tb14fcaee.emailsys1b.net

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 4 HTTP transactions. The main IP is 89.191.67.125, located in Germany and belongs to MEGASPACE-AS, DE. The main domain is tb14fcaee.emailsys1b.net.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on August 6th 2019. Valid for: 2 years.

This is the only time tb14fcaee.emailsys1b.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	89.191.67.125 89.191.67.125	34624 (MEGASPACE-AS) (MEGASPACE-AS)
2	143.204.202.54 143.204.202.54	16509 (AMAZON-02) (AMAZON-02)
4	2

2 89.191.67.125 (Germany)

ASN34624 (MEGASPACE-AS, DE)

tb14fcaee.emailsys1b.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-54.fra53.r.cloudfront.net

c.emailsys1b.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	emailsys1b.net tb14fcaee.emailsys1b.net c.emailsys1b.net	25 KB
4	1

	Domain	Requested by
2	c.emailsys1b.net	tb14fcaee.emailsys1b.net
2	tb14fcaee.emailsys1b.net	tb14fcaee.emailsys1b.net
4	2

This site contains no links.

Subject Issuer	Validity	Valid
*.emailsys.net DigiCert SHA2 High Assurance Server CA	`2019-08-06` - `2021-08-10`	2 years	crt.sh
c.emailsys.net Amazon	`2019-12-20` - `2021-01-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html
Frame ID: 62821D58E0E1F10A68D42E6B5D16AB0C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

25 kB
Transfer

53 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/	34 KB 5 KB	148ms 68ms	Document text/html	89.191.67.125 MEGASPACE-AS
General Check archive.org Show headers Download Go to Full URL https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.191.67.125 , Germany, ASN34624 (MEGASPACE-AS, DE), Reverse DNS Software nginx / Resource Hash `43529bc08742536d70821df7e0244982eb261fcd7aab790b406c1ee4d89dd5ab` Request headers :method GET :authority tb14fcaee.emailsys1b.net :scheme https :path /mailing/181/3073113/12383803/28819/a4a387d6b8/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Thu, 20 Aug 2020 08:40:10 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-node w1 x-lb lb1 content-encoding gzip
GET H/1.1	200 OK	4265828eb6fc221b06e9f86fcbfe6ab2d1bf0baa.jpg c.emailsys1b.net/mailingassets/	11 KB 12 KB	145ms 32ms	Image image/jpeg	143.204.202.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.emailsys1b.net/mailingassets/4265828eb6fc221b06e9f86fcbfe6ab2d1bf0baa.jpg Requested by Host: tb14fcaee.emailsys1b.net URL: https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.54 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-54.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `d90466443ae08ecf2061bae6dfe5d8c808a17f64d08a241a617f99db2189734c` Request headers Referer https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 20 Aug 2020 08:32:34 GMT Via 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront) Age 457 X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Content-Disposition inline; filename="tmpimageup_c8aQNj.jpg" Connection keep-alive Content-Length 11422 Last-Modified Fri, 05 Jun 2020 07:14:44 GMT Server AmazonS3 ETag "760bc0ca6353cfee22468c487aa750a4" x-amz-version-id h9FU7rVMI6mH0Jv5jR.0YGtXQHbmq5.J X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type image/jpeg X-Amz-Cf-Id GAOk70Lpye5O7VvIAqnfa8A2afdQZKO4ZkMqc1OOP_e52dMPw6QUPg==
GET H/1.1	200 OK	eac3265fcbab5e6a979addc90afa20e94848e2b5.jpg c.emailsys1b.net/mailingassets/	8 KB 9 KB	144ms 31ms	Image image/jpeg	143.204.202.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.emailsys1b.net/mailingassets/eac3265fcbab5e6a979addc90afa20e94848e2b5.jpg Requested by Host: tb14fcaee.emailsys1b.net URL: https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.202.54 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-202-54.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash `bfbb1b45cef200e63bb5b8c862d9a733cb1b97ab75efea8b31cf37f7d23102dd` Request headers Referer https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 20 Aug 2020 08:32:34 GMT Via 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront) Age 457 X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Content-Disposition inline; filename="tmpimageup_p3maPO.jpg" Connection keep-alive Content-Length 8310 Last-Modified Tue, 12 May 2020 09:28:36 GMT Server AmazonS3 ETag "bad496bb729adf678b60796821eed0fd" x-amz-version-id bbuJyk3xZ8LgyLVkxSRJtyw.N1N1tDzw X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Type image/jpeg X-Amz-Cf-Id jN5UYUf3e31REJt0sou5NvFZUJzhoU4SJS1r5Vli3ItM5JJdFSv4OQ==
GET H2	200	4d6ab682b1.gif tb14fcaee.emailsys1b.net/o/181/3073113/3023/0/12383803/28819/	43 B 165 B	43ms 43ms	Image image/gif	89.191.67.125 MEGASPACE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tb14fcaee.emailsys1b.net/o/181/3073113/3023/0/12383803/28819/4d6ab682b1.gif Requested by Host: tb14fcaee.emailsys1b.net URL: https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.191.67.125 , Germany, ASN34624 (MEGASPACE-AS, DE), Reverse DNS Software nginx / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://tb14fcaee.emailsys1b.net/mailing/181/3073113/12383803/28819/a4a387d6b8/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 20 Aug 2020 08:40:10 GMT content-encoding gzip server nginx vary Accept-Encoding content-type image/gif status 200 x-node w1 x-lb lb1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.emailsys1b.net
tb14fcaee.emailsys1b.net
143.204.202.54
89.191.67.125
43529bc08742536d70821df7e0244982eb261fcd7aab790b406c1ee4d89dd5ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bfbb1b45cef200e63bb5b8c862d9a733cb1b97ab75efea8b31cf37f7d23102dd
d90466443ae08ecf2061bae6dfe5d8c808a17f64d08a241a617f99db2189734c

tb14fcaee.emailsys1b.net Open in urlscan Pro 89.191.67.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

2 Countries

25 kBTransfer

53 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

tb14fcaee.emailsys1b.net Open in urlscan Pro
89.191.67.125 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

25 kB
Transfer

53 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions