Submitted URL: http://customer-mail.instamed.com/ls/click?upn=UOi-2FrY3Z5sIK59Ojkr3XowZPonTbE9ZJSkudpQKlVfJdzPNpiamP3aLkXs6T0bK1EuJki54VhkcP9QIUc...
Effective URL: https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Submission: On June 02 via manual from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 205.234.175.175, located in Cantonment, United States and belongs to SERVERCENTRAL, US. The main domain is instamedprd.cachefly.net. The Cisco Umbrella rank of the primary domain is 65139.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 1st 2022. Valid for: a year.
This is the only time instamedprd.cachefly.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.54 11377 (SENDGRID)
3 205.234.175.175 23352 (SERVERCEN...)
3 1
Apex Domain
Subdomains
Transfer
3 cachefly.net
instamedprd.cachefly.net — Cisco Umbrella Rank: 65139
9 KB
1 instamed.com
customer-mail.instamed.com — Cisco Umbrella Rank: 380663
287 B
3 2
Domain Requested by
3 instamedprd.cachefly.net instamedprd.cachefly.net
1 customer-mail.instamed.com 1 redirects
3 2

This site contains links to these domains. Also see Links.

Domain
nginx.net
fedoraproject.org
Subject Issuer Validity Valid
*.cachefly.net
GlobalSign RSA OV SSL CA 2018
2022-11-01 -
2023-12-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Frame ID: CCAE2FDAB6B969868F303CDAEBC6DBA4
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

The page is not found

Page URL History Show full URLs

  1. http://customer-mail.instamed.com/ls/click?upn=UOi-2FrY3Z5sIK59Ojkr3XowZPonTbE9ZJSkudpQKlVfJdzPNpiamP3aLkXs6T0... HTTP 302
    https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/ Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

9 kB
Transfer

11 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://customer-mail.instamed.com/ls/click?upn=UOi-2FrY3Z5sIK59Ojkr3XowZPonTbE9ZJSkudpQKlVfJdzPNpiamP3aLkXs6T0bK1EuJki54VhkcP9QIUcT-2FRRcFXzuNrF7bYlInC-2BFqJN-2BJt3UtAES05PhoYBwWjX-2BEUJuiT_yDXAzKv5Dk-2F84G846qZvqwVTaYBnKoccydCdP792uC1N1D1mliPddT3T4qDPuwPRjF2CHLIZIMGoz6P5UqF-2BquJjVGCp3zBEjEaVrRqrH-2BKtIqMaDG3Al0Lj9d9yAyT9Epib3RlRhbund70JvIpdg8Vz-2FuQ1y0j-2Fljkod9daI5WpaktqiAlXzUko3-2FTb8570mxHc-2FKXPDZtH-2Fad-2ByGFWqjXgJ2hX-2F0-2BMlQdMGTBwggLx4g-2Fpa-2F-2FgPoFF7CIWKdlgGZ4jE7IvdbwEhbSinL-2BF8eMTQwWokpaYQajGGZJxwx42YRRUBWPA5uYb6PxvgaMB HTTP 302
    https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Redirect Chain
  • http://customer-mail.instamed.com/ls/click?upn=UOi-2FrY3Z5sIK59Ojkr3XowZPonTbE9ZJSkudpQKlVfJdzPNpiamP3aLkXs6T0bK1EuJki54VhkcP9QIUcT-2FRRcFXzuNrF7bYlInC-2BFqJN-2BJt3UtAES05PhoYBwWjX-2BEUJuiT_yDXAzKv...
  • https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
4 KB
1 KB
Document
General
Full URL
https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4cdb501841cb16ce7d74fd8fd912e3fd8d67e1a70086bfa42d756480706ab183

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf4age
0
cf4ttl
120.000
content-encoding
gzip
content-type
text/html
date
Fri, 02 Jun 2023 17:37:34 GMT
server
CFS 0215
vary
Accept-Encoding
x-cf-reqid
588b74e498887c982c9c572f1bd8b949
x-cf-tsc
1685727455
x-cf1
15462:fJ.fra2:nom:cacheN.fra2-01:M
x-cf2
M
x-cf3
M
x-cff
B

Redirect headers

Connection
keep-alive
Content-Length
110
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Jun 2023 17:37:34 GMT
Location
https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png"/
Server
nginx
X-Robots-Tag
noindex, nofollow
nginx-logo.png
instamedprd.cachefly.net/
4 KB
4 KB
Image
General
Full URL
https://instamedprd.cachefly.net/nginx-logo.png
Requested by
Host: instamedprd.cachefly.net
URL: https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4cdb501841cb16ce7d74fd8fd912e3fd8d67e1a70086bfa42d756480706ab183

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 17:37:34 GMT
x-cf-tsc
1685727455
content-encoding
gzip
x-cf3
M
server
CFS 0215
cf4ttl
120.000
x-cff
B
vary
Accept-Encoding
x-cf1
15462:fJ.fra2:nom:cacheN.fra2-01:M
content-type
image/png
access-control-allow-origin
*
x-cf2
M
x-cf-reqid
fd3aed956edf349bda73602bc382800f
cf4age
0
poweredby.png
instamedprd.cachefly.net/
4 KB
4 KB
Image
General
Full URL
https://instamedprd.cachefly.net/poweredby.png
Requested by
Host: instamedprd.cachefly.net
URL: https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4cdb501841cb16ce7d74fd8fd912e3fd8d67e1a70086bfa42d756480706ab183

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 17:37:34 GMT
x-cf-tsc
1685727455
content-encoding
gzip
x-cf3
M
server
CFS 0215
cf4ttl
120.000
x-cff
B
vary
Accept-Encoding
x-cf1
15462:fJ.fra2:nom:cacheN.fra2-01:M
content-type
image/png
access-control-allow-origin
*
x-cf2
M
x-cf-reqid
fc68ea4491c4db2ff6a9ad1a95e7dc86
cf4age
0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://instamedprd.cachefly.net/V_2023_May/Content/Images/Email/body-desktop.png%22/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://instamedprd.cachefly.net/nginx-logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://instamedprd.cachefly.net/poweredby.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

customer-mail.instamed.com
instamedprd.cachefly.net
167.89.123.54
205.234.175.175
4cdb501841cb16ce7d74fd8fd912e3fd8d67e1a70086bfa42d756480706ab183