urlscan.io logo urlscan.io
SecurityTrails logo

www.westelm.com Open in urlscan Pro
95.100.69.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.thekeyrewards.com/rts/go2.aspx?h=12466020&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&x=3...
Effective URL: https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T...
Submission Tags: phishing malicious Search All
Submission: On July 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 95.100.69.63, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.westelm.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 20th 2020. Valid for: a year.
This is the only time www.westelm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.148.46.72 53316 (ASN-CHEET...)
3 95.100.69.63 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 2
Apex Domain
Subdomains		 Transfer
3 westelm.com
www.westelm.com
7 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com
21 KB
1 thekeyrewards.com
link.thekeyrewards.com
586 B
4 3
Domain Requested by
3 www.westelm.com www.westelm.com
1 stackpath.bootstrapcdn.com www.westelm.com
1 link.thekeyrewards.com 1 redirects
4 3

This site contains links to these domains. Also see Links.

Domain
www.westelm.co.uk
www.potterybarnkids.co.uk
Subject Issuer Validity Valid
www.williams-sonoma.com
GeoTrust RSA CA 2018		 2020-07-20 -
2021-10-19		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Frame ID: D81CA5BE8604A124504E26C3FD368175
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://link.thekeyrewards.com/rts/go2.aspx?h=12466020&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-... HTTP 302
    https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

28 kB
Transfer

151 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.thekeyrewards.com/rts/go2.aspx?h=12466020&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&x=3904099%7ci-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2%7cPROMO%7cKEY%7c2020-07-24_Key_Flash%7c01:FB7B0F37A5C7078376AF567BF4BD092140DC5518 HTTP 302
    https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.westelm.com/
Redirect Chain
  • http://link.thekeyrewards.com/rts/go2.aspx?h=12466020&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&x=3904099%7ci-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5...
  • https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.69.63 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
113955f0a1203f55d83542c44557690aabeda0cc7406fe67bf98df0f1f2041d6

Request headers

:method
GET
:authority
www.westelm.com
:scheme
https
:path
/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"3063364f0a9203130f5dcb04adf2c7a8:1541758498"
last-modified
Fri, 09 Nov 2018 10:14:58 GMT
server
AkamaiNetStorage
x-akamai-transformed
9 - 0 pmb=mTOE,1
vary
Accept-Encoding
content-encoding
gzip
expires
Fri, 24 Jul 2020 14:02:14 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 24 Jul 2020 14:02:14 GMT
content-length
1570
set-cookie
WSPFY=4ed77a5c58060000e6e91a5f91010000b9a91000; expires=Mon, 1-Jan-2024 00:00:01 GMT; path=/; domain=.westelm.com ak_bmsc=A4D3CFE04B6F1CB1E88FF911CE14BC705C7AD74E58060000E6E91A5FDE597073~pl7vrFfcvIHbu1brMVDWGsmUDjoVRLUjPohmYRSJVMdeufR6/dNJfrhcHZojPKT8xA9vtXjLWfSF1RC2TEBviCsaYmaAjnq5GNPxe9udhsHpdSEJQG3Ti8EhvzakPydLcum3cTCcofQNW2LGJ2CqchMmx65+z2LNvD0l/Xc6SVbWrPHegDdGlBU1Ztot/tDrhI/fyGRLUKEaXzkMz8ID+hjl6EVVIuVOCOsBWFgchMTrA=; expires=Fri, 24 Jul 2020 16:02:14 GMT; max-age=7200; path=/; domain=.westelm.com; HttpOnly bm_sz=EA35BBC3E53DB33000F3E09F6E1DEC4E~YAAQTtd6XA/KRy1zAQAAAawhgQi49G9Z5VsIOyEhKyJ0df7g7TB0jpu3Qk+u/yBs/0xfaOOqWtmf0Oc5t6ZYrqv+lwmKpZQ3Dqcquv87YNthX5+o9p27HawsC1rDfDgf32bcCxUnJjspe5yUQHIJumru2vruBO6TkYx2uWQhyNL2OvwMy8Rug6MpRiH5yE7ejQ==; Domain=.westelm.com; Path=/; Expires=Fri, 24 Jul 2020 18:02:14 GMT; Max-Age=14400; HttpOnly _abck=09DFEB3BE72230B37E8A73576E78F685~-1~YAAQTtd6XBDKRy1zAQAAAawhgQQ5+agoTAl6D6+3PA/8jjeP4GGiLoBANv1n2rEj9MYsqcLAkvHESehYDBtbq1OXWi2m8UeoEnngrEPqegSH99o1i67NBQDgP0knbqainXQ9DJPmTwqCB0XMdpVZwbcMWUH5vFOhIXUjOGGpypz22UnQN0NzZAQocSQ9Vq4SOofURyt6cMS3AVk7SLwdREhxFaXkiUsoAbAFslXugYYakpSQDXERwzdu7E6Bi80s/JJwEm6OiqXKjib3t7TwBBKtlzr0z0LLoxrfRrSBLQkP2zbXTt/lCXyrfw==~-1~-1~-1; Domain=.westelm.com; Path=/; Expires=Sat, 24 Jul 2021 14:02:14 GMT; Max-Age=31536000; Secure
server-timing
cdn-cache; desc=HIT edge; dur=28
akamai-grn
0.4ed77a5c.1595599334.6095861f

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Server
Microsoft-IIS/8.0
Set-Cookie
ASP.NET_SessionId=qt45yykh2dqa4rezyigfbajp; path=/; HttpOnly; SameSite=Lax
X-Powered-By
ASP.NET
Date
Fri, 24 Jul 2020 14:02:11 GMT
Connection
close
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
677
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: www.westelm.com
URL: https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Origin
https://www.westelm.com

Response headers

date
Fri, 24 Jul 2020 14:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
21089
eu_restriction.css
www.westelm.com/netstorage/css/ 		646 B
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.westelm.com/netstorage/css/eu_restriction.css
Requested by
Host: www.westelm.com
URL: https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.69.63 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e7fc0d21c53d1089140c5babf79dd3c88e88ca59ebe9007d2b410f36294e7e72

Request headers

Referer
https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jul 2020 14:02:14 GMT
last-modified
Mon, 21 May 2018 16:21:05 GMT
server
AkamaiNetStorage
akamai-grn
0.4ed77a5c.1595599334.6095917e
etag
"5838f0c85a2b8d12a5b68c09c405fe25:1526919665"
content-type
text/css
status
200
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=HIT, edge; dur=24
accept-ranges
bytes
content-length
646
expires
Fri, 24 Jul 2020 14:02:14 GMT
7f5ccd2fcno18945f0638fdb8fb37e0
www.westelm.com/public/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westelm.com/public/7f5ccd2fcno18945f0638fdb8fb37e0
Requested by
Host: www.westelm.com
URL: https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.69.63 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
113955f0a1203f55d83542c44557690aabeda0cc7406fe67bf98df0f1f2041d6

Request headers

Referer
https://www.westelm.com/?bnrid=3904099&cm_ite=WEeheader&tp=i-1NHD-Q69-21RB-1lJsruI-1n-2uVja-1c-idA8-1lJNvok-l4tVx5yav9-T5bU2&cm_ven=PROMO&cm_cat=KEY&cm_pla=2020-07-24_Key_Flash&cm_em=01:FB7B0F37A5C7078376AF567BF4BD092140DC5518
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jul 2020 14:02:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
akamai-grn
0.4ed77a5c.1595599334.60959186
etag
"3063364f0a9203130f5dcb04adf2c7a8:1541758498"
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
max-age=0, no-cache, no-store
server-timing
edge; dur=1, cdn-cache; desc=HIT
content-length
1570
x-akamai-transformed
9 6216 0 pmb=mTOE,1
expires
Fri, 24 Jul 2020 14:02:14 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf

4 Cookies

Domain/Path Name / Value
.westelm.com/ Name: bm_sz
Value: 2024A3BD4284F652F3DD0283C596477D~YAAQTtd6XBHKRy1zAQAAP6whgQhp7PBeyDynvi2ngS/ue/wSeCbv3YX1atF0KdkQ41vGeRqvzV2pgXEqSac87ov6JSG1CNzpW9FZipkum6V560SBbqpV2wO44HpYZVoMfGzNfpDRnrC3STjtP3LJ2Zv7qvoBUa/zuZCrY6L/xCDODNqMgyvquOgxagqzqdg=
.westelm.com/ Name: ak_bmsc
Value: BD888E0BBD3477EBB8F43AF64755F53F5C7AD74E58060000E6E91A5FD511225A~pl4Pmy0PjRjHycfFx6kGBJ6rMGadioSJKzwOoQjuUxwoN3dVnMd8hq7fq5i9ZP3Bny+lPmo1UKc9ov0tKOXc9p6jJy4n5kQma/XQgN0s1Nz8xogucsOpt66kl+iR1IqbFuR0b7W+s8ACoie7XiR7THZIr9Ms11QKVtDI+8Ia0YTXDWr7jg62UxaolcPy4zaVOSb+eHCh/aMpQLTo6XZXlZrgWhDiHUIGV05LIN2Maa+nM=
.westelm.com/ Name: _abck
Value: 0AC9C3001D81278C11802E43941745C9~-1~YAAQTtd6XBLKRy1zAQAAP6whgQRQBPJbvt33vPY+e6Tnz78tsTR+LB2jqktJgzOvgxPN6pDKi28rrvDtRWZnLsmQ9evefkpLU0K10+TMV1RddDvaC0zRr2Hu1McwsLbDqmBSudp4otR2QJLlywXysLxu99pwHAZ61X7RPSX2I980VmexuGFGMtJlOuS5yyCWlR5sJTBi0KscNoCm2wWvJlsEwe9CNVQB0TfVkFTrIqMdgsFDWDRMRd3CD+V9SG68OVhIhA5R4ii+ym+K533qxAD7+W+48AOX3b4x1ZXajuQ9YDJE4nC4C0nMfg==~-1~-1~-1
.westelm.com/ Name: WSPFY
Value: 4ed77a5c58060000e6e91a5fcf010000baa91000