xmpiexes321.s3.eu-west-1.amazonaws.com Open in urlscan Pro
52.218.62.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dh4s6ydk.r.eu-west-1.awstrack.me/L0/https:%2F%2Fxmpiexes321.s3.eu-west-1.amazonaws.com%2F2483266%2Fmanus%2540emiratesnbd.com_2c8c...
Effective URL:
https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZD...
Submission: On December 03 via manual (December 3rd 2022, 1:26:39 pm UTC) from AE — Scanned from DE

Summary HTTP 12 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 52.218.62.48, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is xmpiexes321.s3.eu-west-1.amazonaws.com.
TLS certificate: Issued by Amazon on September 21st 2022. Valid for: a year.

This is the only time xmpiexes321.s3.eu-west-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.209.214.217 52.209.214.217	16509 (AMAZON-02) (AMAZON-02)
1	52.218.62.48 52.218.62.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:ca78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2001:8d8:9b1:... 2001:8d8:9b1:700::5a:3c95	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	34.251.220.216 34.251.220.216	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.19.126.225 2.19.126.225	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	7

1 52.209.214.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-214-217.eu-west-1.compute.amazonaws.com

dh4s6ydk.r.eu-west-1.awstrack.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.62.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

xmpiexes321.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:ca78 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:8d8:9b1:700::5a:3c95 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

images.premcomservices.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.220.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-220-216.eu-west-1.compute.amazonaws.com

xmediapremcom.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.225 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-225.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	premcomservices.co.uk images.premcomservices.co.uk	64 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 443 p.typekit.net — Cisco Umbrella Rank: 575	68 KB
1	xmediapremcom.co.uk xmediapremcom.co.uk	123 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	917 B
1	amazonaws.com xmpiexes321.s3.eu-west-1.amazonaws.com	63 KB
1	awstrack.me 1 redirects dh4s6ydk.r.eu-west-1.awstrack.me	332 B
12	6

	Domain	Requested by
5	images.premcomservices.co.uk	xmpiexes321.s3.eu-west-1.amazonaws.com
3	use.typekit.net	xmpiexes321.s3.eu-west-1.amazonaws.com use.typekit.net
1	p.typekit.net	use.typekit.net
1	xmediapremcom.co.uk	xmpiexes321.s3.eu-west-1.amazonaws.com
1	fonts.googleapis.com	xmpiexes321.s3.eu-west-1.amazonaws.com
1	xmpiexes321.s3.eu-west-1.amazonaws.com
1	dh4s6ydk.r.eu-west-1.awstrack.me	1 redirects
12	7

This site contains links to these domains. Also see Links.

Domain
www.johndwood.co.uk
www.facebook.com
twitter.com
www.instagram.com
www.countrywide.co.uk
xmediapremcom.co.uk

Subject Issuer	Validity	Valid
*.s3-eu-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.premcomservices.co.uk GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-11-03` - `2023-11-10`	a year	crt.sh
*.xmediapremcom.co.uk Encryption Everywhere DV TLS CA - G1	`2022-01-04` - `2023-01-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Frame ID: 4B1798A53DD650556757F4908DF873FC
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Countrywide UK Brands Modular Email Template

Page URL History Show full URLs

https://dh4s6ydk.r.eu-west-1.awstrack.me/L0/https:%2F%2Fxmpiexes321.s3.eu-west-1.amazonaws.com%2F2483266%2Fmanus%2540... HTTP 302
https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AW... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

319 kB
Transfer

325 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.johndwood.co.uk/

Search URL Search Domain Scan URL

URL: https://www.johndwood.co.uk/for-sale/?utm_source=PremLive&utm_medium=Email&utm_campaign=201
Title: For Sale

Search URL Search Domain Scan URL

URL: https://www.johndwood.co.uk/sell?utm_source=PremLive&utm_medium=Email&utm_campaign=201
Title: Sell

Search URL Search Domain Scan URL

URL: https://www.johndwood.co.uk/to-rent/?utm_source=PremLive&utm_medium=Email&utm_campaign=201
Title: To Rent

Search URL Search Domain Scan URL

URL: https://www.johndwood.co.uk/let?utm_source=PremLive&utm_medium=Email&utm_campaign=201
Title: Let

Search URL Search Domain Scan URL

URL: https://www.johndwood.co.uk/services?utm_source=PremLive&utm_medium=Email&utm_campaign=201
Title: Services

