d38rqs2egh08o4.cloudfront.net Open in urlscan Pro
13.224.89.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Submission: On August 03 via manual (August 3rd 2021, 11:42:04 am UTC) from NO

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 13.224.89.25, located in United States and belongs to AMAZON-02, US. The main domain is d38rqs2egh08o4.cloudfront.net.
TLS certificate: Issued by Amazon on March 19th 2021. Valid for: a year.

This is the only time d38rqs2egh08o4.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.224.89.25 13.224.89.25	16509 (AMAZON-02) (AMAZON-02)
5	173.212.254.245 173.212.254.245	51167 (CONTABO) (CONTABO)
1	51.91.224.95 51.91.224.95	16276 (OVH) (OVH)
8	3

2 13.224.89.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-25.zrh50.r.cloudfront.net

d38rqs2egh08o4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 173.212.254.245 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: wam.no

elektrisk-sparkesykkel.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.91.224.95 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	elektrisk-sparkesykkel.no elektrisk-sparkesykkel.no	967 KB
2	cloudfront.net d38rqs2egh08o4.cloudfront.net	5 KB
1	postimg.cc i.postimg.cc	137 KB
8	3

	Domain	Requested by
5	elektrisk-sparkesykkel.no	d38rqs2egh08o4.cloudfront.net
2	d38rqs2egh08o4.cloudfront.net	d38rqs2egh08o4.cloudfront.net
1	i.postimg.cc	d38rqs2egh08o4.cloudfront.net
8	3

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
elektrisk-sparkesykkel.no R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
postimg.cc R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Frame ID: D86CDAB1650778B921486424E84F1D2C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1109 kB
Transfer

1128 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pjafdWfave_jtKWJ Show response
d38rqs2egh08o4.cloudfront.net/browser_preview/ 25 KB
4 KB 138ms
48ms Document
text/html 13.224.89.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-25.zrh50.r.cloudfront.net

Software

cloudflare /

Resource Hash

3b7b40d6b1a2686fa22e9303be62405b47d7aa855c948a860c25766bbd86bcee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: d38rqs2egh08o4.cloudfront.net
:scheme: https
:path: /browser_preview/pjafdWfave_jtKWJ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 03 Aug 2021 11:25:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 03 Aug 2021 11:25:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ND%2BsqWsaq2mWpAFfBQWVIs7nxBvrHBatFewYF87a2UJeXlaE%2FQ%2FahdmNCrlaVbMOiLPD8WY0Nho9clkrUYML3FRKEjI2IiiEFsrmdriXHUVvY%2BrJC6Up1BHe%2F4NsDetd3wA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 678f2fd1fb121f3d-FRA
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ddqHEnrDJwzQdsMzYVjI0QY9E3Lx5cE9kwHap86wRKgIq_iD3KQnLg==
age: 964

GET
H2 200 pjafdWfave_jtKWJ
d38rqs2egh08o4.cloudfront.net/email_open/ 43 B
1 KB 133ms
132ms Image
image/gif 13.224.89.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38rqs2egh08o4.cloudfront.net/email_open/pjafdWfave_jtKWJ

Requested by

Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-25.zrh50.r.cloudfront.net

Software

cloudflare /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

:path: /email_open/pjafdWfave_jtKWJ
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d38rqs2egh08o4.cloudfront.net
referer: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 11:41:47 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-methods: GET, POST, OPTIONS
content-length: 43
pragma: no-cache
last-modified: Tue, 03 Aug 2021 11:41:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luLxzq29FL5USVEgb6uKdcGqGQvTFdHSTDmmx%2FJ6o6Z9oYqJVeH68res8418cY5CXmf5UTq7QStJMDKw3OWsE2FYoQgkf8thQQmyoj7Z8%2FNyJlZ%2B%2BkBRxTXkzmGsklj9TUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 678f4760deff4e26-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NAMX8OdQPi-g1ubFU5eYRnYShg04oPNVAqrxGcQb9QUp58nRAWPOxg==
expires: Mon, 03 Aug 2020 11:41:47 GMT

GET
H/1.1 200
OK 0001b.png
elektrisk-sparkesykkel.no/img/ 233 KB
233 KB 149ms
54ms Image
image/png 173.212.254.245
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elektrisk-sparkesykkel.no/img/0001b.png
Requested by: Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.254.245 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: wam.no
Software: nginx /
Resource Hash: aff509a27e6f009fc2ac0efbd92516a1fc6ebbca1f8aaa8029e1a8e59c5920d0

Request headers

Referer: https://d38rqs2egh08o4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 11:41:47 GMT
Last-Modified: Thu, 29 Oct 2020 22:23:57 GMT
Server: nginx
ETag: "5f9b40fd-3a362"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 238434
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 0002.jpg
elektrisk-sparkesykkel.no/img/ 29 KB
30 KB 149ms
52ms Image
image/jpeg 173.212.254.245
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elektrisk-sparkesykkel.no/img/0002.jpg
Requested by: Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.254.245 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: wam.no
Software: nginx /
Resource Hash: 3310bd0f59069aa7ede974522948958f8901f1fe2634a2b169fd5e670a36fdd9

Request headers

Referer: https://d38rqs2egh08o4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 11:41:47 GMT
Last-Modified: Wed, 09 Sep 2020 08:25:21 GMT
Server: nginx
ETag: "5f589171-74ee"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 29934
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0003b.png
i.postimg.cc/c4JYMqhZ/ 137 KB
137 KB 116ms
41ms Image
image/png 51.91.224.95
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/c4JYMqhZ/0003b.png
Requested by: Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.91.224.95 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: e1e2b217dd2e79b8c87bccfd32af86b09fd9ba0c46b43449f91715a47791fb57

Request headers

Referer: https://d38rqs2egh08o4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 11:41:47 GMT
last-modified: Thu, 28 Jan 2021 20:21:36 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 139985
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 0004.jpg
elektrisk-sparkesykkel.no/img/ 80 KB
81 KB 151ms
52ms Image
image/jpeg 173.212.254.245
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elektrisk-sparkesykkel.no/img/0004.jpg
Requested by: Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.254.245 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: wam.no
Software: nginx /
Resource Hash: 6936d0058017ca87ea4fa532adf06a1b09b755d42c49ee2605769acdcf84f243

Request headers

Referer: https://d38rqs2egh08o4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 11:41:47 GMT
Last-Modified: Wed, 09 Sep 2020 08:27:20 GMT
Server: nginx
ETag: "5f5891e8-1417f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 82303
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 0005a.png
elektrisk-sparkesykkel.no/img/ 283 KB
283 KB 154ms
52ms Image
image/png 173.212.254.245
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elektrisk-sparkesykkel.no/img/0005a.png
Requested by: Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.254.245 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: wam.no
Software: nginx /
Resource Hash: c15c7858f2f8452460bbf84c24b6424650c4a8c994489a8b84c5d917e4cbf55e

Request headers

Referer: https://d38rqs2egh08o4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 11:41:47 GMT
Last-Modified: Thu, 29 Oct 2020 18:57:02 GMT
Server: nginx
ETag: "5f9b107e-46a31"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 289329
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 0006a.png
elektrisk-sparkesykkel.no/img/ 341 KB
341 KB 171ms
51ms Image
image/png 173.212.254.245
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elektrisk-sparkesykkel.no/img/0006a.png
Requested by: Host: d38rqs2egh08o4.cloudfront.net
URL: https://d38rqs2egh08o4.cloudfront.net/browser_preview/pjafdWfave_jtKWJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.254.245 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: wam.no
Software: nginx /
Resource Hash: ec3383ef028060da89919354953e8b494747f69220c7e5bdc084bd5921e29a10

Request headers

Referer: https://d38rqs2egh08o4.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 11:41:47 GMT
Last-Modified: Thu, 29 Oct 2020 18:59:41 GMT
Server: nginx
ETag: "5f9b111d-552da"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 348890
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d38rqs2egh08o4.cloudfront.net
elektrisk-sparkesykkel.no
i.postimg.cc
13.224.89.25
173.212.254.245
51.91.224.95
3310bd0f59069aa7ede974522948958f8901f1fe2634a2b169fd5e670a36fdd9
3b7b40d6b1a2686fa22e9303be62405b47d7aa855c948a860c25766bbd86bcee
6936d0058017ca87ea4fa532adf06a1b09b755d42c49ee2605769acdcf84f243
aff509a27e6f009fc2ac0efbd92516a1fc6ebbca1f8aaa8029e1a8e59c5920d0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c15c7858f2f8452460bbf84c24b6424650c4a8c994489a8b84c5d917e4cbf55e
e1e2b217dd2e79b8c87bccfd32af86b09fd9ba0c46b43449f91715a47791fb57
ec3383ef028060da89919354953e8b494747f69220c7e5bdc084bd5921e29a10

d38rqs2egh08o4.cloudfront.net Open in urlscan Pro 13.224.89.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

1109 kBTransfer

1128 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

d38rqs2egh08o4.cloudfront.net Open in urlscan Pro
13.224.89.25 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1109 kB
Transfer

1128 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions