resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com
Open in
urlscan Pro
52.95.149.34
Public Scan
Submitted URL: https://16.xg4ken.com/media/redir.php?prof=177&camp=124362&affcode=pg1191650&k_inner_url_encoded=1&cid=46010231383&net...
Effective URL: https://resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com/h81289f-0pqaj9ef-088vjawwe-0jboay-0href-0jeedj-ofs-ap-southeast.html
Submission Tags: falconsandbox
Submission: On October 24 via api from US — Scanned from DE
Effective URL: https://resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com/h81289f-0pqaj9ef-088vjawwe-0jboay-0href-0jeedj-ofs-ap-southeast.html
Submission Tags: falconsandbox
Submission: On October 24 via api from US — Scanned from DE
Summary
This website contacted 3 IPs
in 3 countries
across 4 domains to perform 4 HTTP transactions.
The main IP is 52.95.149.34, located in
London, United Kingdom and
belongs to AMAZON-02, US.
The main domain is resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com.
TLS certificate: Issued by Amazon on December 9th 2021. Valid for: a year.
This is the only time resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on December 9th 2021. Valid for: a year.
This is the only time resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 52.212.92.75 52.212.92.75 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 108.167.180.220 108.167.180.220 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
| 1 | 52.95.149.34 52.95.149.34 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 3 |
1
52.212.92.75
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-92-75.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-92-75.eu-west-1.compute.amazonaws.com
| 16.xg4ken.com |
2
108.167.180.220
(United States)
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: gator4157.hostgator.com
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: gator4157.hostgator.com
| resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com |
1
52.95.149.34
(London, United Kingdom)
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com
| resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
readhealthdaily.com
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com |
1 KB |
| 1 |
amazonaws.com
resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com |
10 KB |
| 1 |
xg4ken.com
1 redirects
16.xg4ken.com — Cisco Umbrella Rank: 350668 |
415 B |
| 0 |
inflowanalysis.com
Failed
inflowanalysis.com Failed |
|
| 4 | 4 |
| Domain | Requested by | |
|---|---|---|
| 2 | resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com |
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com
|
| 1 | resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com |
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com
|
| 1 | 16.xg4ken.com | 1 redirects |
| 0 | inflowanalysis.com Failed |
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com
|
| 4 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.readhealthdaily.com R3 |
2022-09-17 - 2022-12-16 |
3 months | crt.sh |
| *.s3.eu-west-2.amazonaws.com Amazon |
2021-12-09 - 2022-11-24 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com/h81289f-0pqaj9ef-088vjawwe-0jboay-0href-0jeedj-ofs-ap-southeast.html
Frame ID: 80DF08E020D04F9B0175E0C6E242C233
Requests: 3 HTTP requests in this frame
Frame:
https://inflowanalysis.com/viewPDFtabOpenPAYEdetails/
Frame ID: 4EA267188A75DAA0808F114FB7DD05C3
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://16.xg4ken.com/media/redir.php?prof=177&camp=124362&affcode=pg1191650&k_inner_url_encoded=1...
HTTP 307
https://resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com/l9AUr4/YXBhcnNvbnNAa3BtZy5jb20=?networktype=search Page URL
- https://resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com/h81289f-0pqaj9ef-088vjawwe-0jboay-0href-0jeedj-ofs-ap-southeast.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://16.xg4ken.com/media/redir.php?prof=177&camp=124362&affcode=pg1191650&k_inner_url_encoded=1&cid=46010231383&networktype=search&kdv=c&kpid=mksa34ed&kmc=17101421&url=https%3A%2F%2Fresolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com%2Fl9AUr4%2FYXBhcnNvbnNAa3BtZy5jb20%3D
HTTP 307
https://resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com/l9AUr4/YXBhcnNvbnNAa3BtZy5jb20=?networktype=search Page URL
- https://resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com/h81289f-0pqaj9ef-088vjawwe-0jboay-0href-0jeedj-ofs-ap-southeast.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://16.xg4ken.com/media/redir.php?prof=177&camp=124362&affcode=pg1191650&k_inner_url_encoded=1&cid=46010231383&networktype=search&kdv=c&kpid=mksa34ed&kmc=17101421&url=https%3A%2F%2Fresolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com%2Fl9AUr4%2FYXBhcnNvbnNAa3BtZy5jb20%3D HTTP 307
- https://resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com/l9AUr4/YXBhcnNvbnNAa3BtZy5jb20=?networktype=search
- https://inflowanalysis.com/viewPDFtabOpenPAYEdetails HTTP 301
- https://inflowanalysis.com/viewPDFtabOpenPAYEdetails/
4 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
YXBhcnNvbnNAa3BtZy5jb20=
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com/l9AUr4/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
site.js
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com/l9AUr4/ |
166 B 204 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
h81289f-0pqaj9ef-088vjawwe-0jboay-0href-0jeedj-ofs-ap-southeast.html
resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com/ |
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
inflowanalysis.com/viewPDFtabOpenPAYEdetails/ Frame 4EA2 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- inflowanalysis.com
- URL
- https://inflowanalysis.com/viewPDFtabOpenPAYEdetails/
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _0x1b79 function| _0x26a5 function| _0x30928d function| _0x53ab function| _0x4f5dac function| _0x2fa1 string| email string| deurl object| res string| my_email2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .xg4ken.com/ | Name: kenshoo_id Value: 38e5be3b-2f47-4a34-bac8-c79008dd4ce3 |
|
| resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com/ | Name: PHPSESSID Value: 4731578c2649a94aa57fb071bd00e434 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
16.xg4ken.com
inflowanalysis.com
resolutionexperts-downloadpdf-241044202201102977-southeast-3.readhealthdaily.com
resolutionexperts-fetchpdf-5um3mo9guiv2l14qvgasejp7perto1y3z.s3.eu-west-2.amazonaws.com
inflowanalysis.com
108.167.180.220
52.212.92.75
52.95.149.34
a401f8731e9db59ce898cf1743a3f1cca90995a5b3ba08c2cffe456b07dda71b
f2acff381d34a0770ab96f24de592129412ea415b9c0f24ec8ae59609271205d