
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Wed, 27 Mar 2024 20:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
ef0ff9b9-8dae-4b73-90e0-afbaa0d3fb6b
/
cognito-identity.us-east-1.amazonaws.com/ 		771 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.12.0/cwr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7402:45d9:bb7a:7a3:422d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
be66f8fd263d67fafebcc5b402c39876988bdd2bc9be0576448914912f92d631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/x-amz-json-1.1
Referer
https://atoz-pic-app.amazon.work/
x-amz-target
AWSCognitoIdentityService.GetOpenIdToken
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 27 Mar 2024 20:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
b20c1de9-c9f3-4c1c-bfb5-36683d0cd9a9
content-length
771
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7402:45d9:bb7a:7a3:422d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://atoz-pic-app.amazon.work
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Wed, 27 Mar 2024 20:24:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
5abd9f9f-231b-4f2c-a98c-d1b515ad95d3
/
sts.us-east-1.amazonaws.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sts.us-east-1.amazonaws.com/
Requested by
Host: client.rum.us-east-1.amazonaws.com
URL: https://client.rum.us-east-1.amazonaws.com/1.12.0/cwr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.220.243.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2b1d3b009e870d6a2dd373b2535eb51cf5966e3127b0a78857767a4ba6b12fe9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://atoz-pic-app.amazon.work/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Wed, 27 Mar 2024 20:24:19 GMT
x-amzn-RequestId
f93f945b-8327-4bfd-9fb9-8aa1e932c379
Content-Length
2061
Content-Type
text/xml
favicon.ico
atoz-pic-app.amazon.work/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://atoz-pic-app.amazon.work/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a00:a:6b72:180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51ade1837e0cf881690d92ae1609de3ca5fdcf919b8871020c9a128c9d70da51

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://atoz-pic-app.amazon.work/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 19:01:17 GMT
x-amz-version-id
iqNPOMI0Ph13umM24wD_1jvlgWBQ.5wj
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 18:51:18 GMT
server
AmazonS3
via
1.1 20048fca6de376fc3e9a3975b6f01be4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
etag
W/"3c69a1e5dc168fca7d6650ad11953202"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
age
4984
x-amz-cf-id
eNppxN81RbRe7c5roVDW8yZvWtG5gQATE0RkzGe6rw6dcZ5AK16-GQ==
23dec5bc-6f92-4d47-8497-1c777ea938cb
dataplane.rum.us-east-1.amazonaws.com/appmonitors/ 		0
0
23dec5bc-6f92-4d47-8497-1c777ea938cb
dataplane.rum.us-east-1.amazonaws.com/appmonitors/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dataplane.rum.us-east-1.amazonaws.com
URL
https://dataplane.rum.us-east-1.amazonaws.com/appmonitors/23dec5bc-6f92-4d47-8497-1c777ea938cb
Domain
dataplane.rum.us-east-1.amazonaws.com
URL
https://dataplane.rum.us-east-1.amazonaws.com/appmonitors/23dec5bc-6f92-4d47-8497-1c777ea938cb

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| AwsRumClient function| cwr object| picWebsite object| regeneratorRuntime function| setImmediate function| clearImmediate object| __APOLLO_CLIENT__ object| __core-js_shared__ object| scCGSHMRCache

2 Cookies

Domain/Path Name / Value
.atoz-pic-app.amazon.work/ Name: cwr_u
Value: 8f2c6d60-5d0e-410a-b2a9-1945afbfd3ef
.atoz-pic-app.amazon.work/ Name: cwr_s
Value: eyJzZXNzaW9uSWQiOiIwZDMwYTgxYS01ZjkxLTQwYTctYmZjNi0zYjY5ZmEzNWUzNDEiLCJyZWNvcmQiOnRydWUsImV2ZW50Q291bnQiOjEwLCJwYWdlIjp7InBhZ2VJZCI6Ii8iLCJpbnRlcmFjdGlvbiI6MCwic3RhcnQiOjE3MTE1NzEwNTg5MjJ9fQ==