Search URL Search Domain Scan URL

URL: https://www.facebook.com/JDWandCo

Search URL Search Domain Scan URL

URL: https://twitter.com/johndwoodandco

Search URL Search Domain Scan URL

URL: https://www.instagram.com/johndwoodco

Search URL Search Domain Scan URL

URL: https://www.countrywide.co.uk/notices/PrivacyNotice.pdf
Title: here

Search URL Search Domain Scan URL

URL: http://xmediapremcom.co.uk/XMPieEmail/SubscriptionSite/UnSubscribe2G.aspx?accID=1125&accName=Countrywide+-+Property+Match&cmpID=126482&cmpName=ET_Countrywide_Single_Property+(L%26NH)+-+1015091&cmpOwner=Countrywide&jobID=2483266&licenseKey=LicenseKey&providerID=12&providerType=XMPie+Email+Service+(XES)&rid=manus%40emiratesnbd.com&sid=BB92283230C008584D753E427466AE703C2DB0B9433F86CC26C7B4972E76D0171AD825EDDD6A0E48E103B53DEE2B1936&email=manus%40emiratesnbd.com
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dh4s6ydk.r.eu-west-1.awstrack.me/L0/https:%2F%2Fxmpiexes321.s3.eu-west-1.amazonaws.com%2F2483266%2Fmanus%2540emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html%3FAWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ%26Expires=1677776817%26Signature=Dmz4qIHM2f1fhaoXjSle%252FPIuGr4%253D/1/01020184d3ce34b3-28f0d533-43f7-4b5a-b57f-2b7d6c51e8d6-000000/B42vXy6hQJMasMI9e_VojGPJCzo=298 HTTP 302
https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html Show response
xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/
Redirect Chain

https://dh4s6ydk.r.eu-west-1.awstrack.me/L0/https:%2F%2Fxmpiexes321.s3.eu-west-1.amazonaws.com%2F2483266%2Fmanus%2540emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html%3FAWSAccessKeyId=AKIAI...
https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1...

62 KB
63 KB

180ms
88ms

Document
text/html

52.218.62.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.62.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1f3b89371c94f98dc8c33a365ce28d759a596be3ba7ac4cfaf123c9803e56488

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 63859
Content-Type: text/html
Date: Sat, 03 Dec 2022 13:26:35 GMT
ETag: "5cde4c426a81218a6308dc7cde88d985"
Last-Modified: Fri, 02 Dec 2022 17:06:58 GMT
Server: AmazonS3
x-amz-expiration: expiry-date="Mon, 02 Jan 2023 00:00:00 GMT", rule-id="XMPieLifecycleRule"
x-amz-id-2: 9meVpitt4yGbLU6d188/PToYYYq0PRhnv97KFTPfoDGfr8WPdrxTsmrMr1kOsBJOlj18KGRRoG0=
x-amz-request-id: 1HJEGX8XQYED6AAC

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 03 Dec 2022 13:26:34 GMT
Location: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 45ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300

Requested by

Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 13:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 12:01:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Dec 2022 13:26:35 GMT

GET
H2 200 nad6otu.css
use.typekit.net/ 9 KB
1 KB 498ms
265ms Stylesheet
text/css 2a02:26f0:780::210:ca78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nad6otu.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:ca78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

59a871bdacafaf8164c65deab82bff703c359a2d195d13c902412937f544c940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 03 Dec 2022 13:26:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1066

GET
H/1.1 200
OK john-d-wood-and-co.png
images.premcomservices.co.uk/files/countrywide/headerimages/new/ 19 KB
19 KB 170ms
72ms Image
image/png 2001:8d8:9b1:700::5a:3c95
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.premcomservices.co.uk/files/countrywide/headerimages/new/john-d-wood-and-co.png
Requested by: Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2001:8d8:9b1:700::5a:3c95 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b2c0212a1a1404372f8e7001edcf881556bb49a3df92db2aa95d6a5c1c05d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sat, 03 Dec 2022 13:26:20 GMT
Last-Modified: Thu, 06 Oct 2022 13:49:42 GMT
Server: Microsoft-IIS/8.5
ETag: "8b668b7c8ad9d81:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 19356

GET
H2 200 6cd084a4-07ae-4bb0-bf18-eef993c82f51.jpg
xmediapremcom.co.uk/XMPieAssets/1/358464/ 123 KB
123 KB 143ms
46ms Image
image/jpeg 34.251.220.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xmediapremcom.co.uk/XMPieAssets/1/358464/6cd084a4-07ae-4bb0-bf18-eef993c82f51.jpg
Requested by: Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.251.220.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-220-216.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: d89acd5ee5b33873b6a0f57eef3b2fa1349f2f50a72eb5a3e667d5a9e63e2c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:26:35 GMT
last-modified: Fri, 02 Dec 2022 11:51:40 GMT
server: Microsoft-IIS/10.0
etag: "97bd470446d91:0"
x-powered-by: ASP.NET, ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 125944

GET
H/1.1 200
OK FB.png
images.premcomservices.co.uk/files/countrywide/campaigns/ 3 KB
3 KB 119ms
23ms Image
image/png 2001:8d8:9b1:700::5a:3c95
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.premcomservices.co.uk/files/countrywide/campaigns/FB.png
Requested by: Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2001:8d8:9b1:700::5a:3c95 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2edb5899671718181fa4ed5a89cb7f9673413be9d4914c7501914e545681248b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sat, 03 Dec 2022 13:26:20 GMT
Last-Modified: Wed, 14 Oct 2020 14:00:16 GMT
Server: Microsoft-IIS/8.5
ETag: "c71f565832a2d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 2875

GET
H/1.1 200
OK Twitter.png
images.premcomservices.co.uk/files/countrywide/campaigns/ 24 KB
25 KB 144ms
45ms Image
image/png 2001:8d8:9b1:700::5a:3c95
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.premcomservices.co.uk/files/countrywide/campaigns/Twitter.png
Requested by: Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2001:8d8:9b1:700::5a:3c95 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 321f24a6a1bbe7e7ba4e89be1e013ff70c8a96ff19696750a51c383e073d83da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sat, 03 Dec 2022 13:26:20 GMT
Last-Modified: Mon, 12 Oct 2020 09:14:53 GMT
Server: Microsoft-IIS/8.5
ETag: "feb412578a0d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 24965

GET
H/1.1 200
OK instagram.png
images.premcomservices.co.uk/files/countrywide/campaigns/ 6 KB
6 KB 162ms
64ms Image
image/png 2001:8d8:9b1:700::5a:3c95
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.premcomservices.co.uk/files/countrywide/campaigns/instagram.png
Requested by: Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2001:8d8:9b1:700::5a:3c95 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d98b513697328ec21217a9576e93cd73e586f2fe4362d7819ee24888747dd190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sat, 03 Dec 2022 13:26:20 GMT
Last-Modified: Thu, 22 Oct 2020 10:05:02 GMT
Server: Microsoft-IIS/8.5
ETag: "d76299ce5aa8d61:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 6343

GET
H/1.1 200
OK footer_logos_both.png
images.premcomservices.co.uk/files/countrywide/ 10 KB
11 KB 144ms
46ms Image
image/png 2001:8d8:9b1:700::5a:3c95
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.premcomservices.co.uk/files/countrywide/footer_logos_both.png
Requested by: Host: xmpiexes321.s3.eu-west-1.amazonaws.com
URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2001:8d8:9b1:700::5a:3c95 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cb8090e39bbaf6eafa742c2b1a574fe9273a1a9719ba1a41f7c169a2a8ae91f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xmpiexes321.s3.eu-west-1.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sat, 03 Dec 2022 13:26:20 GMT
Last-Modified: Tue, 27 Apr 2021 17:13:50 GMT
Server: Microsoft-IIS/8.5
ETag: "b73ce6b0883bd71:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 10565

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 70ms
13ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nad6otu&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162&a=13023652&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nad6otu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 03 Dec 2022 13:26:35 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 334ms
7ms Font
application/font-woff2 2.19.126.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nad6otu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-225.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

Request headers

Referer: https://use.typekit.net/nad6otu.css
Origin: https://xmpiexes321.s3.eu-west-1.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:26:35 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33576

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 333ms
7ms Font
application/font-woff2 2.19.126.225
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nad6otu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-225.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer: https://use.typekit.net/nad6otu.css
Origin: https://xmpiexes321.s3.eu-west-1.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:26:35 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34336

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D(Line 6) Message: Mixed Content: The page at 'https://xmpiexes321.s3.eu-west-1.amazonaws.com/2483266/manus%40emiratesnbd.com_2c8c6204-1c0f-477b-ac93-e823f2130ca9.html?AWSAccessKeyId=AKIAIZDFDRLRF7OOE7LQ&Expires=1677776817&Signature=Dmz4qIHM2f1fhaoXjSle%2FPIuGr4%3D' was loaded over HTTPS, but requested an insecure element 'http://xmediapremcom.co.uk/XMPieAssets/1/358464/6cd084a4-07ae-4bb0-bf18-eef993c82f51.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dh4s6ydk.r.eu-west-1.awstrack.me
fonts.googleapis.com
images.premcomservices.co.uk
p.typekit.net
use.typekit.net
xmediapremcom.co.uk
xmpiexes321.s3.eu-west-1.amazonaws.com
2.19.126.225
2001:8d8:9b1:700::5a:3c95
2a00:1450:4001:831::200a
2a02:26f0:3500:16::215:1495
2a02:26f0:780::210:ca78
34.251.220.216
52.209.214.217
52.218.62.48
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f3b89371c94f98dc8c33a365ce28d759a596be3ba7ac4cfaf123c9803e56488
2b2c0212a1a1404372f8e7001edcf881556bb49a3df92db2aa95d6a5c1c05d79
2edb5899671718181fa4ed5a89cb7f9673413be9d4914c7501914e545681248b
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
321f24a6a1bbe7e7ba4e89be1e013ff70c8a96ff19696750a51c383e073d83da
59a871bdacafaf8164c65deab82bff703c359a2d195d13c902412937f544c940
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
cb8090e39bbaf6eafa742c2b1a574fe9273a1a9719ba1a41f7c169a2a8ae91f7
d89acd5ee5b33873b6a0f57eef3b2fa1349f2f50a72eb5a3e667d5a9e63e2c5d
d98b513697328ec21217a9576e93cd73e586f2fe4362d7819ee24888747dd190
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

xmpiexes321.s3.eu-west-1.amazonaws.com Open in urlscan Pro 52.218.62.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

319 kBTransfer

325 kBSize

0 Cookies

11 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

xmpiexes321.s3.eu-west-1.amazonaws.com Open in urlscan Pro
52.218.62.48 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

319 kB
Transfer

325 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions