urlscan.io logo urlscan.io
SecurityTrails logo

5ecefda69be9dbd09c12fcd9-m.edulnk.com Open in urlscan Pro
52.222.139.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://5ecefda69be9dbd09c12fcd9-m.edulnk.com/e/faztj/wOdEwJ?__$u__
Submission: On August 29 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 52.222.139.30, located in United States and belongs to AMAZON-02, US. The main domain is 5ecefda69be9dbd09c12fcd9-m.edulnk.com.
TLS certificate: Issued by Amazon on August 23rd 2022. Valid for: a year.
This is the only time 5ecefda69be9dbd09c12fcd9-m.edulnk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

2022-23 Voluntary SC Student Accident Insurance Program.pdf 996 KB application/pdf
MIME: PDF document, version 1.7
Size: 996 KB (1019450 bytes, 100% done)
Downloaded from: https://www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf

Domain & IP information

IP Address AS Autonomous System
1 52.222.139.30 16509 (AMAZON-02)
1 1 54.188.215.137 16509 (AMAZON-02)
1 18.66.97.72 16509 (AMAZON-02)
2 2
Apex Domain
Subdomains		 Transfer
1 fortmillschools.org
www.fortmillschools.org — Cisco Umbrella Rank: 84955
1 smore.com
www.smore.com — Cisco Umbrella Rank: 14095
556 B
1 edulnk.com
5ecefda69be9dbd09c12fcd9-m.edulnk.com
1 KB
2 3

This site contains no links.

Subject Issuer Validity Valid
*.k12-cdn.com
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
www.fortmillschools.org
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh

This page contains 1 frames:

Frame: https://www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf
Frame ID: 33BB1F9CBEF48AF3C77618C1949600DB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirecting

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.smore.com/r/faztj?__$u__ HTTP 302
  • https://www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wOdEwJ
5ecefda69be9dbd09c12fcd9-m.edulnk.com/e/faztj/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ecefda69be9dbd09c12fcd9-m.edulnk.com/e/faztj/wOdEwJ?__$u__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-30.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81da58b1ef52d2b2b6664dc8e849150fcbd6905abe3122680e413b579f54001b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
3000
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=60
content-encoding
br
content-type
text/html
date
Mon, 29 Aug 2022 18:47:09 GMT
etag
W/"173241c4194c8f5d5b3a8a6dc6b1a864"
last-modified
Fri, 26 Aug 2022 19:30:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7759c849c7040f0b6b78f9d2199c04ca.cloudfront.net (CloudFront)
x-amz-cf-id
yE_vYdggMX5uc-5gT1qXQn7oGkDqNpviF6Fh0lgEf5KtYHQGHDRAAA==
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf
www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/
Redirect Chain
  • https://www.smore.com/r/faztj?__$u__
  • https://www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-72.fra56.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.ally.ac;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://5ecefda69be9dbd09c12fcd9-m.edulnk.com
Referer
https://5ecefda69be9dbd09c12fcd9-m.edulnk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private
content-length
1019450
content-security-policy
frame-ancestors 'self' https://*.ally.ac;
content-type
application/pdf
date
Mon, 29 Aug 2022 18:47:09 GMT
etag
"c66a3773c95d81:0"
last-modified
Mon, 11 Jul 2022 15:39:54 GMT
server
Microsoft-IIS/8.5
strict-transport-security
max-age=31536000; includeSubDomains;
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
AG0ZGiA16bveqTTa74zelON5Cb15BD315gO2hXWu9OQ7fqWnIIRNZA==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-length
475
content-security-policy
frame-ancestors 'self' *.parentlink.com *.parentlink.net *.parlant.com *.cloudspeaker.com *.memberspark.com
content-type
text/html; charset=UTF-8
date
Mon, 29 Aug 2022 18:47:08 GMT
location
https://www.fortmillschools.org/cms/lib/SC50010862/Centricity/Domain/54/2022-23%20%20Voluntary%20SC%20Student%20Accident%20Insurance%20Program.pdf
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
x-xss-protection
1; mode=block;

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
www.smore.com/ Name: PID
Value: "630d09acf5823b31f2f9d9cb"
www.smore.com/ Name: smore
Value: 294c18dd220ed88057f04064b6b8cfa3f0add70413d3c99191f44c9691ccf29228341dfa

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ecefda69be9dbd09c12fcd9-m.edulnk.com
www.fortmillschools.org
www.smore.com
18.66.97.72
52.222.139.30
54.188.215.137
81da58b1ef52d2b2b6664dc8e849150fcbd6905abe3122680e413b579f54001b