d2ag3jdu89hmr4.cloudfront.net

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 18.66.17.21, located in United States and belongs to AMAZON-02, US. The main domain is d2ag3jdu89hmr4.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 8th 2022. Valid for: a year.

This is the only time d2ag3jdu89hmr4.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.66.17.21 18.66.17.21	16509 (AMAZON-02) (AMAZON-02)
3	172.67.27.94 172.67.27.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2

2 18.66.17.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-21.vie50.r.cloudfront.net

d2ag3jdu89hmr4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.27.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sender.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	sender.net cdn.sender.net — Cisco Umbrella Rank: 188606	83 KB
2	cloudfront.net d2ag3jdu89hmr4.cloudfront.net	6 KB
5	2

	Domain	Requested by
3	cdn.sender.net	d2ag3jdu89hmr4.cloudfront.net
2	d2ag3jdu89hmr4.cloudfront.net	d2ag3jdu89hmr4.cloudfront.net
5	2

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cdn.sender.net Cloudflare Inc ECC CA-3	`2023-01-19` - `2024-01-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T
Frame ID: E4044EB541E73EF30BB1B911DAB34D8C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Webinar

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

89 kB
Transfer

114 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request EuKOQvKJR2_yLD8T Show response
d2ag3jdu89hmr4.cloudfront.net/browser_preview/ 32 KB
5 KB 245ms
151ms Document
text/html 18.66.17.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

18.66.17.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-17-21.vie50.r.cloudfront.net

Software

cloudflare /

Resource Hash

04cb981a295df9a5587b65a61ee4b0681d8f957b30e15b44c8613a6b3d654678

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 79e1b7c55c033a98-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Feb 2023 17:35:25 GMT
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
x-amz-cf-id: yLYV_hKmvzE6IlJagYmLXTBb1QZFyRLEQ7sHbujzVhH-lcyjph6BEg==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 EuKOQvKJR2_yLD8T
d2ag3jdu89hmr4.cloudfront.net/email_open/ 43 B
715 B 138ms
138ms Image
image/gif 18.66.17.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2ag3jdu89hmr4.cloudfront.net/email_open/EuKOQvKJR2_yLD8T

Requested by

Host: d2ag3jdu89hmr4.cloudfront.net
URL: https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

18.66.17.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-17-21.vie50.r.cloudfront.net

Software

cloudflare /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:35:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 43
pragma: no-cache
server: cloudflare
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 79e1b7c65f6b39eb-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v3OXpB_UKcOwBhxSuL9dtkVrqYZaozPE0-shir1cKvJDCyOJrm68aA==
expires: Wed, 23 Feb 2022 17:35:25 GMT

GET
H/1.1 200
OK logo2.png
cdn.sender.net//email_images/117825/images/all/ 17 KB
18 KB 218ms
143ms Image
image/png 172.67.27.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sender.net//email_images/117825/images/all/logo2.png
Requested by: Host: d2ag3jdu89hmr4.cloudfront.net
URL: https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.27.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4d881a9ea2ba4d9e1d4d3d4839a95c02137f639506dec9b37a945dadaea8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2ag3jdu89hmr4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 17:35:25 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 23 Dec 2022 14:56:39 GMT
Server: cloudflare
ETag: "3ef8a0e0e71bef78c39e1f9b9c97fbd9"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 79e1b7c6afd939da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 17846

GET
H/1.1 200
OK febru2.png
cdn.sender.net//email_images/117825/images/all/ 1 KB
2 KB 189ms
129ms Image
image/png 172.67.27.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sender.net//email_images/117825/images/all/febru2.png
Requested by: Host: d2ag3jdu89hmr4.cloudfront.net
URL: https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.27.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2099b21dc903acbf8ed37be1720ea518f4974709d0adac1df1de56c81855b15e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2ag3jdu89hmr4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 17:35:25 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 20 Feb 2023 14:31:54 GMT
Server: cloudflare
ETag: "2c9e7adfa7077606d2601fdda82884f2"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 79e1b7c6ab513624-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1528

GET
H/1.1 200
OK tom_fragale.jpg
cdn.sender.net//email_images/117825/images/all/ 63 KB
63 KB 192ms
133ms Image
image/jpeg 172.67.27.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sender.net//email_images/117825/images/all/tom_fragale.jpg
Requested by: Host: d2ag3jdu89hmr4.cloudfront.net
URL: https://d2ag3jdu89hmr4.cloudfront.net/browser_preview/EuKOQvKJR2_yLD8T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.27.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231aea20fc11572e7a05be475ea5c15d44e907679806e514f3fd22998ba8c266

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2ag3jdu89hmr4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 17:35:25 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 23 Dec 2022 14:56:41 GMT
Server: cloudflare
ETag: "35d53861127c73592d9b2bcbe5031725"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 79e1b7c6ade22bce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 64424

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sender.net
d2ag3jdu89hmr4.cloudfront.net
172.67.27.94
18.66.17.21
04cb981a295df9a5587b65a61ee4b0681d8f957b30e15b44c8613a6b3d654678
2099b21dc903acbf8ed37be1720ea518f4974709d0adac1df1de56c81855b15e
231aea20fc11572e7a05be475ea5c15d44e907679806e514f3fd22998ba8c266
3e4d881a9ea2ba4d9e1d4d3d4839a95c02137f639506dec9b37a945dadaea8ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

d2ag3jdu89hmr4.cloudfront.net Open in urlscan Pro 18.66.17.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

89 kBTransfer

114 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

d2ag3jdu89hmr4.cloudfront.net Open in urlscan Pro
18.66.17.21 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

89 kB
Transfer

114 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions