urlscan.io logo urlscan.io
SecurityTrails logo

em.tempesttelecom.com Open in urlscan Pro
52.184.251.130  Public Scan

Go To Rescan Add Verdict Report
URL: http://em.tempesttelecom.com/Mjk3LVZHQi04NjEAAAGLXXc1nfoC3bIQkOnvIXhDH4mENWQ6sI20zvg_FvjngU9HV0Svnavx6ckbNgVI85I8pKGl79I=
Submission: On April 26 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 52.184.251.130, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is em.tempesttelecom.com.
This is the only time em.tempesttelecom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Tempest-Newmar-rugged-UPS-datasheet.pdf 758 KB application/pdf
MIME: PDF document, version 1.6
Size: 758 KB (776178 bytes, 100% done)
Downloaded from: https://www.tempestns.com/wp-content/uploads/2023/04/Tempest-Newmar-rugged-UPS-datasheet.pdf?mkt_tok=Mjk3LVZHQi04NjEAAAGLXXc1ncpRnpWDFrAOk-nSyL0cYeaZnK45L3IWj1GcZ71IQPTExbo7uIk5YaxpyHQZLBWIOqmUKzFE5mlz_rxhP9SBejfCiwDBBN2moos

Domain & IP information

IP Address AS Autonomous System
1 52.184.251.130 8075 (MICROSOFT...)
1 104.196.23.135 396982 (GOOGLE-CL...)
2 2
Domain Requested by
1 www.tempestns.com em.tempesttelecom.com
1 em.tempesttelecom.com
2 2

This site contains no links.

Subject Issuer Validity Valid
www.tempestns.com
R3		 2023-04-20 -
2023-07-19		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.tempestns.com/wp-content/uploads/2023/04/Tempest-Newmar-rugged-UPS-datasheet.pdf?mkt_tok=Mjk3LVZHQi04NjEAAAGLXXc1ncpRnpWDFrAOk-nSyL0cYeaZnK45L3IWj1GcZ71IQPTExbo7uIk5YaxpyHQZLBWIOqmUKzFE5mlz_rxhP9SBejfCiwDBBN2moos
Frame ID: 19D6CAA4A14888637256736FC3A6E96F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Mjk3LVZHQi04NjEAAAGLXXc1nfoC3bIQkOnvIXhDH4mENWQ6sI20zvg_FvjngU9HV0Svnavx6ckbNgVI85I8pKGl79I=
em.tempesttelecom.com/ 		577 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://em.tempesttelecom.com/Mjk3LVZHQi04NjEAAAGLXXc1nfoC3bIQkOnvIXhDH4mENWQ6sI20zvg_FvjngU9HV0Svnavx6ckbNgVI85I8pKGl79I=
Protocol
HTTP/1.1
Server
52.184.251.130 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
adobe /
Resource Hash
ac2615333e733c5559a7e786c6a5e2b0755be7687c81dc5aef66048136c127a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-C4iyY/lkvuzR4V0lFEcEt7/fX/f0XVi/iL2DwJKGkcY=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
content-length
577
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-C4iyY/lkvuzR4V0lFEcEt7/fX/f0XVi/iL2DwJKGkcY=';object-src 'none';form-action:'none';frame-src:'none'
content-type
text/html;charset=UTF-8
date
Wed, 26 Apr 2023 17:27:07 GMT
referrer-policy
strict-origin
server
adobe
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
ac45ef86a2894e70
Tempest-Newmar-rugged-UPS-datasheet.pdf
www.tempestns.com/wp-content/uploads/2023/04/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tempestns.com/wp-content/uploads/2023/04/Tempest-Newmar-rugged-UPS-datasheet.pdf?mkt_tok=Mjk3LVZHQi04NjEAAAGLXXc1ncpRnpWDFrAOk-nSyL0cYeaZnK45L3IWj1GcZ71IQPTExbo7uIk5YaxpyHQZLBWIOqmUKzFE5mlz_rxhP9SBejfCiwDBBN2moos
Requested by
Host: em.tempesttelecom.com
URL: http://em.tempesttelecom.com/Mjk3LVZHQi04NjEAAAGLXXc1nfoC3bIQkOnvIXhDH4mENWQ6sI20zvg_FvjngU9HV0Svnavx6ckbNgVI85I8pKGl79I=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.23.135 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.23.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
http://em.tempesttelecom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
776178
content-type
application/pdf
date
Wed, 26 Apr 2023 17:27:08 GMT
etag
"6448254f-bd7f2"
last-modified
Tue, 25 Apr 2023 19:09:03 GMT
server
nginx
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| redirecturl function| redirect

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: http://em.tempesttelecom.com/Mjk3LVZHQi04NjEAAAGLXXc1nfoC3bIQkOnvIXhDH4mENWQ6sI20zvg_FvjngU9HV0Svnavx6ckbNgVI85I8pKGl79I=
Message:
The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: http://em.tempesttelecom.com/Mjk3LVZHQi04NjEAAAGLXXc1nfoC3bIQkOnvIXhDH4mENWQ6sI20zvg_FvjngU9HV0Svnavx6ckbNgVI85I8pKGl79I=
Message:
The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-C4iyY/lkvuzR4V0lFEcEt7/fX/f0XVi/iL2DwJKGkcY=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

em.tempesttelecom.com
www.tempestns.com
104.196.23.135
52.184.251.130
ac2615333e733c5559a7e786c6a5e2b0755be7687c81dc5aef66048136c127a9