blocksattacks-7njm2.pagemaker.link Open in urlscan Pro
72.44.39.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft
Submission Tags: falconsandbox
Submission: On January 08 via api (January 8th 2024, 4:07:31 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 72.44.39.62, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is blocksattacks-7njm2.pagemaker.link.
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.

This is the only time blocksattacks-7njm2.pagemaker.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	72.44.39.62 72.44.39.62	14618 (AMAZON-AES) (AMAZON-AES)
3	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1 2	2606:4700:10:... 2606:4700:10::ac43:2910	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.92.203.182 54.92.203.182	14618 (AMAZON-AES) (AMAZON-AES)
10	5

2 72.44.39.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-39-62.compute-1.amazonaws.com

blocksattacks-7njm2.pagemaker.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pagemaker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

pagemaker.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2910 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.203.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-203-182.compute-1.amazonaws.com

analytics.pagemaker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	pagemaker.io api.pagemaker.io analytics.pagemaker.io	23 KB
3	b-cdn.net pagemaker.b-cdn.net	8 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	24 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 57927	112 KB
1	pagemaker.link blocksattacks-7njm2.pagemaker.link	9 KB
10	5

	Domain	Requested by
3	pagemaker.b-cdn.net	blocksattacks-7njm2.pagemaker.link pagemaker.b-cdn.net
2	analytics.pagemaker.io	blocksattacks-7njm2.pagemaker.link analytics.pagemaker.io
2	cdn.jsdelivr.net	blocksattacks-7njm2.pagemaker.link
2	cdn.tailwindcss.com	1 redirects blocksattacks-7njm2.pagemaker.link
1	api.pagemaker.io	cdn.jsdelivr.net
1	blocksattacks-7njm2.pagemaker.link
10	6

This site contains no links.

Subject Issuer	Validity	Valid
pagemaker.link R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
api.pagemaker.io R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
analytics.pagemaker.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft
Frame ID: 641B325E55C0748ACCADC2A7873D53F5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

10
Requests

90 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

175 kB
Transfer

564 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.tailwindcss.com/?plugins=forms,aspect-ratio&v=1 HTTP 302
https://cdn.tailwindcss.com/3.4.1?plugins=forms@0.5.7,aspect-ratio@0.4.2

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request destra-capital-investments-llc Show response
blocksattacks-7njm2.pagemaker.link/ 22 KB
9 KB 827ms
459ms Document
text/html 72.44.39.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

72.44.39.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-72-44-39-62.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5c3580a9d2735469163febe4476565a175519ad88b9b8fdd2a36a95864778050

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-security-policy: frame-ancestors https://*.myshopify.com https://admin.shopify.com
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 16:07:27 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.css
pagemaker.b-cdn.net/segments/1.4.4/ 1 KB
1 KB 59ms
21ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://pagemaker.b-cdn.net/segments/1.4.4/style.css
Requested by: Host: blocksattacks-7njm2.pagemaker.link
URL: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: cc28958a393a49b97690c79bfb2cd2ff50730a7378e32d1d99c22e8a9aef5ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:27 GMT
content-encoding: br
x-amz-version-id: q8egSqt8pk7bRzp5pMXd7J4eSvIJPo2n
cdn-edgestorageid: 1081
x-amz-request-id: KEDA68B1E5HTNVVB
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/22/2023 11:58:54
cdn-pullzone: 422767
x-amz-id-2: gaH5JKKofIJIY6cXngsZeMTCgYYY9ff2HU9ObyUV/9dw0eiUjmtNtPxXshDXRsEhnQNiIg68KdE=
last-modified: Thu, 02 Nov 2023 11:50:19 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"c353453c5f765a371ec48ec3d1c02f90"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: cd72d419-4433-4887-ba7b-e859b9141d18
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 61903c21474ceaa3307ec20301294d62
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

3.4.1 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/?plugins=forms,aspect-ratio&v=1
https://cdn.tailwindcss.com/3.4.1?plugins=forms@0.5.7,aspect-ratio@0.4.2

370 KB
112 KB

15ms
15ms

Script
text/javascript

2606:4700:10::ac43:2910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.1?plugins=forms@0.5.7,aspect-ratio@0.4.2

Requested by

Host: blocksattacks-7njm2.pagemaker.link
URL: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft

Protocol

Server

2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a5ebeaa393fd0e265200f94c6678abf73882fd422aa742274a5d1daa8d3e46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:27 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
last-modified: Fri, 05 Jan 2024 21:09:25 GMT
x-vercel-id: cle1::iad1::mssfs-1704488965006-382683db4847
cf-cache-status: HIT
age: 81494
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8425b18cfd2165aa-FRA

Redirect headers

date: Mon, 08 Jan 2024 16:07:27 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-vercel-id: cle1::iad1::rtzp5-1704729879263-119e4723e3c0
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
location: /3.4.1?plugins=forms@0.5.7,aspect-ratio@0.4.2
cache-control: max-age=14400
cf-ray: 8425b18bebd765aa-FRA
content-length: 0

GET
H2 200 tailwind-cdn.js Show response
cdn.jsdelivr.net/npm/@pagemaker.io/tailwind@1.2.0/dist/ 29 KB
6 KB 164ms
147ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@pagemaker.io/tailwind@1.2.0/dist/tailwind-cdn.js?env=production&v=1&template_id=87698

Requested by

Host: blocksattacks-7njm2.pagemaker.link
URL: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56362a50646f6074fc0e605ab540847276e23d8c39f3c913d3ef0e0a4c16d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: 1.2.0
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220066-FRA, cache-lga21957-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"7371-6pT9+1Wqi+CCSnwrA3KP30NccmQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1hEv64NxFZ8F%2FD%2FNRz%2BS351CRdTHpWU3AxqzzsEse0HsXEbySFnFnXXCzcVFkM1SKFReeOhDByUHsk%2BpvBi6VVZAbTlGBhMG8R%2B%2F4MuZralYJhCuJL3u4KgXNmsbrj1oKjmzWHOm55Gl6fEKlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8425b18beb411913-FRA

GET
H2 200 376x58.png
pagemaker.b-cdn.net/media/55408/ 4 KB
5 KB 97ms
60ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagemaker.b-cdn.net/media/55408/376x58.png
Requested by: Host: blocksattacks-7njm2.pagemaker.link
URL: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 291d57097c799f61eb715ab42d0787c4929dc341ec4a191a570e4438a2c64d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:27 GMT
x-amz-version-id: ZRSmjNhP8G0LyeVmENnpRfn5OwTlIsJt
cdn-edgestorageid: 1082
x-amz-request-id: 9K4K6QYGGABDSP8A
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/13/2023 08:02:19
cdn-pullzone: 422767
content-length: 4401
x-amz-id-2: JQ+3gdCW6X3NiP/7+/uQ8c9cOTbaBd+OjoWlZ8MsBkv4Wqs9FuT2Sr833yaSc7jF8Eee1Hp4w08DxS24+lP8Xg==
last-modified: Mon, 29 Aug 2022 09:43:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "40cea14edaaed99761ff4a99ae54e4a0"
content-type: image/png
cdn-cache: HIT
cdn-uid: cd72d419-4433-4887-ba7b-e859b9141d18
cache-control: public, max-age=31536000
cdn-requestid: 11163d8681208ef61b5bda3f4a2fe4d5
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.js Show response
cdn.jsdelivr.net/npm/@pagemaker.io/plugins@6.1.1/dist/ 47 KB
18 KB 36ms
19ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@pagemaker.io/plugins@6.1.1/dist/all.js

Requested by

Host: blocksattacks-7njm2.pagemaker.link
URL: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c003743ce08a9ff1ae36033475eb0beec0a04a00679b132affe1530706f6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3402233
x-jsd-version: 6.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"bddf-+e+U+rtgRlLt+o7sjDRxUn9NsOA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUkGGh5Xnw1jOW0kPnyQ%2FHr3fmk6Rl607cTIudkuv%2FwEQxpz7cBEWKnMHCxUX5sggYzHFoUlTEDNkxwMAgNZV0st4vlnx6xZ9J7BOF7bDoLFHB9i3ERiCf8PFxa63D4khxipwPkd9Dn1CN4qpl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8425b18beb451913-FRA

GET
H2 200 meta Show response
api.pagemaker.io/api/v1/templates/87698/ 9 KB
2 KB 648ms
421ms Fetch
application/json 72.44.39.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pagemaker.io/api/v1/templates/87698/meta

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@pagemaker.io/tailwind@1.2.0/dist/tailwind-cdn.js?env=production&v=1&template_id=87698

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

72.44.39.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-72-44-39-62.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5d92f78301a035a31063e5dd60e9871eb09e28e6930ea3240e6ab16cd4396f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
x-ratelimit-remaining: 49999
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 50000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
analytics.pagemaker.io/ 62 KB
21 KB 317ms
93ms Script
application/javascript 54.92.203.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pagemaker.io/matomo.js
Requested by: Host: blocksattacks-7njm2.pagemaker.link
URL: https://blocksattacks-7njm2.pagemaker.link/destra-capital-investments-llc?draft
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.92.203.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-203-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blocksattacks-7njm2.pagemaker.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Mon, 08 Jan 2024 16:07:27 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 07:52:43 GMT
server: nginx
etag: W/"61cc13cb-f93c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Mon, 08 Jan 2024 17:07:27 GMT

GET
H2 200 default.svg
pagemaker.b-cdn.net/media/55429/ 19 KB
2 KB 14ms
14ms Image
image/svg+xml 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagemaker.b-cdn.net/media/55429/default.svg
Requested by: Host: pagemaker.b-cdn.net
URL: https://pagemaker.b-cdn.net/segments/1.4.4/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 4a6f657d5588a4ceff4e61cc7622f42ffde6897f264dc84ff9c93ad0900f3ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagemaker.b-cdn.net/segments/1.4.4/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:07:27 GMT
x-amz-version-id: 6y6bPbzazfvsTsVJuEwrpEXQWZ3IplK7
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 4XVH9F2APKSSF1EN
x-amz-server-side-encryption: AES256
cdn-cachedat: 07/28/2023 20:31:24
cdn-pullzone: 422767
x-amz-id-2: iglixGsPBMUsDOvFV7n5pBx6XL9gfr0EEbaMl4PLp9uUgyliRpeZlyohMQeM9T8TtwzCOO8xEjEggmw7YERvpg==
last-modified: Mon, 29 Aug 2022 12:09:05 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1e668dce04b5b16463f6a4e1ff862ff7"
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: cd72d419-4433-4887-ba7b-e859b9141d18
cache-control: public, max-age=31536000
cdn-requestid: c9d8f40a1e509b6423346da6a4bea6e4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 matomo.php
analytics.pagemaker.io/ 0
192 B 157ms
157ms Ping
text/plain 54.92.203.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.pagemaker.io/matomo.php?action_name=&idsite=16575&rec=1&r=439797&h=17&m=7&s=27&url=https%3A%2F%2Fblocksattacks-7njm2.pagemaker.link%2Fdestra-capital-investments-llc%3Fdraft&_id=00f900be0cce99a0&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Rc7bQO&pf_net=368&pf_srv=459&pf_tfr=2&pf_dm1=317

Requested by

Host: analytics.pagemaker.io
URL: https://analytics.pagemaker.io/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.92.203.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-92-203-182.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blocksattacks-7njm2.pagemaker.link/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://blocksattacks-7njm2.pagemaker.link
date: Mon, 08 Jan 2024 16:07:28 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blocksattacks-7njm2.pagemaker.link/	1970-01-20 17:32:17	Name: XSRF-TOKEN Value: eyJpdiI6InBwdlJicS93WVllL3VLbXA4UTRGNEE9PSIsInZhbHVlIjoiUFFTazMxd1Z2RURSKzIyYVJLOHN5NXlPU1dnL1BXRmZYRkE5cHVyN1RUUGgyT042Q1JaTlEyM1F4Q0YzVFdqMGE5d3RmR2ZNN0o3d1FoZWdENHdyV0cvZHJyWVpoUUxDekhVRmRTVTJNWUhRZWlMckJsZ0FjRUxFOXpzeWRYU0EiLCJtYWMiOiJlZjE1ZjdhYzI5NzhjMGE2N2YwZTNmZjViNzE0MjM1NmZiYzM1NzkxMzQxYWRlNTFkNWVmZWI2NGJiMzI4MjNhIiwidGFnIjoiIn0%3D
blocksattacks-7njm2.pagemaker.link/	1970-01-20 17:32:17	Name: pmSession Value: eyJpdiI6IjZVZjhnUDQwWDJTUTVmNDVkdW91S3c9PSIsInZhbHVlIjoidzEzdUtobnA4MVBWVTNqWk9MeGRqRENvT2U3eXFZQ2pxMHo0b2gzeXFUa1IvV1Z6WS93WDk4YjVyZG9ockVSUjJMVnVHWFVZcm1iQXNpREtlb2liMDEreGlNRTExUXdWUHVJbTdSY25kVkNGdkliRWY0bjlJem1KODJ4TEdZV2wiLCJtYWMiOiI0N2Y1MzczMzk0NTYyYmQxOWZmNTYyODQ1MTQwMGQyNzM2NjRiMTI0NjYwN2E3NzNmMTQ1OGU4OGVhOGY0NmY4IiwidGFnIjoiIn0%3D
blocksattacks-7njm2.pagemaker.link/	1969-12-31 23:59:59	Name: campaign_hash Value: 218gj
blocksattacks-7njm2.pagemaker.link/	1970-01-21 02:58:05	Name: _pk_id.16575.e4ae Value: 00f900be0cce99a0.1704730048.
blocksattacks-7njm2.pagemaker.link/	1970-01-20 17:32:11	Name: _pk_ses.16575.e4ae Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://*.myshopify.com https://admin.shopify.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pagemaker.io
api.pagemaker.io
blocksattacks-7njm2.pagemaker.link
cdn.jsdelivr.net
cdn.tailwindcss.com
pagemaker.b-cdn.net
2400:52e0:1e00::1080:1
2606:4700:10::ac43:2910
2606:4700::6810:5914
54.92.203.182
72.44.39.62
291d57097c799f61eb715ab42d0787c4929dc341ec4a191a570e4438a2c64d06
40c003743ce08a9ff1ae36033475eb0beec0a04a00679b132affe1530706f6c0
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b
4a6f657d5588a4ceff4e61cc7622f42ffde6897f264dc84ff9c93ad0900f3ead
5c3580a9d2735469163febe4476565a175519ad88b9b8fdd2a36a95864778050
5d92f78301a035a31063e5dd60e9871eb09e28e6930ea3240e6ab16cd4396f27
7a5ebeaa393fd0e265200f94c6678abf73882fd422aa742274a5d1daa8d3e46c
cc28958a393a49b97690c79bfb2cd2ff50730a7378e32d1d99c22e8a9aef5ddb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f56362a50646f6074fc0e605ab540847276e23d8c39f3c913d3ef0e0a4c16d64

blocksattacks-7njm2.pagemaker.link Open in urlscan Pro 72.44.39.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

175 kBTransfer

564 kBSize

5 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

blocksattacks-7njm2.pagemaker.link Open in urlscan Pro
72.44.39.62 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

175 kB
Transfer

564 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions