dxcb8dzrobu4c.cloudfront.net Open in urlscan Pro
2600:9000:2190:8a00:1f:eed0:4f00:21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url999.ct.immovlan.be/ls/click?upn=uCksAWkGgdU9U1-2Fj20H0YtAYPB1Jt4Y4YKh-2BsDGKyGmosjcSdTQEYkJ9ulrXH-2Fi0iiWIL6c11MNnx...
Effective URL:
https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=invest20220219&utm_co...
Submission: On February 20 via api (February 20th 2022, 12:30:48 pm UTC) from BE — Scanned from DE

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2600:9000:2190:8a00:1f:eed0:4f00:21, located in United States and belongs to AMAZON-02, US. The main domain is dxcb8dzrobu4c.cloudfront.net.
TLS certificate: Issued by Amazon on March 19th 2021. Valid for: a year.

This is the only time dxcb8dzrobu4c.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9983	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:219... 2600:9000:2190:8a00:1f:eed0:4f00:21	16509 (AMAZON-02) (AMAZON-02)
1	1

1 2a02:26f0:fb::5f64:9983 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

url999.ct.immovlan.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8a00:1f:eed0:4f00:21 (United States)

ASN16509 (AMAZON-02, US)

dxcb8dzrobu4c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	cloudfront.net dxcb8dzrobu4c.cloudfront.net	9 KB
1	immovlan.be 1 redirects url999.ct.immovlan.be — Cisco Umbrella Rank: 970209	475 B
1	2

	Domain	Requested by
1	dxcb8dzrobu4c.cloudfront.net
1	url999.ct.immovlan.be	1 redirects
1	2

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=invest20220219&utm_content=nl&utm_term=investissement
Frame ID: 354D9329D3669EF1EF085F4293FD4C85
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

twinpromotion.jpg (230×127)

Page URL History Show full URLs

https://url999.ct.immovlan.be/ls/click?upn=uCksAWkGgdU9U1-2Fj20H0YtAYPB1Jt4Y4YKh-2BsDGKyGmosjcSdTQEYkJ9ulr... HTTP 302
https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=i... Page URL

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

9 kB
Transfer

9 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url999.ct.immovlan.be/ls/click?upn=uCksAWkGgdU9U1-2Fj20H0YtAYPB1Jt4Y4YKh-2BsDGKyGmosjcSdTQEYkJ9ulrXH-2Fi0iiWIL6c11MNnx3WxYC36oa6vXaOoHL7W4GzNsAgX-2FaHArz1TZRNQ-2F7zjZFH4famzoo8sSoA9ExofuoW-2Bo-2B8IQ9BZXchj-2Bc-2F8TNvwSdtY5vdWFaxH-2BPq6rmkc9IFF0kp0CeVttTAGNaCzGEq7xY1tXnZtqRdP1xOhxFo50dPPs30-3DV9hs_KsSqn7M0MP-2BY-2BolQ-2F1EcXMmnV2vQsb1hJIrcvRz0OvRw-2BiEsbqnST89Xur5VDI-2F90HLVdQCRHK6RVmB3mBZ65bNvD6B9L1SMVJAh5nann4NL-2B9IFDZb-2FheIwxFcliUK4Vi3AKGFB4Pzs-2FKWY7i1ImvAKfe-2BBCRPnkpl-2BPhxtrD6-2FTL9ei8A6irDYBUU2t1tT8iR3gcn-2BNH5nzQDzaAMItkLqV-2BOmVNTEhqq4m-2B1TEsuexiWbVMAWx0WN720DMd4B3WGKivg8d5n747989iqT6UpGkMcWJBkdmRyov5viU-2BIIcRUaR8fdudY-2FbhvGBAfziuvpINSH2-2BR6aYT7QoUZLPDArultXmq3Y2LXKdXPmvibU35ClqLqxXNniEH0q6nt53ungADQBrQHo0lxRYwlXA-3D-3D HTTP 302
https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=invest20220219&utm_content=nl&utm_term=investissement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request twinpromotion.jpg Show response dxcb8dzrobu4c.cloudfront.net/7035/ Redirect Chain https://url999.ct.immovlan.be/ls/click?upn=uCksAWkGgdU9U1-2Fj20H0YtAYPB1Jt4Y4YKh-2BsDGKyGmosjcSdTQEYkJ9ulrXH-2Fi0iiWIL6c11MNnx3WxYC36oa6vXaOoHL7W4GzNsAgX-2FaHArz1TZRNQ-2F7zjZFH4famzoo8sSoA9ExofuoW-... https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=invest20220219&utm_content=nl&utm_term=investissement	9 KB 9 KB	102ms 27ms	Document image/jpeg	2600:9000:2190:8a00:1f:eed0:4f00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=invest20220219&utm_content=nl&utm_term=investissement Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8a00:1f:eed0:4f00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `64ff83151dedf7f1e039ec72d7a7188f917226b641feb46909cd019af7e28eea` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type image/jpeg content-length 9113 date Fri, 18 Feb 2022 08:17:17 GMT last-modified Thu, 17 Feb 2022 14:23:07 GMT etag "10acbb290cebcdd295a19878df5148d5" cache-control max-age=604800 accept-ranges bytes server AmazonS3 x-cache Hit from cloudfront via 1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id z7Ap1bXjZk7pfAT5tWao7jPpkc3XrtrwCgdP9AydmCvDMbO96FSogw== age 188008 Redirect headers Server nginx Content-Type text/html; charset=utf-8 Content-Length 204 Location https://dxcb8dzrobu4c.cloudfront.net/7035/twinpromotion.jpg?utm_source=newsletter&utm_medium=email&utm_campaign=invest20220219&utm_content=nl&utm_term=investissement X-Robots-Tag noindex, nofollow Expires Sun, 20 Feb 2022 12:30:44 GMT Cache-Control max-age=0, no-cache Pragma no-cache Date Sun, 20 Feb 2022 12:30:44 GMT Connection keep-alive

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dxcb8dzrobu4c.cloudfront.net
url999.ct.immovlan.be
2600:9000:2190:8a00:1f:eed0:4f00:21
2a02:26f0:fb::5f64:9983
64ff83151dedf7f1e039ec72d7a7188f917226b641feb46909cd019af7e28eea

dxcb8dzrobu4c.cloudfront.net Open in urlscan Pro 2600:9000:2190:8a00:1f:eed0:4f00:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

1 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

9 kBTransfer

9 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

dxcb8dzrobu4c.cloudfront.net Open in urlscan Pro
2600:9000:2190:8a00:1f:eed0:4f00:21 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

9 kB
Transfer

9 kB
Size

0
Cookies

1 HTTP transactions
0 data transactions