signinawsamaz0n3048.auth-verify.me Open in urlscan Pro
2606:4700:3033::6815:5f03 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594
Effective URL:
http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594
Submission: On July 06 via manual (July 6th 2022, 5:32:47 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::6815:5f03, located in United States and belongs to CLOUDFLARENET, US. The main domain is signinawsamaz0n3048.auth-verify.me.

This is the only time signinawsamaz0n3048.auth-verify.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AWS (Online)

Domain & IP information

	IP Address	AS Autonomous System
5 14	2606:4700:303... 2606:4700:3033::6815:5f03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2bc::108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	3

14 2606:4700:3033::6815:5f03 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

signinawsamaz0n3048.auth-verify.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2bc::108 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	auth-verify.me 5 redirects signinawsamaz0n3048.auth-verify.me	202 KB
4	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 789	124 KB
13	2

	Domain	Requested by
14	signinawsamaz0n3048.auth-verify.me	5 redirects signinawsamaz0n3048.auth-verify.me
4	images-na.ssl-images-amazon.com	signinawsamaz0n3048.auth-verify.me
13	2

This site contains links to these domains. Also see Links.

Domain
aws.amazon.com

Subject Issuer	Validity	Valid
images-fe.ssl-images-amazon.com GeoTrust RSA CA 2018	`2021-09-07` - `2022-09-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594
Frame ID: E4A097C775CC3E48DF8400719CE59438
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

13
Requests

31 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

322 kB
Transfer

1173 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://aws.amazon.com/
Title: Amazon Web Services Login

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/agreement/recent-changes/
Title: Recent Changes

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/agreement/
Title: AWS Customer Agreement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://signinawsamaz0n3048.auth-verify.me/static/js/jquery.min.js HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 1

http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/components.min.css HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 2

http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/utilities.min.css HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 3

http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/grid.min.css HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

Request Chain 12

http://signinawsamaz0n3048.auth-verify.me/metrics/pageload HTTP 302
http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html

13 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response signinawsamaz0n3048.auth-verify.me/	180 KB 98 KB	77ms 70ms	Document text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2cba710d48b85bf0fa150a8537bd3acecf555133c54d1d23245330fc0d37eea0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept CF-Cache-Status DYNAMIC CF-RAY 726a14d1ec379b86-FRA Cache-Control private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 06 Jul 2022 17:32:43 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3Lh9FgtmnIEpzAGx%2F2mm8YX0w5do9YmqDtpquWMEfwY%2BFPHoYx8utsedfESM%2BKnf%2BMW6X5kzr5S5MOpBdmY1dFqBj1eMyGGLPocdnUn7GV4l6BCYJicZCFPKYEGTel%2B4FYGFlAuh10Gj8QSP%2BfkPfJyjfs%2FhGEkcyNAhlap7jX2"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked X-AspNet-Version 4.0.30319 X-UA-Compatible IE=edge alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	404.html Show response signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/static/js/jquery.min.js http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	33ms 33ms	Script text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=harMxIz2amJ676mcCfuUiozFQKZKnYKmWtsCl3Q2FUwUzcWydJ04Z0c0dsRomu%2BNTHpbbG4njOcdtJGCccVgQ03gMGIm8c0eaCL%2BmfJC9FUDv5szH%2FVDAJeaDqyHqDtIV7Us40ChN5j%2FZfgOoeM56VQnAsAB8%2F11HS9SMoNUP2K3"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 726a14d37f0e9b86-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Wed, 06 Jul 2022 17:32:43 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5aSTtxrqyS5A2uQR2gnIeoaWOxhEcQcLys74PVfVQGODxoe7YzLZUmknfqxDfw8SfdYzWPxr7lUmXZuz%2FeoC3gR7CG%2BArHllOgMWD2GPHOGlsBF88lrAIqeMbzPZQJ11f9uwZI61w9JY9oBq93Q6u%2FHB4yr3XJtPM%2FezFe8HZOH"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 726a14d32e759b86-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/components.min.css http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	41ms 41ms	Stylesheet text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kq8euyuTtftoIgOg9bQnogkip83UvXAEI94t66OvGme11BDPmECoTQsOP3GqYxyhhtVkJraT1StPlb4%2F%2BsgXqeDe9VEDaZLYQMy%2BhnjbwQj6QIpvyfCrLzsTh%2BRzq1YFJHVyEPvkNv6N3KDYTw0Bj2ReO2ts%2FuIaursd9NZHQXgm"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 726a14d3dcef9bac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Wed, 06 Jul 2022 17:32:43 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1bvCG0PclYSVbExhyx7g6XtuiA5YUeaEMbN%2F4B%2FexwpnJEwZa%2BoML3h4a9e8mjrQmBhDvYlp38Pblpx9uLzzMeyOzskjD%2BmFFX6VFCF1fFcvdunSE3k%2FDfxwbrp0fTtiZZcbuJq63DlzfBkSTjGoOC5z%2BydAdNdO5GTx9WuFzwc"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 726a14d32b439bac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/utilities.min.css http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	49ms 49ms	Stylesheet text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfOuLWdAQUfdeK3F13Gh2dzyPsDzjpS26s6NzT731V7rCB9T767zWVDZRXgYV3CPCX6OjpYWBzUc08CBheF11%2BBZ7ilgRHvCOegu9ZeUsp%2B3IDlo0S%2Bs%2FoeSRIgXdJ4vUxYAUgJ16zcNgJWg5jijDRk5DhSw8k0fqNX6olsI%2Biuy"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 726a14d38dba90a2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Wed, 06 Jul 2022 17:32:43 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=449eokaxedLxQPZGNlmS05XDFsqE8e072e3rRqhGxtsgnYY6WxhxT6ysDh7N1HDyyPuL02mmhimXROIzG2pF9vgjx4siMeW9aWWc9JXylwYMtIs7PjntGNi%2FqkyI%2F3gG3FIuQsgzWbv7YO6l0YVV%2FHMGDLwF23YZ5Z9XsRzXlMzO"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 726a14d32d4f90a2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/vendor/aws-ui/AWS-UI-Components/base-styles/grid.min.css http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	52ms 52ms	Stylesheet text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFjQ4McpV3iB1RFQyXSihPEo%2Fq2ZJK4w1jMDYtEdIjbYQLiXPZcWSeCunPNfFCmj41F6LRWDaSHb2S1qKNLIE%2FoJD2q4SwXpJ2oLVEqGugn6ey5gnnvY4way05fpve3QPpTEnjRoSeKApOTvQaL9IGptXxebfptSBihCbojCDfZN"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 726a14d398a9bb97-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Wed, 06 Jul 2022 17:32:43 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WgMt%2B0wPV%2FO5WDnbXH99keN7qYOZ%2FTzcQ7PBX6phZyQDV7umXoLMB7%2BeZbjGv7ylpXM5HkU%2BhYPA8s8F%2FEsaDg%2BcPVSIEjBQOjgUyQtNhybdxYmMEQ2JEdmxApqXLr3ZfdkY591g2wjfQsqagsqCPnkuEu8tMdNMWpkysm01VfJ"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Transfer-Encoding chunked Connection keep-alive CF-RAY 726a14d32fdbbb97-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H2	200	fwcim.js Show response images-na.ssl-images-amazon.com/images/G/01/x-locale/common/login/	406 KB 97 KB	98ms 46ms	Script application/x-javascript	2a02:26f0:6c00:2bc::108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/G/01/x-locale/common/login/fwcim.js Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bc::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash `b2cc97c937b2669ac42786fb13c686bf7f24222ad042f0cee1764024d251c4d4` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:32:43 GMT content-encoding br x-cache Hit from akamai x-nginx-cache-status HIT content-length 98425 surrogate-key x-cache-568 /images/G/01/x-locale/common/login/fwcim last-modified Sat, 18 Jun 2022 00:03:16 GMT server Akamai Resource Optimizer vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=70545 x-amz-ir-id 65866095-17de-446b-85e6-c220f4b019f8 akamai-cache-status Hit from child timing-allow-origin https://www.amazon.com expires Thu, 07 Jul 2022 13:08:28 GMT
GET H2	200	61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css images-na.ssl-images-amazon.com/images/I/	137 KB 19 KB	211ms 159ms	Stylesheet text/css	2a02:26f0:6c00:2bc::108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/61Brdu0o6LL._RC%7C11Fd9tJOdtL.css,21y5jWQoUML.css,31Q3id-QR0L.css,31P8A7PnBZL.css_.css?AUIClients/AmazonUI Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bc::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash `8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:32:43 GMT content-encoding br x-cache Hit from akamai x-nginx-cache-status HIT content-length 19046 surrogate-key x-cache-481 /images/I/61Brdu0o6LL last-modified Sun, 03 Jul 2022 12:13:50 GMT server Akamai Resource Optimizer vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * peer-cache Hit cache-control public, max-age=630720000 x-amz-ir-id faf7334c-a299-4c4f-bbc9-128d3ff13346 akamai-cache-status Miss from child, Hit from parent timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Tue, 01 Jul 2042 17:32:43 GMT
GET H2	200	01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css images-na.ssl-images-amazon.com/images/I/	46 KB 7 KB	226ms 175ms	Stylesheet text/css	2a02:26f0:6c00:2bc::108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/01SdjaY0ZsL._RC%7C419sIPk+mYL.css,41yEFdgL45L.css_.css?AUIClients/AuthenticationPortalAssets Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bc::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash `8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:32:43 GMT content-encoding br x-cache Miss from akamai x-nginx-cache-status MISS content-length 6974 surrogate-key x-cache-937 /images/I/01SdjaY0ZsL last-modified Sun, 03 Jul 2022 03:12:51 GMT server Akamai Resource Optimizer vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=630720000 x-amz-ir-id c98afe73-dfe0-44c8-9fbf-75832d28a45d akamai-cache-status Miss from child, Miss from parent timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Tue, 01 Jul 2042 17:32:43 GMT
GET H2	200	11E08O3eXDL.css images-na.ssl-images-amazon.com/images/I/	2 KB 1 KB	94ms 42ms	Stylesheet text/css	2a02:26f0:6c00:2bc::108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://images-na.ssl-images-amazon.com/images/I/11E08O3eXDL.css?AUIClients/CVFAssets Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:2bc::108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash `122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 06 Jul 2022 17:32:43 GMT content-encoding br x-cache Hit from akamai x-nginx-cache-status HIT content-length 713 surrogate-key x-cache-628 /images/I/11E08O3eXDL last-modified Tue, 05 Jul 2022 15:01:44 GMT server Akamai Resource Optimizer vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=630719278 x-amz-ir-id 6a449abe-8d78-4964-b449-d7463f17aa01 akamai-cache-status Hit from child timing-allow-origin https://www.amazon.in, https://www.amazon.com expires Tue, 01 Jul 2042 17:20:41 GMT
GET H/1.1	200 OK	jquery-3.0.0.js Show response signinawsamaz0n3048.auth-verify.me/Assets/js/	364 KB 83 KB	29ms 21ms	Script application/javascript	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/Assets/js/jquery-3.0.0.js Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b9065e2a0e1ebbb88f32a1a2b859446cdfa4d7886bf009e0f3e3ff475ae16b98` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 760 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 84319 X-UA-Compatible IE=edge Last-Modified Thu, 20 Aug 2020 07:50:12 GMT Server cloudflare ETag "0928488c676d61:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qXVQOKADll1FMojI0cUpf%2BhHF%2BDSGO1e0m%2FHFFEyBFUlZXZc5kcYTa5eWQSm66xA6k0c5qBP1CCnXnGgHijBZECLZTwI44HQvRBHQrZfEPUwrO1H1moKPEnuf79UUwaxwy18Tdgxm20XibUfLdZFfQxcw40srGZDCg%2BvKrPqmoh"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 726a14d32a7a8fe3-FRA Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept
GET H/1.1	200 OK	jquery-migrate-3.3.1.js Show response signinawsamaz0n3048.auth-verify.me/Assets/js/	30 KB 9 KB	28ms 20ms	Script application/javascript	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/Assets/js/jquery-migrate-3.3.1.js Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `127308bdd96abc9b5ccfcb6d55f2bebbbf617bfa619b63c03715d781421b1b22` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 760 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 8119 X-UA-Compatible IE=edge Last-Modified Thu, 20 Aug 2020 07:50:12 GMT Server cloudflare ETag "0928488c676d61:0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtI4HHNKVoDvTJBg6h8KHfyCTIHDR%2BwUkzlVZbtf18MIuX5%2BmtJymBqSyYXM5oKuhhpPMwUN%2FmWgxauBKTWdh7WWSKcq1OburBDCPtyr0pI8GHhIzV%2Fy%2BfC8kF8h4hxcEv4haosz0naVwpax%2B2tMLpHrkPoSL5S7p21hCEceATcS"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 726a14d328d19125-FRA Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8d82b1e7faa7f2cdecd63fbe12c5a878d88a70bf383a552c1e66f03d2b795f38` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
POST H/1.1	200 OK	TURL Show response signinawsamaz0n3048.auth-verify.me/ContentShow.aspx/	119 B 969 B	42ms 41ms	XHR application/json	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/ContentShow.aspx/TURL Requested by Host: signinawsamaz0n3048.auth-verify.me URL: http://signinawsamaz0n3048.auth-verify.me/Assets/js/jquery-3.0.0.js Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1a160758e9a57ab961d25490a598656bcfa7b18d519b7a6892b89483fd32411a` Request headers Accept application/json, text/javascript, /; q=0.01 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IqCLK8lHBHkJTeB2DhETGQK%2FXVffTjVx%2FCOyIeNgIpm53iFlT4UyIeLomsczQ7xEd3spmu5uThCxr5LdFL%2BwPKCzLXtFqX3MTMBL1RWVYhqr8B5vnaHXAEgwnUIY8xMhlNgd1tLu37yidsIa7CC3K%2FBtrn9yLEdTjFWPYUGe3P8"}],"group":"cf-nel","max_age":604800} Content-Type application/json; charset=utf-8 Cache-Control private, max-age=0 Connection keep-alive CF-RAY 726a14d4ae279bac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge
GET H/1.1	200 OK	404.html Show response signinawsamaz0n3048.auth-verify.me/CustomErrors/ Redirect Chain http://signinawsamaz0n3048.auth-verify.me/metrics/pageload http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html	1 KB 1 KB	36ms 36ms	XHR text/html	2606:4700:3033::6815:5f03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Protocol HTTP/1.1 Server 2606:4700:3033::6815:5f03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76` Request headers accept-language de-DE,de;q=0.9 Referer http://signinawsamaz0n3048.auth-verify.me/?iid=768ef538-57f2-4e62-9866-4da315c59594 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 06 Jul 2022 17:32:43 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Aug 2020 07:50:21 GMT Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oBcLtkdCmI3oeWcukakDjkLCU57XaBk1RZrEk0CeqEAdewuov366Mybf6snQyHMju620mSH7bN13Byhf9O%2BTg4FjG6MR%2Fq1a7e94d6qJ6OwwUtZVds5rjpNvuhL4%2F52CYeoJgbA%2BVDRKWNuY7mtdN4Cwv5WUCLBSUL86PpBM2as"}],"group":"cf-nel","max_age":604800} Content-Type text/html NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 726a14d4fb6abb97-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge Redirect headers Date Wed, 06 Jul 2022 17:32:43 GMT CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rKXZvFzwkI1AycD1YKpwepdfS5Uov8X%2F5phgFUNSHdiS%2BTdoV9w6e4lZeN9bI3jzJYq6RBBeiDvkZqYQ1B9GWhoEM%2FkiacELo%2FuGtZ%2FESlLeFzCKBO0i3xo5o5LHAC9NCWSyTAbUDYRARTFFtsIeMRqbk9kKVhduv6pa%2BI7lREL"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location http://signinawsamaz0n3048.auth-verify.me/CustomErrors/404.html Connection keep-alive CF-RAY 726a14d4baf8bb97-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-UA-Compatible IE=edge

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AWS (Online)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			signinawsamaz0n3048.auth-verify.me/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: blq4txft2ndonnhkzuwqb0eb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images-na.ssl-images-amazon.com
signinawsamaz0n3048.auth-verify.me
2606:4700:3033::6815:5f03
2a02:26f0:6c00:2bc::108
122a38d736dd4b129af47e1d4f6d955d335f55256f2f231d8ccd1a58562cd381
127308bdd96abc9b5ccfcb6d55f2bebbbf617bfa619b63c03715d781421b1b22
1a160758e9a57ab961d25490a598656bcfa7b18d519b7a6892b89483fd32411a
2cba710d48b85bf0fa150a8537bd3acecf555133c54d1d23245330fc0d37eea0
8c23ec3cf642a3bdb329d68c6038db8172b01fcad5270f36cf447235c2594ffa
8d82b1e7faa7f2cdecd63fbe12c5a878d88a70bf383a552c1e66f03d2b795f38
8ff52030ae312e1688bd111f80d21dc533e457cdefd9cdf07722ec9f51de79bb
b2cc97c937b2669ac42786fb13c686bf7f24222ad042f0cee1764024d251c4d4
b9065e2a0e1ebbb88f32a1a2b859446cdfa4d7886bf009e0f3e3ff475ae16b98
d0ffc65048158a9d94bf3990f5bdaa67e3ce6ec6783c9110f8295ddd1783fa76

signinawsamaz0n3048.auth-verify.me Open in urlscan Pro 2606:4700:3033::6815:5f03 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

31 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

322 kBTransfer

1173 kBSize

1 Cookies

5 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

43 JavaScript Global Variables

1 Cookies

Indicators

signinawsamaz0n3048.auth-verify.me Open in urlscan Pro
2606:4700:3033::6815:5f03 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

31 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

322 kB
Transfer

1173 kB
Size

1
Cookies

13 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!