urlscan.io logo urlscan.io
SecurityTrails logo

s3.sa-east-1.amazonaws.com Open in urlscan Pro
52.95.163.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://careersatcapitalone.com/
Effective URL: https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf...
Submission: On December 20 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 52.95.163.30, located in São Paulo, Brazil and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is s3.sa-east-1.amazonaws.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on November 9th 2019. Valid for: a year.
This is the only time s3.sa-east-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.17.18.197 51852 (PLI-AS)
2 54.209.22.226 14618 (AMAZON-AES)
3 52.95.163.30 16509 (AMAZON-02)
1 52.95.164.75 16509 (AMAZON-02)
2 104.20.2.47 13335 (CLOUDFLAR...)
9 5
2    81.17.18.197 (Switzerland)

ASN51852 (PLI-AS, CH)
careersatcapitalone.com
2    54.209.22.226 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-22-226.compute-1.amazonaws.com
usd.leontius-eli.com
3    52.95.163.30 (São Paulo, Brazil)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
1    52.95.164.75 (São Paulo, Brazil)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-sa-east-1-r-w.amazonaws.com
xprscript.s3-sa-east-1.amazonaws.com
2    104.20.2.47 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.statcounter.com
c.statcounter.com
Domain Requested by
3 s3.sa-east-1.amazonaws.com usd.leontius-eli.com
s3.sa-east-1.amazonaws.com
2 usd.leontius-eli.com careersatcapitalone.com
usd.leontius-eli.com
2 careersatcapitalone.com 1 redirects
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com s3.sa-east-1.amazonaws.com
1 xprscript.s3-sa-east-1.amazonaws.com s3.sa-east-1.amazonaws.com
9 6

This site contains links to these domains. Also see Links.

Domain
speedomizer.com
Subject Issuer Validity Valid
*.s3-sa-east-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-10		 a year crt.sh
*.statcounter.com
Go Daddy Secure Certificate Authority - G2		 2018-11-18 -
2020-01-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Frame ID: 7B20533A2B4E784331ABC47C25F09008
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://careersatcapitalone.com/ Page URL
  2. http://careersatcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3Njg... HTTP 302
    http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9... Page URL
  3. http://usd.leontius-eli.com/zcredirect?visitid=d62bed94-22cb-11ea-9626-12e8bd4fad45&type=js&browserWidth... Page URL
  4. https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /statcounter\.com\/counter\/counter/i

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

28 kB
Transfer

45 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://careersatcapitalone.com/ Page URL
  2. http://careersatcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3NjgxNDE0NSwiaWF0IjoxNTc2ODA2OTQ1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybmd2MzN2dm1tYW1tcDNjbHMwYzdvc2giLCJuYmYiOjE1NzY4MDY5NDUsInRzIjoxNTc2ODA2OTQ1MzI4OTk2fQ.0zyuDClTiaQeXX3nu3RCiGTzVeAXQalxDzieivgr7_U&sid=d60db988-22cb-11ea-99ae-06bfb9bf158a HTTP 302
    http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422 Page URL
  3. http://usd.leontius-eli.com/zcredirect?visitid=d62bed94-22cb-11ea-9626-12e8bd4fad45&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://careersatcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3NjgxNDE0NSwiaWF0IjoxNTc2ODA2OTQ1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybmd2MzN2dm1tYW1tcDNjbHMwYzdvc2giLCJuYmYiOjE1NzY4MDY5NDUsInRzIjoxNTc2ODA2OTQ1MzI4OTk2fQ.0zyuDClTiaQeXX3nu3RCiGTzVeAXQalxDzieivgr7_U&sid=d60db988-22cb-11ea-99ae-06bfb9bf158a HTTP 302
  • http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
careersatcapitalone.com/ 		479 B
846 B 		Document
General
Check archive.org
Download Go to
Full URL
http://careersatcapitalone.com/
Protocol
HTTP/1.1
Server
81.17.18.197 , Switzerland, ASN51852 (PLI-AS, CH),
Reverse DNS
Software
nginx /
Resource Hash
73cadd987e6d71b2ee89af70d4175f9297fc5803ddf2861007035116b365128f

Request headers

Host
careersatcapitalone.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
479
content-type
text/html; charset=utf-8
date
Fri, 20 Dec 2019 01:55:44 GMT
server
nginx
set-cookie
sid=d60db988-22cb-11ea-99ae-06bfb9bf158a; path=/; domain=.careersatcapitalone.com; expires=Wed, 07 Jan 2088 05:09:52 GMT; max-age=2147483647; HttpOnly
d62bed94-22cb-11ea-9626-12e8bd4fad45
usd.leontius-eli.com/zcvisitor/
Redirect Chain
  • http://careersatcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3NjgxNDE0NSwiaWF0IjoxNTc2ODA2OTQ1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybmd2MzN2dm1tYW1tcDNjb...
  • http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422
1010 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422
Requested by
Host: careersatcapitalone.com
URL: http://careersatcapitalone.com/
Protocol
HTTP/1.1
Server
54.209.22.226 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-22-226.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
8295e9bed5e398f1027a267a2ebed6da3fba8ef145cb61f19dce1fcfd7900fcb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.leontius-eli.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://careersatcapitalone.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://careersatcapitalone.com/

Response headers

Date
Fri, 20 Dec 2019 01:55:46 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 20 Dec 2019 01:55:45 GMT
location
http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422
server
nginx
set-cookie
sid=d60db988-22cb-11ea-99ae-06bfb9bf158a; path=/; domain=.careersatcapitalone.com; expires=Wed, 07 Jan 2088 05:09:52 GMT; max-age=2147483647; HttpOnly
zcredirect
usd.leontius-eli.com/ 		480 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://usd.leontius-eli.com/zcredirect?visitid=d62bed94-22cb-11ea-9626-12e8bd4fad45&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: usd.leontius-eli.com
URL: http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422
Protocol
HTTP/1.1
Server
54.209.22.226 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-22-226.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
e00f919e85c2abe6437556b0f2f017adf498edd5f527b6cd46cc449d9e401ffa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
usd.leontius-eli.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://usd.leontius-eli.com/zcvisitor/d62bed94-22cb-11ea-9626-12e8bd4fad45?campaignid=8b0f2a40-d652-11e9-9870-12077332b422

Response headers

Date
Fri, 20 Dec 2019 01:55:46 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request Pdf_creator.html
s3.sa-east-1.amazonaws.com/xprscript/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Requested by
Host: usd.leontius-eli.com
URL: http://usd.leontius-eli.com/zcredirect?visitid=d62bed94-22cb-11ea-9626-12e8bd4fad45&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.163.30 São Paulo, Brazil, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4b77170b2b7fdcd62eaf8bf98695d3080c50c3421d6eea2c3d8104bf443801e7

Request headers

Host
s3.sa-east-1.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://usd.leontius-eli.com/zcredirect?visitid=d62bed94-22cb-11ea-9626-12e8bd4fad45&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://usd.leontius-eli.com/zcredirect?visitid=d62bed94-22cb-11ea-9626-12e8bd4fad45&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

x-amz-id-2
cZD/JghZ6/CttD0e9d07VDG9t6KUr1zgNS+gjDMxkIWdkZp8cOiA7Y/3CxBrFDyUA2e6sKYLvrM=
x-amz-request-id
3225FCDB564A46FD
Date
Fri, 20 Dec 2019 01:55:48 GMT
Last-Modified
Wed, 30 Oct 2019 23:56:07 GMT
ETag
"18d7a4bca130cbbe9d9ef3c8fdceba83"
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
3879
Server
AmazonS3
main.css
s3.sa-east-1.amazonaws.com/xprscript/pdfcreator/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.sa-east-1.amazonaws.com/xprscript/pdfcreator/main.css
Requested by
Host: s3.sa-east-1.amazonaws.com
URL: https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.163.30 São Paulo, Brazil, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a996468f9a0cf277ab1a0d0cedb4b4a21d5c4285970b10e6e7b08e8fe8eedfff

Request headers

Referer
https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Dec 2019 01:55:48 GMT
Last-Modified
Mon, 15 Apr 2019 22:33:58 GMT
Server
AmazonS3
x-amz-request-id
572C0BE4149B6384
ETag
"00be288ba293814dc5e3ad63c5a3495d"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3710
x-amz-id-2
h423/Is/4vUhqzpTJKGEYs4HKr7I9vBCTD3hmpu+YnhzMfNiH6IVS4d+Tho7l8LrIXkpPH9oheo=
js.cookie.js
xprscript.s3-sa-east-1.amazonaws.com/estension/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xprscript.s3-sa-east-1.amazonaws.com/estension/assets/js/js.cookie.js
Requested by
Host: s3.sa-east-1.amazonaws.com
URL: https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.164.75 São Paulo, Brazil, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-sa-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

Request headers

Referer
https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Dec 2019 01:55:48 GMT
Last-Modified
Mon, 09 Sep 2019 15:35:27 GMT
Server
AmazonS3
x-amz-request-id
138AEA3C091A9F97
ETag
"fa93e8894edb6245ab03883633b12b6e"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3883
x-amz-id-2
j08dL5CojzgKetrE7+GQWukaqiQoKh5f1UMrmfkadfDPgfhwMu90C1Z6ZP8siJ6ZvvoTxDaGIo4=
main.js.download
s3.sa-east-1.amazonaws.com/xprscript/pdfcreator/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.sa-east-1.amazonaws.com/xprscript/pdfcreator/main.js.download
Requested by
Host: s3.sa-east-1.amazonaws.com
URL: https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.163.30 São Paulo, Brazil, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4f924d1dddf9b198f1cc5a6d74e554d4dbf41abfab8179c9531583e52c5576e8

Request headers

Referer
https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Dec 2019 01:55:48 GMT
Last-Modified
Mon, 15 Apr 2019 22:33:59 GMT
Server
AmazonS3
x-amz-request-id
12B26C6418C28B28
ETag
"6030ddc9b83379ecfa884a1308f2132d"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
1042
x-amz-id-2
e0spX+cM2b1TGUQwt569FzJBRuvdP9zP+BimRVu+YF9XWj10c2I7Ke1m0QJ4bHOm+xEDaDQQKU4=
counter.js
www.statcounter.com/counter/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: s3.sa-east-1.amazonaws.com
URL: https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.2.47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6c69a7d6fcc15c0ae9ea9fa00f9829e6fcc0f61f06d33827ad6a9dc9c1a44f

Request headers

Referer
https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 01:55:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Sep 2019 13:52:34 GMT
server
cloudflare
age
20682
etag
W/"5d9208a2-7c88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200
cf-ray
547dfefcab1ed8f5-AMS
expires
Fri, 20 Dec 2019 08:11:05 GMT
t.php
c.statcounter.com/ 		49 B
512 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11628384&java=1&security=2c73652e&u1=A132083776194F9DD81BF796464423FF&sc_rum_f_s=0&sc_rum_f_e=998&sc_rum_e_s=2082&sc_rum_e_e=2087&sc_random=0.9151813717385584&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=http%3A//usd.leontius-eli.com/zcredirect%3Fvisitid%3Dd62bed94-22cb-11ea-9626-12e8bd4fad45%26type%3Djs%26browserWidth%3D1600%26browserHeight%3D1200%26iframeDetected%3Dfalse&u=https%3A//s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html%3Fid%3Dzrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199&t=To%20continue%20please%20click%20%22Next%22&sc_snum=1&sess=3ca678&p=0&invisible=1
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.2.47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://s3.sa-east-1.amazonaws.com/xprscript/Pdf_creator.html?id=zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199
Origin
https://s3.sa-east-1.amazonaws.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 20 Dec 2019 01:55:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
status
200
cf-ray
547dff03ae1bd8f5-AMS
content-type
image/gif
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| url function| Cookies function| showExt function| makeFullScreen object| fullScreenMode number| sc_project number| sc_invisible string| sc_security boolean| sc_new_ad_detection number| sc_rum_start number| sc_width number| sc_height string| sc_referer number| sc_unique number| sc_returning number| sc_returns number| sc_error number| sc_remove number| sc_cls number| sc_inv string| sc_os string| sc_title string| sc_url string| sc_base_dir string| sc_click_dir string| sc_link_back_start string| sc_link_back_end string| sc_security_code string| sc_http_url string| sc_host string| sc_dc string| sc_alt_text string| sc_counter_size number| sc_prerendering string| sc_uuid string| sc_uuid_q string| sc_unique_returning string| sc_sp function| _sc_strip_tags function| _sc_sanitiseTags function| _sc_validateTags function| getTagString function| isValidEventName undefined| _statcounter_pending object| _statcounter number| sc_script_num object| _sc_imgs string| sc_pageview_tag_string number| _sc_project_int object| _sc_epoch_now number| _sc_epoch_days number| _sc_days_elapsed number| _sc_fix_threshold number| _sc_fix_min_threshold boolean| _sc_apply_mar_2017_fixes number| clickstat_done number| clickstat_project string| clickstat_security string| dlext string| ltype string| second object| dl object| lnk object| domsec string| host_name object| host_splitted string| domain string| host_split string| lnklocal_mask object| lnklocal object| anchors object| anchor undefined| original_click undefined| s undefined| bs undefined| head undefined| ps undefined| pe undefined| params undefined| plist undefined| body undefined| insert undefined| final_body undefined| ev_head undefined| ev_params undefined| ev_sep undefined| sc_i undefined| ev_foot undefined| ev_final string| sc_gsyn_pattern string| sc_gsyn_pattern2 undefined| sc_px undefined| sc_py undefined| element_in_focus undefined| time_element_gained_focus undefined| sc_existing function| sc_none function| sc_delay function| sc_clickstat_call function| sc_adsense_click function| sc_adsense_init function| sc_getmouse function| sc_findy function| sc_findx function| sc_exitpage string| sc_doc_loc object| myRE object| sc_date number| sc_time number| sc_time_difference string| cookie_value object| expiration number| sc_call

2 Cookies

Domain/Path Name / Value
.s3.sa-east-1.amazonaws.com/ Name: sc_is_visitor_unique
Value: rx11628384.1576806948.A132083776194F9DD81BF796464423FF.1.1.1.1.1.1.1.1.1
s3.sa-east-1.amazonaws.com/ Name: impression_id
Value: zrd62bed9422cb11ea962612e8bd4fad4589fbe6ded3a14de98fbefc8e50b029cf0435378c90c4afb199