Domain > auth.devpre.xonpoc.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2021-09-01	52.85.224.12 (ClassC)
2021-09-01	52.85.224.66 (ClassC)
2025-01-12	3.163.24.27 (ClassC)

HTTP/1.1 200 OKContent-Type: text/html;charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveDate: Sun, 12 Jan 2025 11:06:28 GMTServer: ServerContent-Language: en-USSet-Cookie: XSRF-TOKENe564a5bd-0eea-4a0d-9a13-9f857765fb18; Path/; Secure; HttpOnly; SameSiteLaxx-amz-cognito-request-id: 300bdfeb-842b-48e5-a8bf-ea82dccdb6d5X-Content-Type-Options: nosniffX-XSS-Protection: 1; modeblockCache-Control: no-cache, no-store, max-age0, must-revalidatePragma: no-cacheExpires: 0Strict-Transport-Security: max-age31536000 ; includeSubDomainsX-Frame-Options: DENYX-Cache: Miss from cloudfrontVia: 1.1 2e87eef03ab555daefa684d946e111b4.cloudfront.net (CloudFront)X-Amz-Cf-Pop: HIO52-P2X-Amz-Cf-Id: Re-NA2ZO00j6mMR_cZElkulrgyiFA_4AbSgxBD63CzdwYwQ_uFWnkA

!DOCTYPE html>html langen>head>head>    link hrefnull/null/css/bootstrap.min.css relstylesheet        mediascreen />    link hrefnull/null/css/cognito-login.css relstylesheet        mediascreen />        title>Signin/title>    script srcnull/null/js/amazon-cognito-advanced-security-data.min.js >/script>    script>    function getAdvancedSecurityData(formReference) {        if (typeof AmazonCognitoAdvancedSecurityData  undefined) {            return true;        }        // UserpoolId is not available on frontend for springboard. We do not use userPoolId        // anyway other than put in context data.         var userPoolId  ;        var clientId  getUrlParameter(client_id);        var username  ;        var usernameInput  document.getElementsByName(username)0;        if (usernameInput && usernameInput.value) {            username  usernameInput.value;        }        var asfData  AmazonCognitoAdvancedSecurityData.getData(username, userPoolId, clientId);        if (typeof asfData  undefined) {            return true;        }        if (formReference && formReference.cognitoAsfData) {            formReference.cognitoAsfData.value  asfData        }        return true;    }    function getUrlParameter(name) {        name  name.replace(/\/, \\).replace(/\/, \\);        var regex  new RegExp(\\?& + name + (^&#*));        var results  regex.exec(location.search);        return results  null ?  : decodeURIComponent(results1.replace(/\+/g,  ));    }    function onSubmit(evt, formRef) {        formRef.querySelector(buttontypesubmit).disabled  true;        if (!!formRef.submitted) {            evt.preventDefault();            return false;        } else {            formRef.submitted  true;            return getAdvancedSecurityData(formRef);        }    }    function onSubmitLoginForm (formRef) {        formRef.querySelector(inputnamesignInSubmitButton).disabled  true;        getAdvancedSecurityData(formRef)    }/script>    meta nameviewport contentwidthdevice-width, initial-scale1>/head>/head>body spellcheckfalse>    div classcontainer>        div classmodal-dialog>            div classmodal-content background-customizable modal-content-mobile visible-xs visible-sm>                div>div>                    div classbanner-customizable>                        center>                                                    /center>                    /div>                /div>/div>                div classmodal-body>                    div>div>    /div>/div>                    div>                        div>div>    /div>/div>                        div>div>    /div>/div>                                            /div>                /div>            /div>                        div classmodal-content background-customizable modal-content-mobile visible-md visible-lg>                div>div>                    div classbanner-customizable>                        center>                                                    /center>                    /div>                /div>/div>                div classmodal-body>                    div>div>    /div>/div>                    div>                        div>                            div>div>    /div>/div>                            div>div>    /div>/div>                        /div>                                            /div>                /div>            /div>        /div>    /div>    script srcnull/null/js/jquery-3.5.1.min.js >/script>    script>    var $inputs  $(:input);    $inputs.on(input, function () {        var self  this;        var matches  $(inputname + this.name + );        var selfIndex  matches.index($(self));        matches.each(function (index, element) {            if (selfIndex ! index) {                $(element).val($(self).val());            }        });    });/script>/body>/html>

Subdomains

Date	Domain	IP
auth.poc.xonpoc.com	2024-11-19	18.161.6.104
auth.devpre.xonpoc.com	2025-01-12	3.163.24.27

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > auth.devpre.xonpoc.com

Is this malicious?

DNS Resolutions

Port 80

Port 443

Subdomains