urlscan.io logo urlscan.io
SecurityTrails logo

sa-east-1.quicksight.aws.amazon.com Open in urlscan Pro
52.46.175.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/
Effective URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fsta...
Submission Tags: @phishunt_io
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 13 HTTP transactions. The main IP is 52.46.175.91, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is sa-east-1.quicksight.aws.amazon.com.
TLS certificate: Issued by Amazon on December 28th 2020. Valid for: a year.
This is the only time sa-east-1.quicksight.aws.amazon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.137.137.121 8075 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 4 52.46.175.91 16509 (AMAZON-02)
7 2600:9000:215... 16509 (AMAZON-02)
13 4
Domain Requested by
7 d3io4sks9zp17m.cloudfront.net sa-east-1.quicksight.aws.amazon.com
4 sa-east-1.quicksight.aws.amazon.com 2 redirects sa-east-1.quicksight.aws.amazon.com
3 mcasproxy.azureedge.net sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms
mcasproxy.azureedge.net
1 sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms
13 4

This site contains no links.

Subject Issuer Validity Valid
*.mcas.ms
Microsoft Azure TLS Issuing CA 05		 2021-08-16 -
2022-08-11		 a year crt.sh
*.azureedge.net
DigiCert SHA2 Secure Server CA		 2020-11-21 -
2021-11-30		 a year crt.sh
web-quicksight.sa-east-1.amazonaws.com
Amazon		 2020-12-28 -
2021-12-07		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Frame ID: 3775E6046C01C4AAAD19530DD74F690D
Requests: 11 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2F
Frame ID: BA32962640D0103E4FC421D26EEB778F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QuickSight Sign-In

Page URL History Show full URLs

  1. https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/ Page URL
  2. https://sa-east-1.quicksight.aws.amazon.com/ HTTP 302
    https://sa-east-1.quicksight.aws.amazon.com/sn/start Page URL
  3. https://sa-east-1.quicksight.aws.amazon.com/sn/start?&state=hashArgs%23 HTTP 302
    https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.co... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

455 kB
Transfer

1471 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/ Page URL
  2. https://sa-east-1.quicksight.aws.amazon.com/ HTTP 302
    https://sa-east-1.quicksight.aws.amazon.com/sn/start Page URL
  3. https://sa-east-1.quicksight.aws.amazon.com/sn/start?&state=hashArgs%23 HTTP 302
    https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://sa-east-1.quicksight.aws.amazon.com/ HTTP 302
  • https://sa-east-1.quicksight.aws.amazon.com/sn/start

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/ 		1 KB
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
91cf6d226783b8b28a0ae925c603565f58573cda554d54a098f14d9347e06dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
openresty
date
Tue, 19 Oct 2021 02:39:53 GMT
x-mcas-request-id
f664c805c1b39bd4c2c544aeb40b69df
pragma
no-cache
strict-transport-security
max-age=31536000
expires
Mon, 01-Jan-1990 00:00:00 GMT
cache-control
max-age=0, no-cache, no-store
x-mcas-upstream-time
n/a
x-mcas-processing-time
2
content-encoding
gzip
x-mcas-cache-status
MISS
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.7.19/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-store-helper.min.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms
URL: https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 19 Oct 2021 02:39:54 GMT
last-modified
Fri, 15 Oct 2021 19:37:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
PLOXavfa2pddds7xHBr81w==
etag
0x8D990133FF7986E
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4620e0d6-f01e-00a1-4126-c29a4f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31269673
x-ms-version
2009-09-19
content-length
5084
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.7.19/html/ Frame BA32 		281 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2F
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method
GET
:authority
mcasproxy.azureedge.net
:scheme
https
:path
/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/

Response headers

content-length
281
content-type
text/html
content-md5
vDuuGHIdcY/gQtnraxH9qw==
last-modified
Fri, 15 Oct 2021 19:37:38 GMT
etag
0x8D990133F2F41AD
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
b92320e9-a01e-0018-0a26-c27941000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cache-control
public, max-age=31269756
date
Tue, 19 Oct 2021 02:39:54 GMT
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.7.19/js/ Frame BA32 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 19 Oct 2021 02:39:54 GMT
last-modified
Fri, 15 Oct 2021 19:37:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
d0ja3c44qO7D3vm2nqObfQ==
etag
0x8D990133F6F63AD
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b92321e8-a01e-0018-6326-c27941000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31269715
x-ms-version
2009-09-19
content-length
36521
Cookie set start
sa-east-1.quicksight.aws.amazon.com/sn/
Redirect Chain
  • https://sa-east-1.quicksight.aws.amazon.com/?
  • https://sa-east-1.quicksight.aws.amazon.com/sn/start
1023 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sa-east-1.quicksight.aws.amazon.com/sn/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.46.175.91 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AWS Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
sa-east-1.quicksight.aws.amazon.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=4583A0DEC769F6170FAE21D69D198E48
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sa-east-1.quicksight.aws.amazon.com.admin-mcas.ms/

Response headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amzn-requestid
20957755-a641-4ab6-aafe-760d6ccfe569
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Set-Cookie
awsc-authTimer=%7B%22start%22%3A%221634611195764%22%7D; Secure; HttpOnly aws-creds=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds-code-verifier=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-consoleInfo=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds=""; Domain=sa-east-1.quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds-code-verifier=""; Domain=sa-east-1.quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-consoleInfo=""; Domain=sa-east-1.quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds=""; Domain=quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds-code-verifier=""; Domain=quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-consoleInfo=""; Domain=quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-ds-access-token=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn aws-ds-refresh-token=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn aws-ds-access-token=""; Domain=.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn aws-ds-refresh-token=""; Domain=.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn
Content-Type
text/html;charset=UTF-8
Content-Length
1023
Date
Tue, 19 Oct 2021 02:39:55 GMT
Keep-Alive
timeout=60
Connection
keep-alive
Server
AWS Server

Redirect headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amzn-requestid
646b99ab-2978-4af5-a322-d3d9b48d62f7
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Set-Cookie
JSESSIONID=4583A0DEC769F6170FAE21D69D198E48; Path=/; Secure; HttpOnly
Content-Security-Policy
frame-ancestors 'none'
Content-Security-Policy-Report-Only
frame-ancestors 'none'; default-src 'self' https://d3io4sks9zp17m.cloudfront.net/; connect-src 'self' https://api.sa-east-1.quicksight.aws.amazon.com wss://websocket.sa-east-1.quicksight.aws.amazon.com *.resources.maps.a2z.com maps.geo.us-east-1.amazonaws.com d233vg7hq6pih1.cloudfront.net d3bzuuerb3m5u0.cloudfront.net mobileanalytics.us-east-1.amazonaws.com cognito-identity..amazonaws.com; img-src data: https: blob:; script-src 'unsafe-eval' 'nonce-8uHTEWfM4QPQ785WgrmddQ==' 'self' https://d3io4sks9zp17m.cloudfront.net/; style-src 'unsafe-inline' 'self' https://d3io4sks9zp17m.cloudfront.net/; worker-src 'self' https://d3io4sks9zp17m.cloudfront.net/ blob: data:; report-uri https://reports.prod.sa-east-1.quicksight.aws.a2z.com/csp-report; report-to csp-report
Report-To
{"max_age":10886400,"endpoints":{"url":"https://reports.prod.sa-east-1.quicksight.aws.a2z.com/csp-report"},"group":"csp-report"}
Location
/sn/start
Content-Type
text/html;charset=UTF-8
Content-Length
0
Date
Tue, 19 Oct 2021 02:39:55 GMT
Keep-Alive
timeout=60
Connection
keep-alive
Server
AWS Server
Primary Request signin
sa-east-1.quicksight.aws.amazon.com/sn/auth/
Redirect Chain
  • https://sa-east-1.quicksight.aws.amazon.com/sn/start?&state=hashArgs%23
  • https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
65 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/start
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.46.175.91 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AWS Server /
Resource Hash
e3c879420b91a2d74ce7d5b4ac59b2fb6b53e6476a2a38d15aecc1d7808a97ca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
sa-east-1.quicksight.aws.amazon.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://sa-east-1.quicksight.aws.amazon.com/sn/start
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=4583A0DEC769F6170FAE21D69D198E48
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sa-east-1.quicksight.aws.amazon.com/sn/start

Response headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amzn-requestid
ba406515-26e4-41aa-af6c-ad894a56dbd0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'none'
Content-Security-Policy-Report-Only
frame-ancestors 'none'; default-src 'self' https://d3io4sks9zp17m.cloudfront.net/; connect-src 'self' https://api.sa-east-1.quicksight.aws.amazon.com wss://websocket.sa-east-1.quicksight.aws.amazon.com *.resources.maps.a2z.com maps.geo.us-east-1.amazonaws.com d233vg7hq6pih1.cloudfront.net d3bzuuerb3m5u0.cloudfront.net mobileanalytics.us-east-1.amazonaws.com cognito-identity..amazonaws.com; img-src data: https: blob:; script-src 'unsafe-eval' 'nonce-xjUEyj6J/A+o8oDyESO48A==' 'self' https://d3io4sks9zp17m.cloudfront.net/; style-src 'unsafe-inline' 'self' https://d3io4sks9zp17m.cloudfront.net/; worker-src 'self' https://d3io4sks9zp17m.cloudfront.net/ blob: data:; report-uri https://reports.prod.sa-east-1.quicksight.aws.a2z.com/csp-report; report-to csp-report
Report-To
{"max_age":10886400,"endpoints":{"url":"https://reports.prod.sa-east-1.quicksight.aws.a2z.com/csp-report"},"group":"csp-report"}
X-UA-Compatible
IE=Edge
vary
accept-encoding
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Content-Language
de-DE
Transfer-Encoding
chunked
Date
Tue, 19 Oct 2021 02:39:55 GMT
Keep-Alive
timeout=60
Connection
keep-alive
Server
AWS Server

Redirect headers

Cache-Control
private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amzn-requestid
d3d3446e-cb19-4ff9-b97f-0093565f468a
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Set-Cookie
aws-creds=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds-code-verifier=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-consoleInfo=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds=""; Domain=sa-east-1.quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds-code-verifier=""; Domain=sa-east-1.quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-consoleInfo=""; Domain=sa-east-1.quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds=""; Domain=quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-creds-code-verifier=""; Domain=quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-consoleInfo=""; Domain=quicksight.aws.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn; Secure aws-ds-access-token=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn aws-ds-refresh-token=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn aws-ds-access-token=""; Domain=.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn aws-ds-refresh-token=""; Domain=.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/sn awsc-authTimer=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Secure; HttpOnly
Location
https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Content-Type
text/html;charset=UTF-8
Content-Length
0
Date
Tue, 19 Oct 2021 02:39:55 GMT
Keep-Alive
timeout=60
Connection
keep-alive
Server
AWS Server
signin.2754b0c128990afa0e67.1.css
d3io4sks9zp17m.cloudfront.net/signin/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/signin/signin.2754b0c128990afa0e67.1.css
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4d92c8b6a5b0dfb219ad784dae91e7f2066c951532380ee0180152b9aa04023

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sa-east-1.quicksight.aws.amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:39:57 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 14:55:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"265aa411e7a1689dd8dc6b28ecd33e87"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Accept-Encoding,Origin
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
timing-allow-origin
*
x-amz-cf-id
O0jK_biq-DpTxNStlLqf2XKl5I57AwvDsqRwAfwv7nw3II9hMPFToQ==
expires
Tue, 06 May 2031 14:55:57 GMT
platform-vendors.bundle.ae16167cb72d50aa54d8.2.js
d3io4sks9zp17m.cloudfront.net/app/platform/ 		498 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/app/platform/platform-vendors.bundle.ae16167cb72d50aa54d8.2.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dfec3d70fe4db2d37ed962129da468735f068f7f8e3db391279a46e6359850c

Request headers

Referer
https://sa-east-1.quicksight.aws.amazon.com/
Origin
https://sa-east-1.quicksight.aws.amazon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:39:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sa-east-1.quicksight.aws.amazon.com
last-modified
Fri, 09 Jul 2021 23:38:31 GMT
server
AmazonS3
etag
W/"363a9d76f380a165fa2d4311ea57c72d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-allow-credentials
true
timing-allow-origin
*
x-amz-cf-id
xqas9gMgKn9qEf7qs9dSSehihC81QYGBbof-buEcZM25mOyuQk-tBw==
expires
Wed, 09 Jul 2031 23:38:30 GMT
platform-libs.bundle.e3408c803ce50bcbfe60.2.js
d3io4sks9zp17m.cloudfront.net/app/platform/ 		115 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/app/platform/platform-libs.bundle.e3408c803ce50bcbfe60.2.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
289bc0b9830394e353622be1c1a4cb5a1d4172b0410c22f91a5c9cc4a8694535

Request headers

Referer
https://sa-east-1.quicksight.aws.amazon.com/
Origin
https://sa-east-1.quicksight.aws.amazon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:39:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sa-east-1.quicksight.aws.amazon.com
last-modified
Fri, 15 Oct 2021 00:56:27 GMT
server
AmazonS3
etag
W/"08eb1357000b6d6c556697ba071b9ec8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-allow-credentials
true
timing-allow-origin
*
x-amz-cf-id
KTHdh5W6OiZjhR5nH7SpS1yjc0oMU-EObe5Qocrh0hfZtUX0zqUDgQ==
expires
Wed, 15 Oct 2031 00:56:26 GMT
platform_remote.d050302327378d47dede.2.js
d3io4sks9zp17m.cloudfront.net/app/platform/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/app/platform/platform_remote.d050302327378d47dede.2.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b80fea9b9141b0cad4cb38c142892e7db3457b071e20cb4ffebae95fbfa3f79

Request headers

Referer
https://sa-east-1.quicksight.aws.amazon.com/
Origin
https://sa-east-1.quicksight.aws.amazon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 22:48:29 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
13888
x-cache
Hit from cloudfront
access-control-allow-origin
https://sa-east-1.quicksight.aws.amazon.com
last-modified
Fri, 15 Oct 2021 00:56:30 GMT
server
AmazonS3
etag
W/"7636ca41732b4e96db7cd6d68b9e056c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
IBDhF5nL3r-t30aoLQEKG7bcIjsC4sUBvDpB_Xf4baC8ckXVeiZ-RA==
expires
Wed, 15 Oct 2031 00:56:29 GMT
signin.en-US.bundle.d433855da29e90274e95.1.js
d3io4sks9zp17m.cloudfront.net/signin/ 		525 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/signin/signin.en-US.bundle.d433855da29e90274e95.1.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef36be169f8c544d0115926991cdc3e96229374e1dd7df6d5747c55945c7d363

Request headers

Referer
https://sa-east-1.quicksight.aws.amazon.com/
Origin
https://sa-east-1.quicksight.aws.amazon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:39:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sa-east-1.quicksight.aws.amazon.com
last-modified
Fri, 07 May 2021 14:34:40 GMT
server
AmazonS3
etag
W/"1b28e468d2104337b9a8db9808ae3bb6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-allow-credentials
true
timing-allow-origin
*
x-amz-cf-id
PN_5o7hWY9jFIwkNt5JJlAvVkYieIxzUClMwA8iO0BN2vhjkNEdSSA==
expires
Wed, 07 May 2031 14:34:38 GMT
signin-bootstrap.bundle.134d7c33344137f4f026.1.js
d3io4sks9zp17m.cloudfront.net/signin/ 		118 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/signin/signin-bootstrap.bundle.134d7c33344137f4f026.1.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21ee650fff3e60865c6db8e933feffd2bbe7631274e2373b05bcffccad2e04de

Request headers

Referer
https://sa-east-1.quicksight.aws.amazon.com/
Origin
https://sa-east-1.quicksight.aws.amazon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:39:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sa-east-1.quicksight.aws.amazon.com
last-modified
Thu, 06 May 2021 14:55:57 GMT
server
AmazonS3
etag
W/"cf282aa3260df03da0a930814833a013"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-allow-credentials
true
timing-allow-origin
*
x-amz-cf-id
icMWDd9MyaGFmNwaIq059VrWEqMBRQt3ehg3aUci5pdNJn5ThzmfdA==
expires
Tue, 06 May 2031 14:55:56 GMT
signin.7299216c96119e2cc6e9.1.js
d3io4sks9zp17m.cloudfront.net/signin/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3io4sks9zp17m.cloudfront.net/signin/signin.7299216c96119e2cc6e9.1.js
Requested by
Host: sa-east-1.quicksight.aws.amazon.com
URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:12:bc56:5880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
136f5b362aff3afd503a04da7870dc423a648cbeb24d9a3e95e60ca19ff768c2

Request headers

Referer
https://sa-east-1.quicksight.aws.amazon.com/
Origin
https://sa-east-1.quicksight.aws.amazon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 02:39:57 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://sa-east-1.quicksight.aws.amazon.com
last-modified
Fri, 07 May 2021 14:34:36 GMT
server
AmazonS3
etag
W/"c9f96c20e90902b156e75faa49aeedb1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-allow-credentials
true
timing-allow-origin
*
x-amz-cf-id
NFUYw1bp62PezsSDrEeWqtRSEwx4ahSa9ylCFJmk1oXZIVGCcmkd0A==
expires
Wed, 07 May 2031 14:34:34 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster number| __t0 string| __bundler_root object| __bundler_root_map object| webpackChunkSpaceNeedleWebsiteStaticContent object| platform_remote

1 Cookies

Domain/Path Name / Value
sa-east-1.quicksight.aws.amazon.com/ Name: JSESSIONID
Value: 4583A0DEC769F6170FAE21D69D198E48

1 Console Messages

Source Level URL
Text
security error URL: https://sa-east-1.quicksight.aws.amazon.com/sn/auth/signin?redirect_uri=https%3A%2F%2Fsa-east-1.quicksight.aws.amazon.com%2Fsn%2Fstart%3Fstate%3DhashArgs%2523%26isauthcode%3Dtrue
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'cognito-identity..amazonaws.com'. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000