urlscan.io logo urlscan.io
SecurityTrails logo

us-east-2.signin.aws Open in urlscan Pro
52.95.20.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://corp.invoicedhq.com/
Effective URL: https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
Submission: On February 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 24 HTTP transactions. The main IP is 52.95.20.63, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is us-east-2.signin.aws.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 31st 2022. Valid for: a year.
This is the only time us-east-2.signin.aws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.59.21.236 16509 (AMAZON-02)
1 1 2600:1f16:9b9... 16509 (AMAZON-02)
1 4 18.116.142.221 16509 (AMAZON-02)
1 108.138.15.187 16509 (AMAZON-02)
2 2600:9000:243... 16509 (AMAZON-02)
15 52.95.20.63 16509 (AMAZON-02)
1 2600:9000:210... ()
24 6
1    13.59.21.236 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-21-236.us-east-2.compute.amazonaws.com
corp.invoicedhq.com
1    2600:1f16:9b9:9600:8e7b:f55a:fb4a:e94d (Columbus, United States)

ASN16509 (AMAZON-02, US)
invoiced-zero-trust.auth.us-east-2.amazoncognito.com
4    18.116.142.221 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-142-221.us-east-2.compute.amazonaws.com
portal.sso.us-east-2.amazonaws.com
1    108.138.15.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-187.fra56.r.cloudfront.net
invoiced.awsapps.com
2    2600:9000:2436:ae00:3:98c9:8d00:21 (United States)

ASN16509 (AMAZON-02, US)
d2qhklra89ffp0.cloudfront.net
15    52.95.20.63 (Columbus, United States)

ASN16509 (AMAZON-02, US)
us-east-2.signin.aws
1    2600:9000:2104:e800:3:12d0:8d40:21 (None, )

ASN- ()
d35uxhjf90umnp.cloudfront.net
Domain Requested by
15 us-east-2.signin.aws d2qhklra89ffp0.cloudfront.net
us-east-2.signin.aws
invoiced.awsapps.com
4 portal.sso.us-east-2.amazonaws.com 1 redirects d2qhklra89ffp0.cloudfront.net
2 d2qhklra89ffp0.cloudfront.net invoiced.awsapps.com
d2qhklra89ffp0.cloudfront.net
1 d35uxhjf90umnp.cloudfront.net us-east-2.signin.aws
1 invoiced.awsapps.com
1 invoiced-zero-trust.auth.us-east-2.amazoncognito.com 1 redirects
1 corp.invoicedhq.com 1 redirects
0 truncated Failed us-east-2.signin.aws
0 website.sso-portal.us-east-2.amazonaws.com Failed d2qhklra89ffp0.cloudfront.net
24 9

This site contains no links.

Subject Issuer Validity Valid
*.awsapps.com
Amazon		 2022-03-14 -
2023-04-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
portal.sso.us-east-2.amazonaws.com
Amazon		 2022-08-07 -
2023-09-05		 a year crt.sh
us-east-2.signin.aws
Amazon RSA 2048 M01		 2022-12-31 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
Frame ID: 029E482B6297C404BCE694A7329833C6
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon Web Services (AWS)

Page URL History Show full URLs

  1. https://corp.invoicedhq.com/ HTTP 302
    https://invoiced-zero-trust.auth.us-east-2.amazoncognito.com/oauth2/authorize?client_id=39j8osl42afo3b4bpm8narketf&redirect_uri=https%3A%... HTTP 302
    https://portal.sso.us-east-2.amazonaws.com/saml/assertion/MjI0NzkyNTA0NzMzX2lucy1kZmYxNzk4ZjQ4OGFhYWU5?SAMLRequest=fZJB... HTTP 303
    https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-... Page URL
  2. https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77 Page URL

Page Statistics

24
Requests

92 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

6
IPs

1
Countries

6005 kB
Transfer

8106 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://corp.invoicedhq.com/ HTTP 302
    https://invoiced-zero-trust.auth.us-east-2.amazoncognito.com/oauth2/authorize?client_id=39j8osl42afo3b4bpm8narketf&redirect_uri=https%3A%2F%2Fcorp.invoicedhq.com%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=5s461raYSWha4JP1qrTwsygyC3VcVJbY6I%2BfGnXowW8YUMP91dzxK0IJfNK4U6NsPgAN%2Baz607fXKKcQciry9Rg0fj%2FxN4XkcScou4DeRzr69gCnsqI3YKZ%2F5r7zALV5FxJBc2HqFErESfuowO0%2FwXuHUCeIYTrBnTx9u48ZntWAA%2Bm8qIIjWSRb7gCZ7Jn7yCGDeP5Y HTTP 302
    https://portal.sso.us-east-2.amazonaws.com/saml/assertion/MjI0NzkyNTA0NzMzX2lucy1kZmYxNzk4ZjQ4OGFhYWU5?SAMLRequest=fZJBT%2BMwEIXv%2Bysi3504bijBaoIqUFeVKCugXba9IK9jqCGxs55Jof31uC2tFiFxsjx6897omxmcvzV1tNIejLMFSWNGIm2Vq4x9KshsOqI5OS9%2FDEA2NW%2FFsMOlvdX%2FOg0YDQG0x9B34Sx0jfZ32q%2BM0rPbq4IsEVsQSWLsyoVaRTfaO4q%2BA4xlcIk7oFoCUh7LRm5cyHyyBl2sXJPs0hJTtV5DG8w1iS5DorESd2MezFvnUdYxgPtiJ1%2FhaJXIw6TJ5HnMrjcv6%2BvpMLyTzR9ed2qdviya%2BVuoZ4vnm%2BzXz9Fyfj87IdH4siAPLFM56%2BWc5j2laSb5Kc1lX9GKqfTkrH%2Bm0tOtFKDTYwsoLRaEM96jjNOUTRkTaSZ4L%2B73%2BYJEvw%2Bo%2BRZ1gG9B7OEWpPNWOAkGhJWNBoFK3A0nVyJIResdOuVqUu53IXaBPho530j8vndbMRV93EmFtmhw%2FSn7%2B%2FYjPVJuZXu%2B4mNfAlpxZP%2FAZtO0m%2F%2Bt5oPk%2FynLj%2B%2FnAyrfAQ%3D%3D&RelayState=H4sIAAAAAAAAAD2SSZOiQBCF_wvXtpQdyhviBi6tggpMT3QURbEpFLK5dMx_n_Iwc_siXr6Il_nyh0PcmOsaQFDTAvGbP7pC54eRzw24kCnG2WGEGUkw12lzlUUUUymUw6rQS1RfSBuzgYgNpG1bNePRCNO6GmZlTzNMovQ2xLQYUdS1qTjKoqomTUXLhjATYSZMozfGDB1js2aYcONfHK1ImUXc7wGXMkVpZFWoke-cUyTbO-FWu_fmmTxN6YRPduir1ke8KD16P-v-cbODQvR6rHjLjrcr-ahum11ibD_QS-W12Fut8B5n9RMeEj7Ov75Gj63sXbCDaSdPyeFVqzAxy-ZmSf4qYLJSay9jfVLmD3uCxeVtPqtnTtzR-yfP1LvXLY8msXy3npTuA3ayHpTt2TA-Cv1mWfnZOYRaYgaaXWpPczElO-V92QtbKui3690G7YFezL0e5gaaLhVzLYJvQVur8cp00cuJLbCI-8jPlPnhAaU7RAZMHxrBgeLJCex3eO35vrLXABXKQpFn-yKfry95pqkbMcjdbZ6DrJjcQ7xBpP-WTRBdHMudBIt5FjRhY2tnUqkQzU5KPH1cKOknNlCQKhbw001nznU564HOEl9Z4n-dghepKWjrrmmH716H_99niAr0oiWmSZm19N08sxbcWFA1Beo6r0oDruLGMbo2ZMDV7_6hDlUkYhAKWANyxKtAF4kIJFGDSNBlXuZj7s9fwi-hoqYCAAA.H4sIAAAAAAAAAPvr3LsyYubix72Jd2qK3R6W7uRVz1eVudxaFhgtHml-KwkAINamWSAAAAA.3 HTTP 303
    https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126 Page URL
  2. https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://corp.invoicedhq.com/ HTTP 302
  • https://invoiced-zero-trust.auth.us-east-2.amazoncognito.com/oauth2/authorize?client_id=39j8osl42afo3b4bpm8narketf&redirect_uri=https%3A%2F%2Fcorp.invoicedhq.com%2Foauth2%2Fidpresponse&response_type=code&scope=openid&state=5s461raYSWha4JP1qrTwsygyC3VcVJbY6I%2BfGnXowW8YUMP91dzxK0IJfNK4U6NsPgAN%2Baz607fXKKcQciry9Rg0fj%2FxN4XkcScou4DeRzr69gCnsqI3YKZ%2F5r7zALV5FxJBc2HqFErESfuowO0%2FwXuHUCeIYTrBnTx9u48ZntWAA%2Bm8qIIjWSRb7gCZ7Jn7yCGDeP5Y HTTP 302
  • https://portal.sso.us-east-2.amazonaws.com/saml/assertion/MjI0NzkyNTA0NzMzX2lucy1kZmYxNzk4ZjQ4OGFhYWU5?SAMLRequest=fZJBT%2BMwEIXv%2Bysi3504bijBaoIqUFeVKCugXba9IK9jqCGxs55Jof31uC2tFiFxsjx6897omxmcvzV1tNIejLMFSWNGIm2Vq4x9KshsOqI5OS9%2FDEA2NW%2FFsMOlvdX%2FOg0YDQG0x9B34Sx0jfZ32q%2BM0rPbq4IsEVsQSWLsyoVaRTfaO4q%2BA4xlcIk7oFoCUh7LRm5cyHyyBl2sXJPs0hJTtV5DG8w1iS5DorESd2MezFvnUdYxgPtiJ1%2FhaJXIw6TJ5HnMrjcv6%2BvpMLyTzR9ed2qdviya%2BVuoZ4vnm%2BzXz9Fyfj87IdH4siAPLFM56%2BWc5j2laSb5Kc1lX9GKqfTkrH%2Bm0tOtFKDTYwsoLRaEM96jjNOUTRkTaSZ4L%2B73%2BYJEvw%2Bo%2BRZ1gG9B7OEWpPNWOAkGhJWNBoFK3A0nVyJIResdOuVqUu53IXaBPho530j8vndbMRV93EmFtmhw%2FSn7%2B%2FYjPVJuZXu%2B4mNfAlpxZP%2FAZtO0m%2F%2Bt5oPk%2FynLj%2B%2FnAyrfAQ%3D%3D&RelayState=H4sIAAAAAAAAAD2SSZOiQBCF_wvXtpQdyhviBi6tggpMT3QURbEpFLK5dMx_n_Iwc_siXr6Il_nyh0PcmOsaQFDTAvGbP7pC54eRzw24kCnG2WGEGUkw12lzlUUUUymUw6rQS1RfSBuzgYgNpG1bNePRCNO6GmZlTzNMovQ2xLQYUdS1qTjKoqomTUXLhjATYSZMozfGDB1js2aYcONfHK1ImUXc7wGXMkVpZFWoke-cUyTbO-FWu_fmmTxN6YRPduir1ke8KD16P-v-cbODQvR6rHjLjrcr-ahum11ibD_QS-W12Fut8B5n9RMeEj7Ov75Gj63sXbCDaSdPyeFVqzAxy-ZmSf4qYLJSay9jfVLmD3uCxeVtPqtnTtzR-yfP1LvXLY8msXy3npTuA3ayHpTt2TA-Cv1mWfnZOYRaYgaaXWpPczElO-V92QtbKui3690G7YFezL0e5gaaLhVzLYJvQVur8cp00cuJLbCI-8jPlPnhAaU7RAZMHxrBgeLJCex3eO35vrLXABXKQpFn-yKfry95pqkbMcjdbZ6DrJjcQ7xBpP-WTRBdHMudBIt5FjRhY2tnUqkQzU5KPH1cKOknNlCQKhbw001nznU564HOEl9Z4n-dghepKWjrrmmH716H_99niAr0oiWmSZm19N08sxbcWFA1Beo6r0oDruLGMbo2ZMDV7_6hDlUkYhAKWANyxKtAF4kIJFGDSNBlXuZj7s9fwi-hoqYCAAA.H4sIAAAAAAAAAPvr3LsyYubix72Jd2qK3R6W7uRVz1eVudxaFhgtHml-KwkAINamWSAAAAA.3 HTTP 303
  • https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
invoiced.awsapps.com/start/
Redirect Chain
  • https://corp.invoicedhq.com/
  • https://invoiced-zero-trust.auth.us-east-2.amazoncognito.com/oauth2/authorize?client_id=39j8osl42afo3b4bpm8narketf&redirect_uri=https%3A%2F%2Fcorp.invoicedhq.com%2Foauth2%2Fidpresponse&response_typ...
  • https://portal.sso.us-east-2.amazonaws.com/saml/assertion/MjI0NzkyNTA0NzMzX2lucy1kZmYxNzk4ZjQ4OGFhYWU5?SAMLRequest=fZJBT%2BMwEIXv%2Bysi3504bijBaoIqUFeVKCugXba9IK9jqCGxs55Jof31uC2tFiFxsjx6897omxmcvz...
  • https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
720 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-187.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7338b0f7a5566a34bc63c4699aa5121f2d163f60b4f92afe6ee14373027fa6b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-length
720
content-type
text/html
date
Fri, 10 Feb 2023 00:14:25 GMT
etag
"a2ae19acb7dd5891af7db3035e4dcd65"
last-modified
Wed, 11 Jan 2023 01:44:32 GMT
server
AmazonS3
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-id
0YBc8W11QB0gqllVgE-g5sKdVWDa2zjUZ4vFI2nDnSVd4RpNsPBJ7Q==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront

Redirect headers

access-control-expose-headers
RequestId x-amzn-RequestId
content-length
0
date
Fri, 10 Feb 2023 00:14:24 GMT
location
https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
requestid
2c7aa39f-e62e-4a8e-ad81-2f743a196fa3
server
AWS SSO
x-amzn-requestid
2c7aa39f-e62e-4a8e-ad81-2f743a196fa3
orchestrator.js
d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/ 		169 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/orchestrator.js
Requested by
Host: invoiced.awsapps.com
URL: https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2436:ae00:3:98c9:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f45b8d3026ebb51823a49be7900587a8bb25afe5eebafcd68e3cda14dcf3e77c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://invoiced.awsapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 01:17:14 GMT
via
1.1 7c75ee162d05e000e28d3eb8e750533e.cloudfront.net (CloudFront)
last-modified
Sat, 26 Nov 2022 01:12:34 GMT
server
AmazonS3
x-amz-cf-pop
WAW51-P2
age
6562630
etag
"d450d5ccf33dd1854a1e993b59745e8a"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
172987
x-amz-cf-id
5fciLJtBDMR7zVivnY0xqE4BRAc3PS6jP6AAQQPxcu64bI8Oozt-Ag==
0.js
d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/ 		5 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/0.js
Requested by
Host: d2qhklra89ffp0.cloudfront.net
URL: https://d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/orchestrator.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2436:ae00:3:98c9:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26f278f6f8857537949f5a9df88bbfb594fd7d540d663ed7f2c521846f4324b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://invoiced.awsapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 01:17:15 GMT
via
1.1 7c75ee162d05e000e28d3eb8e750533e.cloudfront.net (CloudFront)
last-modified
Sat, 26 Nov 2022 01:12:34 GMT
server
AmazonS3
x-amz-cf-pop
WAW51-P2
age
6562630
etag
"0f32f3c91b4bb317ca863a48e7c49348"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4912113
x-amz-cf-id
uqIOPi9wP1EZrgN_FzkqnOyMc97s2pe5PdjRe2EtsFaxDaOKfolChQ==
whoAmI
portal.sso.us-east-2.amazonaws.com/token/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://portal.sso.us-east-2.amazonaws.com/token/whoAmI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.142.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-142-221.us-east-2.compute.amazonaws.com
Software
AWS SSO /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
p3p
Access-Control-Request-Method
GET
Origin
https://invoiced.awsapps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
p3p
access-control-allow-methods
GET, OPTIONS, POST, DELETE, PUT
access-control-allow-origin
https://invoiced.awsapps.com
content-length
0
date
Fri, 10 Feb 2023 00:14:26 GMT
server
AWS SSO
whoAmI
portal.sso.us-east-2.amazonaws.com/token/ 		114 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.sso.us-east-2.amazonaws.com/token/whoAmI
Requested by
Host: d2qhklra89ffp0.cloudfront.net
URL: https://d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/orchestrator.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.142.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-142-221.us-east-2.compute.amazonaws.com
Software
AWS SSO /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://invoiced.awsapps.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
P3P
policyref="https://www.amazon.com/w3c/p3p.xml", CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC"

Response headers

date
Fri, 10 Feb 2023 00:14:26 GMT
server
AWS SSO
x-amzn-requestid
a0395296-6d50-4804-b67b-d1af63d4d993
requestid
a0395296-6d50-4804-b67b-d1af63d4d993
content-type
application/json
access-control-allow-origin
https://invoiced.awsapps.com
access-control-expose-headers
RequestId, x-amzn-RequestId
access-control-allow-credentials
true
content-length
114
truncated
/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://invoiced.awsapps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/x-font-ttf
log
website.sso-portal.us-east-2.amazonaws.com/ 		0
0
login
portal.sso.us-east-2.amazonaws.com/ 		143 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://portal.sso.us-east-2.amazonaws.com/login?directory_id=invoiced&redirect_url=https%3A%2F%2Finvoiced.awsapps.com%2Fstart%2F%3FrelayId%3De7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
Requested by
Host: d2qhklra89ffp0.cloudfront.net
URL: https://d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/orchestrator.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.142.221 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-142-221.us-east-2.compute.amazonaws.com
Software
AWS SSO /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://invoiced.awsapps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 00:14:26 GMT
server
AWS SSO
x-amzn-requestid
5cfd4567-b72a-4ea1-a6ad-74f4e1582c79
requestid
5cfd4567-b72a-4ea1-a6ad-74f4e1582c79
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC"
access-control-allow-origin
https://invoiced.awsapps.com
access-control-expose-headers
RequestId, x-amzn-RequestId
access-control-allow-credentials
true
content-type
application/json
content-length
143
Primary Request login
us-east-2.signin.aws/platform/ 		475 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
Requested by
Host: d2qhklra89ffp0.cloudfront.net
URL: https://d2qhklra89ffp0.cloudfront.net/assets/Prod/us-east-2/0ee0b24852761ec951e24190366e3bf7/0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2f6b8ff2257d0bf447825c31f8af5640341924fd8c2c5abc4dad3d314b98cc69
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js; style-src 'self'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoiced.awsapps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate
Content-Language
de-DE
Content-Length
475
Content-Security-Policy
base-uri 'self'; object-src 'none'; script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js; style-src 'self'; report-uri /metrics/cspreport;
Content-Security-Policy-Report-Only
base-uri 'self'; object-src 'none'; script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js; style-src 'self'; report-uri /metrics/cspreportonly;
Content-Type
text/html
Date
Fri, 10 Feb 2023 00:14:26 GMT
ETag
W/"475-1673815843000"
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Sun, 15 Jan 2023 20:50:43 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
app.css
us-east-2.signin.aws/assets/css/ 		692 KB
149 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/css/app.css
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
32847aadfa79581b59c1314c7af332076ca5b72377c39f6cf2a382172e64d63b
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:26 GMT
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-QW0aNylWwgfY4YDoBL3m+w=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-QW0aNylWwgfY4YDoBL3m+w=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:43 GMT
Server
Server
ETag
W/"709019-1673815843000"
X-Frame-Options
DENY
vary
accept-encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
app.js
us-east-2.signin.aws/assets/js/ 		2 MB
556 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/js/app.js
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8a82868798be72704dcd0ea981d23e3fc72245584c2dbb0dd51c9093cc335deb
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:26 GMT
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-PU3LKEJEqjmSwXAVBf539w=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-PU3LKEJEqjmSwXAVBf539w=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:44 GMT
Server
Server
ETag
W/"2172833-1673815844000"
X-Frame-Options
DENY
vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
no-store
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cspreport
us-east-2.signin.aws/metrics/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/metrics/cspreport
Requested by
Host: invoiced.awsapps.com
URL: https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-yf/WB9Fc/8OeblxgRoJdog=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-yf/WB9Fc/8OeblxgRoJdog=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/csp-report

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-yf/WB9Fc/8OeblxgRoJdog=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-yf/WB9Fc/8OeblxgRoJdog=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:26 GMT
Server
Server
X-Frame-Options
DENY
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-yf/WB9Fc/8OeblxgRoJdog=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-yf/WB9Fc/8OeblxgRoJdog=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Type
text/html;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
cspreportonly
us-east-2.signin.aws/metrics/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/metrics/cspreportonly
Requested by
Host: invoiced.awsapps.com
URL: https://invoiced.awsapps.com/start/?relayId=e7327137-3f15-4e72-8d67-9120f801d5fa_44bc539b-48bf-45fa-aa32-072d7a555126
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-b/2tn3MX9naAPKAnOLtwuw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-b/2tn3MX9naAPKAnOLtwuw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/csp-report

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-b/2tn3MX9naAPKAnOLtwuw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-b/2tn3MX9naAPKAnOLtwuw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:26 GMT
Server
Server
X-Frame-Options
DENY
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-b/2tn3MX9naAPKAnOLtwuw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-b/2tn3MX9naAPKAnOLtwuw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Type
text/html;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
translation.json
us-east-2.signin.aws/assets/locales/en/ 		2 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/locales/en/translation.json
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:27 GMT
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-/PV1lwJR3Ub3zVXwBt97wg=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-/PV1lwJR3Ub3zVXwBt97wg=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:44 GMT
Server
Server
ETag
W/"2-1673815844000"
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
errors.json
us-east-2.signin.aws/assets/locales/en/ 		5 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/locales/en/errors.json
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
64c37fc0e00808bfb0668992001e761e9cc8bbc7bae93a487dcbf6020a263740
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:27 GMT
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-HqEwUfoTmiMKjNUwzlxVwg=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-HqEwUfoTmiMKjNUwzlxVwg=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length
4812
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:44 GMT
Server
Server
ETag
W/"4812-1673815844000"
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
config
us-east-2.signin.aws/platform/ 		259 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/platform/config
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
87747a11bb57f308edd0c29b2d65624ce1d780bfa7812a1790c0f1d720ee4941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
accept-language
de-DE,de;q=0.9
X-Amz-Date
Fri, 10 Feb 2023 00:14:28 GMT
x-amzn-requestid
a13ebcbb-83df-4475-bf00-517ad2229f68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 10 Feb 2023 00:14:27 GMT
X-Content-Type-Options
nosniff
Server
Server
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
index.js
d35uxhjf90umnp.cloudfront.net/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d35uxhjf90umnp.cloudfront.net/index.js
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:e800:3:12d0:8d40:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
.WCB9yvxzufrsvypRZW5w_pUwNZ4.SCn
content-encoding
gzip
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 09:05:03 GMT
last-modified
Tue, 27 Apr 2021 20:18:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
54605
x-amz-server-side-encryption
AES256
etag
W/"a216acbf4c266a507cb6c7de4d63d883"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9H_RPFbh9Ty3xzwjrdUh2jmG4HejmdebSMGCjfoeOkFS4j39PjsRaw==
common.json
us-east-2.signin.aws/assets/locales/en/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/locales/en/common.json
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
66a096744e5d7e4d93fcdaf016e19dd3f3d65c795a9c102426895b6a397960a8
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:27 GMT
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-P8J88SGRRycMw79Vpqa6sA=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-P8J88SGRRycMw79Vpqa6sA=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length
1090
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:44 GMT
Server
Server
ETag
W/"1090-1673815844000"
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
forgotPasswordSuccessPage.json
us-east-2.signin.aws/assets/locales/en/ 		694 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/locales/en/forgotPasswordSuccessPage.json
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1d6920af6e44b8cf9b217093812ae8b23025ea369e967cb099b52ec3610dfd70
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:27 GMT
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-JVtZSDI8Td1mQfIo8eKyJg=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-JVtZSDI8Td1mQfIo8eKyJg=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length
694
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:44 GMT
Server
Server
ETag
W/"694-1673815844000"
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
execute
us-east-2.signin.aws/platform/api/ 		328 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/platform/api/execute
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ec491efc3fa98f86d230badb3750156684658c65faf9faecbd44c2db979f3ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
accept-language
de-DE,de;q=0.9
X-Amz-Date
Fri, 10 Feb 2023 00:14:28 GMT
x-amzn-requestid
6138e051-42fd-442a-8e87-1c5e879cdae2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 10 Feb 2023 00:14:27 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Server
Server
X-Frame-Options
DENY
Access-Control-Allow-Methods
POST, GET, HEAD, OPTIONS, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://us-east-2.signin.aws
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Accept-Encoding, Accept-Language, Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Connection,Content-Type,Host,Origin,Referer,Token-Id,User-Agent, X-Requested-With, x-amzn-requestid, X-Amz-Date, Content-Length, DNT, Cookie
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fingerprint
us-east-2.signin.aws/metrics/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/metrics/fingerprint
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-ecvoK1BWTWo7ZbucCqKXNw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-ecvoK1BWTWo7ZbucCqKXNw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-ecvoK1BWTWo7ZbucCqKXNw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-ecvoK1BWTWo7ZbucCqKXNw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:28 GMT
Server
Server
X-Frame-Options
DENY
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-ecvoK1BWTWo7ZbucCqKXNw=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-ecvoK1BWTWo7ZbucCqKXNw=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Type
text/html;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
0
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
execute
us-east-2.signin.aws/platform/api/ 		366 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/platform/api/execute
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4a9cfd74478f80d8b4cbdc1ab34b76fcbe15dfb05dfe94d68cf31b5785215234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
accept-language
de-DE,de;q=0.9
X-Amz-Date
Fri, 10 Feb 2023 00:14:28 GMT
x-amzn-requestid
51be09a2-e066-4051-84eb-5bd0107a8709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Fri, 10 Feb 2023 00:14:28 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Server
Server
X-Frame-Options
DENY
Access-Control-Allow-Methods
POST, GET, HEAD, OPTIONS, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://us-east-2.signin.aws
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Accept-Encoding, Accept-Language, Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Connection,Content-Type,Host,Origin,Referer,Token-Id,User-Agent, X-Requested-With, x-amzn-requestid, X-Amz-Date, Content-Length, DNT, Cookie
Expires
Thu, 01 Jan 1970 00:00:00 GMT
signin-background.png
us-east-2.signin.aws/assets/static/img/ 		198 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-east-2.signin.aws/assets/static/img/signin-background.png
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e6f759df53dde35bd420533af43731ac0ba06c1b61ba483f482f40ecdff0b67a
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/assets/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:27 GMT
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-yqV+PDaJD6NFyVCKW8Um4A=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-yqV+PDaJD6NFyVCKW8Um4A=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length
203133
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:43 GMT
Server
Server
ETag
W/"203133-1673815843000"
X-Frame-Options
DENY
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b79cfcf0fc09dbe5b4979f4ab3e5b7fe51e0ff8f0f5babd4fed93716384c2357

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		0
0
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd22b81b898eb407a56ff6b2ac75c7739745331c8b790e83e7dde68966fc16ce

Request headers

Referer
Origin
https://us-east-2.signin.aws
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/x-font-woff
usernamePage.json
us-east-2.signin.aws/assets/locales/en/ 		2 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-east-2.signin.aws/assets/locales/en/usernamePage.json
Requested by
Host: us-east-2.signin.aws
URL: https://us-east-2.signin.aws/assets/js/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.20.63 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-east-2.signin.aws/platform/login?workflowStateHandle=9aa9f5d0-9ea0-4ce5-8b9f-cfdfcab93c77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-eval' 'unsafe-inline' 'report-sample'; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; report-uri /metrics/cspreport;
X-Content-Type-Options
nosniff
Date
Fri, 10 Feb 2023 00:14:28 GMT
Content-Security-Policy-Report-Only
default-src 'none' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://*.analytics.console.aws.a2z.com 'nonce-rIt9Ehr9lufw34sEFRKRzA=='; script-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://d1dgtfo2wk29o4.cloudfront.net/fwcim.js https://m.media-amazon.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'report-sample' 'nonce-rIt9Ehr9lufw34sEFRKRzA=='; style-src 'self' https://aws.amazon.com https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://aws-signin-website-assets.s3.amazonaws.com https://l0.awsstatic.com https://images-na.ssl-images-amazon.com 'unsafe-inline'; img-src 'self' data: https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://opfcaptcha-prod.s3.amazonaws.com https://images-na.ssl-images-amazon.com https://d1.awsstatic.com https://internal-cdn.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://d0.awsstatic.com; media-src 'self' https://*.signin.aws.amazon.com https://signin.aws.amazon.com https://media.amazonwebservices.com https://d36cz9buwru1tt.cloudfront.net https://opfcaptcha-prod.s3.amazonaws.com; report-uri /metrics/cspreportonly;
Content-Length
1936
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Pragma
no-cache
Last-Modified
Sun, 15 Jan 2023 20:50:44 GMT
Server
Server
ETag
W/"1936-1673815844000"
X-Frame-Options
DENY
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fingerprint
us-east-2.signin.aws/metrics/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
website.sso-portal.us-east-2.amazonaws.com
URL
https://website.sso-portal.us-east-2.amazonaws.com/log
Domain
truncated
URL
data:truncated
Domain
us-east-2.signin.aws
URL
https://us-east-2.signin.aws/metrics/fingerprint

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| setImmediate function| clearImmediate object| regeneratorRuntime object| awsuiVersions number| __fwcimLoaded object| fwcim object| signInApp object| pie

5 Cookies

Domain/Path Name / Value
us-east-2.signin.aws/platform Name: platform-ubid
Value: 668-6327806-0470625
invoiced.awsapps.com/start/ Name: loginCsrfToken
Value: -662445115
invoiced-zero-trust.auth.us-east-2.amazoncognito.com/ Name: XSRF-TOKEN
Value: b9432679-e8ac-46a7-968e-9cb7f1d24f5d
invoiced-zero-trust.auth.us-east-2.amazoncognito.com/ Name: csrf-state
Value: ZvNLPMaQ-8mFXv9jAaDH5CL2-_17L6fKCTazSfI-GfvdYi5FRx93w9aA9hx7ecZ5X4g9vPcLXYY5Q7-o1nm54EQmjFLkji76M2ZjTNjj-imBwbcMaev_4C-dkSITBZGFiZsbsJ7Wep69aEV5fDxkoevBJ-5a62m9OThESlHEv-8
invoiced-zero-trust.auth.us-east-2.amazoncognito.com/ Name: csrf-state-legacy
Value: ZvNLPMaQ-8mFXv9jAaDH5CL2-_17L6fKCTazSfI-GfvdYi5FRx93w9aA9hx7ecZ5X4g9vPcLXYY5Q7-o1nm54EQmjFLkji76M2ZjTNjj-imBwbcMaev_4C-dkSITBZGFiZsbsJ7Wep69aEV5fDxkoevBJ-5a62m9OThESlHEv-8

6 Console Messages

Source Level URL
Text
network error URL: https://portal.sso.us-east-2.amazonaws.com/token/whoAmI
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://invoiced.awsapps.com/start#/
Message:
Access to XMLHttpRequest at 'https://website.sso-portal.us-east-2.amazonaws.com/log' from origin 'https://invoiced.awsapps.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://website.sso-portal.us-east-2.amazonaws.com/log
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://d1osqh8czd52ng.cloudfront.net/fwcim_signin_us-east-1_prod.js https://d35uxhjf90umnp.cloudfront.net/index.js".
network error URL: data:application/x-font-woff;base64,awsui-base64-content("./components/styles/src/sass/typography/fonts/ember/400-normal.woff")
Message:
Failed to load resource: net::ERR_INVALID_URL
network error URL: data:application/x-font-woff;base64,awsui-base64-content("./components/styles/src/sass/typography/fonts/ember/700-normal.woff")
Message:
Failed to load resource: net::ERR_INVALID_URL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corp.invoicedhq.com
d2qhklra89ffp0.cloudfront.net
d35uxhjf90umnp.cloudfront.net
invoiced-zero-trust.auth.us-east-2.amazoncognito.com
invoiced.awsapps.com
portal.sso.us-east-2.amazonaws.com
truncated
us-east-2.signin.aws
website.sso-portal.us-east-2.amazonaws.com
truncated
us-east-2.signin.aws
website.sso-portal.us-east-2.amazonaws.com
108.138.15.187
13.59.21.236
18.116.142.221
2600:1f16:9b9:9600:8e7b:f55a:fb4a:e94d
2600:9000:2104:e800:3:12d0:8d40:21
2600:9000:2436:ae00:3:98c9:8d00:21
52.95.20.63
1d6920af6e44b8cf9b217093812ae8b23025ea369e967cb099b52ec3610dfd70
26f278f6f8857537949f5a9df88bbfb594fd7d540d663ed7f2c521846f4324b6
2f6b8ff2257d0bf447825c31f8af5640341924fd8c2c5abc4dad3d314b98cc69
32847aadfa79581b59c1314c7af332076ca5b72377c39f6cf2a382172e64d63b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a9cfd74478f80d8b4cbdc1ab34b76fcbe15dfb05dfe94d68cf31b5785215234
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
64c37fc0e00808bfb0668992001e761e9cc8bbc7bae93a487dcbf6020a263740
66a096744e5d7e4d93fcdaf016e19dd3f3d65c795a9c102426895b6a397960a8
7338b0f7a5566a34bc63c4699aa5121f2d163f60b4f92afe6ee14373027fa6b1
87747a11bb57f308edd0c29b2d65624ce1d780bfa7812a1790c0f1d720ee4941
8a82868798be72704dcd0ea981d23e3fc72245584c2dbb0dd51c9093cc335deb
b79cfcf0fc09dbe5b4979f4ab3e5b7fe51e0ff8f0f5babd4fed93716384c2357
dd22b81b898eb407a56ff6b2ac75c7739745331c8b790e83e7dde68966fc16ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f759df53dde35bd420533af43731ac0ba06c1b61ba483f482f40ecdff0b67a
ec491efc3fa98f86d230badb3750156684658c65faf9faecbd44c2db979f3ba7
f45b8d3026ebb51823a49be7900587a8bb25afe5eebafcd68e3cda14dcf3e77c