urlscan.io logo urlscan.io
SecurityTrails logo

static1.e621.net Open in urlscan Pro
148.163.96.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cam1494.com/Media/Covers/Troll
Effective URL: https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg
Submission: On July 14 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 148.163.96.43, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is static1.e621.net. The Cisco Umbrella rank of the primary domain is 256661.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 18th 2022. Valid for: a year.
This is the only time static1.e621.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2600:9000:223... 16509 (AMAZON-02)
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 148.163.96.43 53755 (IOFLOOD)
2 2
Apex Domain
Subdomains		 Transfer
2 cam1494.com
www.cam1494.com
1 KB
1 e621.net
static1.e621.net — Cisco Umbrella Rank: 256661
301 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5138
315 B
2 3
Domain Requested by
2 www.cam1494.com 1 redirects
1 static1.e621.net
1 bit.ly 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
*.cam1494.com
Amazon RSA 2048 M02		 2023-07-13 -
2024-08-10		 a year crt.sh
static1.e621.net
Sectigo RSA Domain Validation Secure Server CA		 2022-08-18 -
2023-09-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg
Frame ID: A3658E1A935F8F5A2E4F24126EA01EA0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

d066c0b8daa18ad04b098b1b3039a534.jpg (2048×2012)

Page URL History Show full URLs

  1. https://www.cam1494.com/Media/Covers/Troll HTTP 301
    https://www.cam1494.com/Media/Covers/Troll/ Page URL
  2. https://bit.ly/funnythingaha HTTP 301
    https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg Page URL

Page Statistics

2
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

303 kB
Transfer

302 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cam1494.com/Media/Covers/Troll HTTP 301
    https://www.cam1494.com/Media/Covers/Troll/ Page URL
  2. https://bit.ly/funnythingaha HTTP 301
    https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.cam1494.com/Media/Covers/Troll HTTP 301
  • https://www.cam1494.com/Media/Covers/Troll/

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.cam1494.com/Media/Covers/Troll/
Redirect Chain
  • https://www.cam1494.com/Media/Covers/Troll
  • https://www.cam1494.com/Media/Covers/Troll/
692 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cam1494.com/Media/Covers/Troll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ee00:1a:7140:5600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6b823dda997af61d8fd81d0c385d17e6a2d0009656d75962f8cdbd9ad1bcd65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0, s-maxage=2
content-length
692
content-type
text/html
date
Fri, 14 Jul 2023 22:34:22 GMT
etag
"75860b281baa0981cb4d5f0559123c5a"
last-modified
Fri, 14 Jul 2023 21:53:31 GMT
server
AmazonS3
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
0Ie6CCjM2bnKY9X0BcIKxTB5hiOtQ0sVw8YgConG-tHXit8abdbPXw==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

content-length
0
content-type
application/xml
date
Fri, 14 Jul 2023 22:34:21 GMT
location
/Media/Covers/Troll/
server
AmazonS3
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
kzE6XK1kGX9WPfR9Boh6GkvR2qr4c1bw_hKcXLsVwlJLU9m6CppG5w==
x-amz-cf-pop
FRA56-P4
x-cache
Error from cloudfront
Primary Request d066c0b8daa18ad04b098b1b3039a534.jpg
static1.e621.net/data/d0/66/
Redirect Chain
  • https://bit.ly/funnythingaha
  • https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg
301 KB
301 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.163.96.43 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS
we.love.servers.at.ioflood.net
Software
nginx /
Resource Hash
b5f62c5533f6c0642d4e341c228f8817b3e28572c1cdfbefd5a5871f1db3cadf

Request headers

Referer
https://www.cam1494.com/Media/Covers/Troll/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-length
308189
content-type
image/jpeg
date
Fri, 14 Jul 2023 22:34:22 GMT
etag
"63e2f9c6-4b3dd"
expires
Sat, 13 Jul 2024 22:34:22 GMT
last-modified
Wed, 08 Feb 2023 01:24:22 GMT
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
159
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 14 Jul 2023 22:34:22 GMT
location
https://static1.e621.net/data/d0/66/d066c0b8daa18ad04b098b1b3039a534.jpg
referrer-policy
unsafe-url
server
nginx
via
1.1 google

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n6emym-8644301782abd08226-00o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
static1.e621.net
www.cam1494.com
148.163.96.43
2600:9000:223e:ee00:1a:7140:5600:93a1
67.199.248.11
a6b823dda997af61d8fd81d0c385d17e6a2d0009656d75962f8cdbd9ad1bcd65
b5f62c5533f6c0642d4e341c228f8817b3e28572c1cdfbefd5a5871f1db3cadf