Submitted URL: https://postcardsr.us/
Effective URL: https://postcardsrus.dcpromosite.com/
Submission: On September 22 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 25 HTTP transactions. The main IP is 54.82.114.126, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is postcardsrus.dcpromosite.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 25th 2023. Valid for: a year.
This is the only time postcardsrus.dcpromosite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
3 54.82.114.126 14618 (AMAZON-AES)
7 18.238.55.112 16509 (AMAZON-02)
3 18.164.96.17 16509 (AMAZON-02)
1 1 18.173.219.101 16509 (AMAZON-02)
4 108.138.128.108 16509 (AMAZON-02)
2 18.173.132.10 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:28b... 16509 (AMAZON-02)
1 2606:2800:220... 15133 (EDGECAST)
3 2607:f8b0:400... 15169 (GOOGLE)
25 9
Apex Domain
Subdomains
Transfer
12 distributorcentral.com
static.distributorcentral.com — Cisco Umbrella Rank: 526152
cdn.distributorcentral.com — Cisco Umbrella Rank: 618783
s3.distributorcentral.com — Cisco Umbrella Rank: 461268
3 MB
5 awswaf.com
24eb733536d3.us-east-1.sdk.awswaf.com — Cisco Umbrella Rank: 826571
24eb733536d3.65ee4812.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 319278
289 KB
3 gstatic.com
fonts.gstatic.com
69 KB
3 dcpromosite.com
postcardsrus.dcpromosite.com
10 KB
1 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 4605
334 B
1 raygun.io
cdn.raygun.io — Cisco Umbrella Rank: 12906
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
849 B
1 postcardsr.us
postcardsr.us
312 B
25 8
Domain Requested by
7 static.distributorcentral.com postcardsrus.dcpromosite.com
static.distributorcentral.com
4 24eb733536d3.65ee4812.us-east-1.token.awswaf.com postcardsrus.dcpromosite.com
cdn.raygun.io
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.distributorcentral.com postcardsrus.dcpromosite.com
cdn.distributorcentral.com
3 postcardsrus.dcpromosite.com cdn.raygun.io
2 s3.distributorcentral.com postcardsrus.dcpromosite.com
1 cdn.syndication.twimg.com postcardsrus.dcpromosite.com
1 cdn.raygun.io postcardsrus.dcpromosite.com
1 fonts.googleapis.com cdn.distributorcentral.com
1 24eb733536d3.us-east-1.sdk.awswaf.com 1 redirects
1 postcardsr.us 1 redirects
25 11

This site contains links to these domains. Also see Links.

Domain
secure.distributorcentral.com
www.facebook.com
www.linkedin.com
www.twitter.com
www.instagram.com
Subject Issuer Validity Valid
*.distributorcentral.com
Amazon RSA 2048 M03
2023-12-25 -
2025-01-21
a year crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.raygun.io
Amazon RSA 2048 M02
2024-08-11 -
2025-09-09
a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-08 -
2025-07-07
a year crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.65ee4812.us-east-1.token.awswaf.com
Amazon RSA 2048 M03
2024-05-04 -
2025-06-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://postcardsrus.dcpromosite.com/
Frame ID: F9D3B90723368FC03A6BFB4CE3A6F15A
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Home | PostCardsRus

Page URL History Show full URLs

  1. https://postcardsr.us/ HTTP 301
    https://postcardsrus.dcpromosite.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Page Statistics

25
Requests

96 %
HTTPS

36 %
IPv6

8
Domains

11
Subdomains

9
IPs

1
Countries

3500 kB
Transfer

5793 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://postcardsr.us/ HTTP 301
    https://postcardsrus.dcpromosite.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://24eb733536d3.us-east-1.sdk.awswaf.com/24eb733536d3/207c65799ad5/challenge.js HTTP 307
  • https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/challenge.js

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
postcardsrus.dcpromosite.com/
Redirect Chain
  • https://postcardsr.us/
  • https://postcardsrus.dcpromosite.com/
26 KB
9 KB
Document
General
Full URL
https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.114.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-114-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3c131291e556c57f170b24ee78aeebc1611cefa6db0e0523adcaa323a942de48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 22 Sep 2024 09:59:10 GMT
expires
Sun, 22 Sep 2024 09:59:09 GMT
server
nginx
x-backend-server
ip-10-0-0-8.ec2.internal
x-config-version
30006
x-country
US

Redirect headers

Connection
close
Content-Length
71
Content-Type
text/html; charset=utf-8
Date
Sun, 22 Sep 2024 09:59:10 GMT
Location
https://postcardsrus.dcpromosite.com
Server
ip-10-123-124-34.ec2.internal
Vary
Accept-Encoding
X-Request-Id
e6f1a9cc-6fe5-46c7-a4d7-3ed7290c6aa2
font-awesome.min.css
static.distributorcentral.com/prod/vendor/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://static.distributorcentral.com/prod/vendor/font-awesome/css/font-awesome.min.css?_=1726599039382
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
.oQorddTyXREAl9WUV0SsKHCpLmXCJbR
etag
W/"269550530cc127b6aa5a35925a7de6ce"
age
77286
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
R9KvDNvXIe0bV28CYxtrAM8wQVeKQMnrNF3zcMZisrQwDi8oAC68fw==
date
Sat, 21 Sep 2024 12:31:05 GMT
content-type
text/css
last-modified
Mon, 22 Apr 2024 20:42:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
websites.concat.min.css
static.distributorcentral.com/prod/websites/css/
69 KB
13 KB
Stylesheet
General
Full URL
https://static.distributorcentral.com/prod/websites/css/websites.concat.min.css?_=1726599039382
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d915451826db0f2e3c227d41532b325097e1f1661c178853fd5f4cf9b30baa2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
vFa4K6VqHeHCXmoGrzu0y2xftsrgvsDS
etag
W/"dbeb5585b0562b0ae3c0a80553d463e9"
age
77286
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cG3bbj6-iN4lgbnsEbJsT_YDYh--dZTMCdGYXKLpewQZzmm4HK2CFg==
date
Sat, 21 Sep 2024 12:31:05 GMT
content-type
text/css
last-modified
Mon, 24 Oct 2022 14:49:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
styles.css
cdn.distributorcentral.com/w/postcardsrus/s/D89DCC59-AEE2-4BD8-AC0B-D167A92A736D/
151 KB
22 KB
Stylesheet
General
Full URL
https://cdn.distributorcentral.com/w/postcardsrus/s/D89DCC59-AEE2-4BD8-AC0B-D167A92A736D/styles.css?_=1726936894
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-17.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
67cd8f3155ae3d60d53f0024ba2c517c12b1102716f56406055252d1f5868185

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
Connection
keep-alive
Via
1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
Expires
Sun, 22 Sep 2024 09:59:09 GMT
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
VRJnc5AMsMol6QYYgLfpRbw4gcI-pOWENBA_JI-I4wCjCUFGkngz-g==
Date
Sun, 22 Sep 2024 09:59:10 GMT
Content-Type
text/css;charset=UTF-8
X-Amz-Cf-Pop
JFK50-P5
Server
nginx
challenge.js
24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/
Redirect Chain
  • https://24eb733536d3.us-east-1.sdk.awswaf.com/24eb733536d3/207c65799ad5/challenge.js
  • https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/challenge.js
1 MB
286 KB
Script
General
Full URL
https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/challenge.js
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Server
108.138.128.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
8e1745d23a20016959585598dc1a57b595d6068ca75969b0b8ef12ea780135b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

x-amz-cf-pop
JFK50-P4
cache-control
private, max-age=86400, stale-while-revalidate=604800
content-encoding
gzip
pragma
no-cache
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-66efea6e-143cec1a46f60a354c33fdf7
x-cache
Miss from cloudfront
x-amz-cf-id
tBq3lMuMCcSd7NXsmQAq05XQedSan82SlM1PaFHuRZY4Q9hyKavRIg==
date
Sun, 22 Sep 2024 09:59:10 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Sun, 22 Sep 2024 09:59:10 +0000

Redirect headers

access-control-max-age
86400
cache-control
max-age=86400
location
https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/challenge.js
access-control-allow-methods
*
via
1.1 13d659985661cdf8f3c57901ab225276.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
0
x-amz-cf-id
kgmZfG02hmBRghDTBg_PN3dIXrLzzYCOufVK7fqnvvrL0FmKWL8U2g==
date
Sun, 22 Sep 2024 09:59:10 GMT
x-amz-cf-pop
JFK52-P1
server
CloudFront
access-control-allow-headers
*
websites.concat.min.js
static.distributorcentral.com/prod/websites/js/
492 KB
146 KB
Script
General
Full URL
https://static.distributorcentral.com/prod/websites/js/websites.concat.min.js?_=1726599039382
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5638ffd56be2b221147279272a20cfcffcbd188989ba6b1fc9f0b26850124bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
pgfuXK8GnfYWxNNqPROfTp7FWTOotiZS
etag
W/"d1ccc24d7af17f35286d9217555f91fc"
age
78555
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
iqibM2xYdvqu06ssavhju6m6mjeCVtEWpsi7VNiHLTBzNymQVAp8tQ==
date
Sat, 21 Sep 2024 12:09:56 GMT
content-type
application/javascript
last-modified
Mon, 24 Oct 2022 14:49:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
748A88553FC09BC0F6D2E22BD5FCB9D7.png
s3.distributorcentral.com/uploads/7/4/
10 KB
10 KB
Image
General
Full URL
https://s3.distributorcentral.com/uploads/7/4/748A88553FC09BC0F6D2E22BD5FCB9D7.png
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56f9153098e980f86824714b6247caef59aff32d7a50695bd2bd1d67b402fb4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

access-control-max-age
3000
etag
"748a88553fc09bc0f6d2e22bd5fcb9d7"
x-amz-version-id
Bd6Ltt7gWUvt2UZZUlPxREtUiPLh6orM
access-control-allow-methods
GET, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
poYtU9Cs9-v44PNrSdgDdIZM-wS_Q8yLzjvre--U5ZEDI5EZ0lqlFg==
date
Sun, 22 Sep 2024 09:59:11 GMT
content-type
image/png
vary
Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sat, 21 Sep 2024 21:23:43 GMT
x-amz-replication-status
COMPLETED
via
1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
9878
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
2216B7F52F682D77EF21E4EA05BE3362.png
s3.distributorcentral.com/uploads/2/2/
2 MB
2 MB
Image
General
Full URL
https://s3.distributorcentral.com/uploads/2/2/2216B7F52F682D77EF21E4EA05BE3362.png
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-10.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01c1ae213c2859ac4f90dd3d3c397b306644047910d627210f0fc69273bbb17d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

access-control-max-age
3000
etag
"2216b7f52f682d77ef21e4ea05be3362"
x-amz-version-id
2uCF4M5XxrhLauSiCqeB2ByCpMvj7VeJ
access-control-allow-methods
GET, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
xMrzDOffn0WLEaUM9HbC81ZtLWtSvdNVloRmfVN_xQnWkOUNJ-cJAw==
date
Sun, 22 Sep 2024 09:59:11 GMT
content-type
image/png
vary
Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Sat, 21 Sep 2024 21:30:49 GMT
x-amz-replication-status
COMPLETED
via
1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
2536972
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
swiper.min.css
static.distributorcentral.com/prod/vendor/swiper/dist/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://static.distributorcentral.com/prod/vendor/swiper/dist/css/swiper.min.css?_=1726599039382
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0a799fa96b605d3919d8a5c3571e2710eda8752fb42155f034a12ec137cf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
0BJcqoqazBN0w3e6Cuv13.pjZ8dfr7jn
etag
W/"80ebb519acaf9416da5f2d4aa82d792a"
age
80977
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
IUkcr93pU9AdSg4XLehIYAggxu4TUibVdPpV9iXoUaOqiWcMvavk4A==
date
Sat, 21 Sep 2024 11:29:34 GMT
content-type
text/css
last-modified
Mon, 22 Apr 2024 20:42:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
swiper.min.js
static.distributorcentral.com/prod/vendor/swiper/dist/js/
122 KB
32 KB
Script
General
Full URL
https://static.distributorcentral.com/prod/vendor/swiper/dist/js/swiper.min.js?_=1726599039382
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
K.iQyZUZM_I1QxdD4vGM1aCOVZT9B1L1
etag
W/"06b841d117ab49f48e5e35d824857301"
age
80977
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QDhLDRx7lU64HN6G2bODCW-1N8SrJw9I75hmBC8Pw1dN-sjmCjRmSg==
date
Sat, 21 Sep 2024 11:29:34 GMT
content-type
application/javascript
last-modified
Mon, 22 Apr 2024 20:42:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
script.js
cdn.distributorcentral.com/websites2/block-types/Carousel/
972 B
2 KB
Script
General
Full URL
https://cdn.distributorcentral.com/websites2/block-types/Carousel/script.js?_=1726599039382&environment=prod
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-17.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
515352ef655ef4411dc4874bf6e9eb615763a7c1667f4519f15ca77999aa8237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

ETag
"61ed6929-3cc"
Age
54362
X-Backend-Server
ip-10-0-0-8.ec2.internal
X-Content-Type-Options
nosniff
Expires
Sun, 22 Sep 2024 18:53:08 GMT
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
_TuUMkH2PkHbDUjOtaVhIrcR0-XsEJvxrLKYhfj24BfJyQ7ePr1otg==
Date
Sat, 21 Sep 2024 18:53:08 GMT
Content-Type
application/javascript
Last-Modified
Sun, 23 Jan 2022 14:41:45 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=86400
X-Config-Version
10008
Connection
keep-alive
Referrer-Policy
no-referrer-when-downgrade
Via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
972
X-XSS-Protection
1
X-Country
US
X-Amz-Cf-Pop
JFK50-P5
Server
nginx
bundle.js
static.distributorcentral.com/prod/react/external/quickSearch/
1 MB
295 KB
Script
General
Full URL
https://static.distributorcentral.com/prod/react/external/quickSearch/bundle.js?_=1726599039382
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d92c3db0e92699ca3092aa340b237b6c843e85cf44d3142311814c5828852263

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
CzqehE3uEPPAalaAdyXyNDnBO.bKcVTu
etag
W/"90182a10c038a5262da792bdd6902c14"
age
27872
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
NG6c9vAmORvGNR05KhSW3E2XrXVKDmnKC7kzDUwqqnCNT9vfP2hShA==
date
Sun, 22 Sep 2024 02:14:39 GMT
content-type
application/javascript
last-modified
Tue, 17 Sep 2024 18:50:28 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/
2 KB
849 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Requested by
Host: cdn.distributorcentral.com
URL: https://cdn.distributorcentral.com/w/postcardsrus/s/D89DCC59-AEE2-4BD8-AC0B-D167A92A736D/styles.css?_=1726936894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cedbb3ef3425527e2f76c6627db41133543a55553a61089509f4ebb830736e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn.distributorcentral.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 22 Sep 2024 09:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Sep 2024 09:59:10 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 22 Sep 2024 08:21:57 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
raygun.min.js
cdn.raygun.io/raygun4js/
71 KB
23 KB
Script
General
Full URL
https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28b2:c400:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed642c6b25aa07aac326cf44d71e974c830e68a7b67c0546859f5294f17e93aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

x-amz-cf-pop
JFK52-P8
content-encoding
gzip
etag
W/"b60d592b2a32163c27122bcda89420dd"
age
42722
via
1.1 ded721d3aeecfb4f35d39da9e2d34066.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
DQIqqR_cmI_V5pB7SUbOvkB9xMVN8d30m8_dgJV1Yv9UDVGYFBfTwQ==
date
Sat, 21 Sep 2024 22:07:09 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Tue, 20 Aug 2024 23:36:09 GMT
x-amz-server-side-encryption
AES256
288777100117282816
cdn.syndication.twimg.com/widgets/timelines/
0
334 B
Script
General
Full URL
https://cdn.syndication.twimg.com/widgets/timelines/288777100117282816?&lang=en&callback=twitterFetcher.callback&suppress_response_codes=true&rnd=0.9118980914136969
Requested by
Host: postcardsrus.dcpromosite.com
URL: https://postcardsrus.dcpromosite.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

strict-transport-security
max-age=631138519
access-contol-allow-origin
platform.twitter.com
x-transaction-id
8cb23a84f1933800
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7a8f17f1ab41102ff103aa81dff8cc78a8d2f801d609d8b89489dc1d26d1f96b
access-control-allow-methods
GET
x-content-type-options
nosniff
x-response-time
4
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ
content-length
0
date
Sun, 22 Sep 2024 09:59:10 UTC
x-tw-cdn
VZ, VZ, VZ
perf
7402827104
server
tsa_b
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://postcardsrus.dcpromosite.com
Referer
https://fonts.googleapis.com/

Response headers

age
323045
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:15:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:15:05 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
static.distributorcentral.com/prod/vendor/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://static.distributorcentral.com/prod/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: static.distributorcentral.com
URL: https://static.distributorcentral.com/prod/vendor/font-awesome/css/font-awesome.min.css?_=1726599039382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-112.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://postcardsrus.dcpromosite.com
Referer
https://static.distributorcentral.com/prod/vendor/font-awesome/css/font-awesome.min.css?_=1726599039382

Response headers

access-control-max-age
3000
etag
"af7ae505a9eed503f8b8e6982036873e"
x-amz-version-id
3vGfUC_8Nm6WhJmTrBIsSZMaGoQ3vezv
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
nncROc3O56XUBx9lUDwR4P-jtaA3k-j49a_Lzta50CZdGPLjwphpiw==
date
Sun, 22 Sep 2024 09:59:11 GMT
content-type
binary/octet-stream
vary
Origin
last-modified
Mon, 22 Apr 2024 20:42:46 GMT
x-amz-replication-status
COMPLETED
via
1.1 687bf9bb2353af127d0a3c49056e960c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
x-amz-cf-pop
JFK52-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
glyphicons-halflings-regular.woff2
cdn.distributorcentral.com/fonts/
18 KB
18 KB
Font
General
Full URL
https://cdn.distributorcentral.com/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: cdn.distributorcentral.com
URL: https://cdn.distributorcentral.com/w/postcardsrus/s/D89DCC59-AEE2-4BD8-AC0B-D167A92A736D/styles.css?_=1726936894
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-17.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://postcardsrus.dcpromosite.com
Referer
https://cdn.distributorcentral.com/w/postcardsrus/s/D89DCC59-AEE2-4BD8-AC0B-D167A92A736D/styles.css?_=1726936894

Response headers

ETag
"61ed68ed-466c"
Age
70367
X-Backend-Server
ip-10-0-0-8.ec2.internal
X-Content-Type-Options
nosniff
Expires
Sun, 22 Sep 2024 14:26:23 GMT
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
YogbPBum42WHAxf2EoFFzrpoSoBnaOqSH56waS3Bfg9gzbFble6IKQ==
Date
Sat, 21 Sep 2024 14:32:35 GMT
Content-Type
font/woff2
Last-Modified
Sun, 23 Jan 2022 14:40:45 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=86400
X-Config-Version
10008
Connection
keep-alive
Referrer-Policy
no-referrer-when-downgrade
Via
1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
18028
X-XSS-Protection
1
X-Country
US
X-Amz-Cf-Pop
JFK50-P5
Server
nginx
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://postcardsrus.dcpromosite.com
Referer
https://fonts.googleapis.com/

Response headers

age
323236
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:11:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:11:54 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://postcardsrus.dcpromosite.com
Referer
https://fonts.googleapis.com/

Response headers

age
317501
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 17:47:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 17:47:29 GMT
last-modified
Tue, 02 May 2023 15:14:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24408
x-xss-protection
0
server
sffe
auth.cfc
postcardsrus.dcpromosite.com/resources/webservices/
387 B
551 B
Fetch
General
Full URL
https://postcardsrus.dcpromosite.com/resources/webservices/auth.cfc?method=token
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.114.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-114-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bfe6e76107af8b47ae72f3822158c32eed594105fd545212b42d76916281831e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

cache-control
no-cache
content-encoding
gzip
x-config-version
30006
x-backend-server
ip-10-0-0-8.ec2.internal
expires
Sun, 22 Sep 2024 09:59:10 GMT
access-control-allow-origin
*
date
Sun, 22 Sep 2024 09:59:11 GMT
x-country
US
content-type
application/json;charset=UTF-8
server
nginx
favicon.ico
postcardsrus.dcpromosite.com/
755 B
638 B
Other
General
Full URL
https://postcardsrus.dcpromosite.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.114.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-114-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bf1a12722929798cf4a914eab2e3a68747e045c80f0e49cc744bf16d5f1c6623

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://postcardsrus.dcpromosite.com/

Response headers

content-encoding
gzip
date
Sun, 22 Sep 2024 09:59:11 GMT
content-type
text/html;charset=UTF-8
x-config-version
30006
server
nginx
x-backend-server
ip-10-0-0-8.ec2.internal
verify
24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/
336 B
682 B
Fetch
General
Full URL
https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/verify
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.128.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
adca0c854411547c8886fab94c6b676abcdd1dd316b7c4ee8b2f3d6037a7c3fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://postcardsrus.dcpromosite.com/

Response headers

x-cache
Miss from cloudfront
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
OPTIONS,GET,POST
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
336
x-amz-cf-id
v509TbKhgYs_BydyfzBduHLlonHUqV4CtmtHpSyR6J2s_idGuU8q5A==
date
Sun, 22 Sep 2024 09:59:11 GMT
content-type
application/json
x-amzn-waf-challenge-id
Root=1-66efea6f-46f2686e175ed3951ff00d7a
x-amz-cf-pop
JFK50-P4
telemetry
24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/
904 B
1 KB
Fetch
General
Full URL
https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/telemetry
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.128.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
1ca5aa2e4b5bfb483b1b1f2d2f35f369752d42eae1ab41e13283f2a42af3ec5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://postcardsrus.dcpromosite.com/

Response headers

x-cache
Miss from cloudfront
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
OPTIONS,GET,POST
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
904
x-amz-cf-id
rnaLLTsOa5uMHEkC0k7K_JYyHiQxHttf3V-Gi7mmNfpwooVwKlZqOg==
date
Sun, 22 Sep 2024 09:59:11 GMT
content-type
application/json
x-amzn-waf-challenge-id
Root=1-66efea6f-0c769ffe15596bd349942c70
x-amz-cf-pop
JFK50-P4
telemetry
24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/
992 B
1 KB
Fetch
General
Full URL
https://24eb733536d3.65ee4812.us-east-1.token.awswaf.com/24eb733536d3/207c65799ad5/telemetry
Requested by
Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.128.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
c1671db8c4f5ddbc0835ec9cb7abecc9b60c7578c7460494e8a0e8aa12dc2e39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://postcardsrus.dcpromosite.com/

Response headers

x-cache
Miss from cloudfront
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
OPTIONS,GET,POST
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
content-length
992
x-amz-cf-id
5jMPTnlfAL8LAzVgfr6Yc35-DzaXU8hrCEVvuk8kBb5N6hKHK-LfFw==
date
Sun, 22 Sep 2024 09:59:12 GMT
content-type
application/json
x-amzn-waf-challenge-id
Root=1-66efea70-5c17f2220647858e4d9df14e
x-amz-cf-pop
JFK50-P4

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| RaygunObject function| rg4js object| DC function| $ function| jQuery object| Handlebars object| jQuery1110003164105420609431 object| ko function| Cookies object| year function| Swiper object| config1 object| config2 object| config3 object| config4 function| dateFormatter object| config5 function| handleTweets object| twitterFetcher string| raygunUserAgent object| raygunUserAgentData number| raygunUserAgentDataStatus object| TraceKit function| raygunUtilityFactory function| raygunErrorUtilitiesFactory function| raygunNetworkTrackingFactory function| raygunViewportFactory function| raygunBreadcrumbsFactory function| raygunCoreWebVitalFactory object| Raygun object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| __SECRET_EMOTION__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| process object| a2_0x1ba9 function| a2_0x5e29 object| AwsWafIntegration object| ChallengeScript boolean| RaygunInitialized

5 Cookies

Domain/Path Name / Value
.dcpromosite.com/ Name: CFID
Value: 835231
.dcpromosite.com/ Name: CFTOKEN
Value: c578f4413224a7d5%2DFBB576E0%2DB71D%2D6256%2D98A575FA38B4E2EC
.dcpromosite.com/ Name: sessionGuid
Value: FBB576E1%2D973E%2DA91E%2D6087383A396526E8
.dcpromosite.com/ Name: accessToken
Value: FBB57802%2DD841%2DF372%2D8EB3789AF6E65B49
.postcardsrus.dcpromosite.com/ Name: aws-waf-token
Value: 6fe174e8-546b-4ac9-ae9e-24e0b37749d4:EQoAlttFSDRUAAAA:TPYu8TuzOm9oFJV9y/sXWt8F0tGvN3uzygzKUlSP9WAGdu9G9QTySFqptyPvp2rOvyccXLwRQ8OTSCabAMpvUjmhc2y2wzZJO6lD62r4pFGLyTrEzdUGiVQjWW8pMxAyWU4gRCsiX3sk/o4mqDXuQcSpFdwrMKcy+TA9tPsYGF1W0q1L5OWabwBH905JKeHIPEy5jkLH3hHxMCmFOOgn/U7B/j5nZXDW0ekTVn0TvDH9bRDYdJ9xGgq4R5Hwvvb8ZFxmwW8+blyX4MTdvNrkbm6SArSdoP6t8SWZ4RMKttnAJyY1eQ==

2 Console Messages

Source Level URL
Text
security error URL: https://postcardsrus.dcpromosite.com/
Message:
Refused to execute script from 'https://cdn.syndication.twimg.com/widgets/timelines/288777100117282816?&lang=en&callback=twitterFetcher.callback&suppress_response_codes=true&rnd=0.9118980914136969' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network error URL: https://postcardsrus.dcpromosite.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24eb733536d3.65ee4812.us-east-1.token.awswaf.com
24eb733536d3.us-east-1.sdk.awswaf.com
cdn.distributorcentral.com
cdn.raygun.io
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
postcardsr.us
postcardsrus.dcpromosite.com
s3.distributorcentral.com
static.distributorcentral.com
108.138.128.108
15.197.225.128
18.164.96.17
18.173.132.10
18.173.219.101
18.238.55.112
2600:9000:28b2:c400:17:62f0:2dc0:93a1
2606:2800:220:1410:489:141e:20bb:12f6
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::200a
54.82.114.126
01c1ae213c2859ac4f90dd3d3c397b306644047910d627210f0fc69273bbb17d
1ca5aa2e4b5bfb483b1b1f2d2f35f369752d42eae1ab41e13283f2a42af3ec5a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cedbb3ef3425527e2f76c6627db41133543a55553a61089509f4ebb830736e4
3c131291e556c57f170b24ee78aeebc1611cefa6db0e0523adcaa323a942de48
515352ef655ef4411dc4874bf6e9eb615763a7c1667f4519f15ca77999aa8237
56f9153098e980f86824714b6247caef59aff32d7a50695bd2bd1d67b402fb4d
67cd8f3155ae3d60d53f0024ba2c517c12b1102716f56406055252d1f5868185
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e1745d23a20016959585598dc1a57b595d6068ca75969b0b8ef12ea780135b0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a0a799fa96b605d3919d8a5c3571e2710eda8752fb42155f034a12ec137cf96b
adca0c854411547c8886fab94c6b676abcdd1dd316b7c4ee8b2f3d6037a7c3fd
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bf1a12722929798cf4a914eab2e3a68747e045c80f0e49cc744bf16d5f1c6623
bfe6e76107af8b47ae72f3822158c32eed594105fd545212b42d76916281831e
c1671db8c4f5ddbc0835ec9cb7abecc9b60c7578c7460494e8a0e8aa12dc2e39
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d915451826db0f2e3c227d41532b325097e1f1661c178853fd5f4cf9b30baa2e
d92c3db0e92699ca3092aa340b237b6c843e85cf44d3142311814c5828852263
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5638ffd56be2b221147279272a20cfcffcbd188989ba6b1fc9f0b26850124bd
ed642c6b25aa07aac326cf44d71e974c830e68a7b67c0546859f5294f17e93aa
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c