urlscan.io logo urlscan.io
SecurityTrails logo

go.ledger.com Open in urlscan Pro
76.223.7.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.news.ledger.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf569d4f5c94b978cbf9b97...
Effective URL: https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Submission: On May 08 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 76.223.7.80, located in United States and belongs to AMAZON-02, US. The main domain is go.ledger.com.
TLS certificate: Issued by R3 on April 27th 2024. Valid for: 3 months.
This is the only time go.ledger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.29.202.93 31898 (ORACLE-BM...)
1 1 192.29.201.57 31898 (ORACLE-BM...)
3 76.223.7.80 16509 (AMAZON-02)
1 54.231.192.56 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
6 4
1    192.29.202.93 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
app.news.ledger.com
1    192.29.201.57 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
s1909208.t.eloqua.com
3    76.223.7.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a352c9a2e2a4b5a35.awsglobalaccelerator.com
go.ledger.com
1    54.231.192.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
Apex Domain
Subdomains		 Transfer
4 ledger.com
app.news.ledger.com
go.ledger.com
94 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
59 KB
1 amazonaws.com
s3.amazonaws.com
1 KB
1 eloqua.com
s1909208.t.eloqua.com
786 B
0 Failed
function sub() { [native code] }. Failed
6 5
Domain Requested by
3 go.ledger.com go.ledger.com
1 connect.facebook.net go.ledger.com
1 s3.amazonaws.com go.ledger.com
1 s1909208.t.eloqua.com 1 redirects
1 app.news.ledger.com 1 redirects
0 buy Failed go.ledger.com
6 6

This site contains links to these domains. Also see Links.

Domain
www.ledger.com
Subject Issuer Validity Valid
go.ledger.com
R3		 2024-04-27 -
2024-07-26		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-16 -
2024-05-16		 3 months crt.sh

This page contains 1 frames:

Frame: ledgerlive://buy?ajs_prop_campaign=Newsletter-260424&ajs_prop_source=email
Frame ID: D164D214AE369C9251D1E653FB2E2BC1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Ledger Live | Ledger

Page URL History Show full URLs

  1. https://app.news.ledger.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf5... HTTP 302
    https://s1909208.t.eloqua.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf5... HTTP 302
    https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

6
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

154 kB
Transfer

591 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.news.ledger.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf569d4f5c94b978cbf9b974e453ea1&elqaid=932&elqat=1 HTTP 302
    https://s1909208.t.eloqua.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf569d4f5c94b978cbf9b974e453ea1&elqaid=932&elqat=1 HTTP 302
    https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request buywith
go.ledger.com/ledger/
Redirect Chain
  • https://app.news.ledger.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf569d4f5c94b978cbf9b974e453ea1&elqaid=932&elqat=1
  • https://s1909208.t.eloqua.com/e/er?s=1909208&lid=2970&elqTrackId=19A035310FBEE452DF77E5C56B1CAD20&elq=daf569d4f5c94b978cbf9b974e453ea1&elqaid=932&elqat=1
  • https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
76.223.7.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a352c9a2e2a4b5a35.awsglobalaccelerator.com
Software
nginx / Phusion Passenger(R)
Resource Hash
8eac7f8a1a6750feff2788745149d14e64e4f3cf66ef0b7f99e51258d331464e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 08 May 2024 21:21:06 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Server
nginx
Status
200 OK
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
Phusion Passenger(R)
X-Request-Id
34414230-2199-4945-80f8-11815832f7d9
X-Runtime
0.099484
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store
Content-Length
215
Content-Type
text/html; charset=utf-8
Date
Wed, 08 May 2024 21:21:05 GMT
Expires
-1
Location
https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-Xss-Protection
1; mode=block
launch-6d88186f54924ca6a1010d03a41dfea5c3536dc232204c2ce67259fdafd82f02.css
go.ledger.com/assets/ 		149 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.ledger.com/assets/launch-6d88186f54924ca6a1010d03a41dfea5c3536dc232204c2ce67259fdafd82f02.css
Requested by
Host: go.ledger.com
URL: https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
76.223.7.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a352c9a2e2a4b5a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
53864bf5b086faf7ed12fc1f64909bd9a3ebbdbb4b5b81ababa68797ded57dcb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 21:21:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 May 2024 18:22:25 GMT
Server
nginx
ETag
"663bc2e1-5fe9"
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24553
Expires
Thu, 31 Dec 2037 23:55:55 GMT
launch-4bc230fea8e536afbc0ae9bb725ba1af423d8992a46f50a438129e25053f52d1.js
go.ledger.com/assets/ 		215 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ledger.com/assets/launch-4bc230fea8e536afbc0ae9bb725ba1af423d8992a46f50a438129e25053f52d1.js
Requested by
Host: go.ledger.com
URL: https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
76.223.7.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a352c9a2e2a4b5a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4bc230fea8e536afbc0ae9bb725ba1af423d8992a46f50a438129e25053f52d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 21:21:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 May 2024 18:22:45 GMT
Server
nginx
ETag
"663bc2f5-ecbb"
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60603
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mHjR3KaAMw3RGA15-t8gXNAy_Onr4ZYUQ07Z9fG2vd51IXO5rd7wtdqEWbNMPTgdqrk
s3.amazonaws.com/urlg_production/apps/icons/4526/small_128/ 		744 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/urlg_production/apps/icons/4526/small_128/mHjR3KaAMw3RGA15-t8gXNAy_Onr4ZYUQ07Z9fG2vd51IXO5rd7wtdqEWbNMPTgdqrk?1712932045
Requested by
Host: go.ledger.com
URL: https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.192.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1cd2feedc04ff4cfe5fb4e4f5e4ca2686c49635c2966f5d1568db01a73178e0f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://go.ledger.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 08 May 2024 21:21:07 GMT
x-amz-version-id
j_tp4tW6Oj5V3FWfNA2tEn.kbcz7AGEy
Last-Modified
Fri, 12 Apr 2024 14:27:27 GMT
Server
AmazonS3
x-amz-request-id
PR9H0PBQF2ZTNK0N
ETag
"fb658ef05691cda05b87e67e7b5b2cad"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
744
x-amz-id-2
nEeNS+0lurjj1FnAriJj9c8+53qt6RPABex2qJCsOGjFZwQpMH44iKhyP/z98MwBirNohcSbKKs=
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.ledger.com
URL: https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://go.ledger.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 21:21:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
V2sIstoxwZ4TOAdAIc5a+3sNm6/xhNPemzau0qgHLpJzI+WY+rkyQouLYcmg0e/aDmncgzz66ZiSG8kSznWtnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ledgerlive://buy?ajs_prop_campaign=Newsletter-260424&ajs_prop_source=email
ledgerlive://buy?ajs_prop_campaign=Newsletter-260424&ajs_prop_source=email 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
buy
URL
ledgerlive://buy?ajs_prop_campaign=Newsletter-260424&ajs_prop_source=email

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery112404196012459899763 function| Cookies object| ifvisible string| after_app string| app string| app_icon_url string| app_scheme string| app_store_url string| background_image_1440 string| background_image_2880 string| browser_family string| custom_launch string| custom_style string| disable_launch string| domain string| download_app string| download_app_url string| fallback_destination string| fallback_url string| first_try_url string| hit_update_path string| hit_update_qs_update_path string| ios_delay string| ios_facebook string| launch_url string| link_id string| mobile_web string| os_family string| respect_link_fallback_options_on_choice_page string| whitelabel string| turn_off_fallback function| fbq function| _fbq function| getCookie function| cookieParser function| param_appender function| urlCreator function| ajaxRequest function| sendAppInstalled function| storeOrWeb string| send_cookies string| cookie_local string| session_id string| visitor_id string| referer string| xpurpose string| browser_language string| xforwardfor string| tapid string| current string| uniq_id string| simple_url

4 Cookies

Domain/Path Name / Value
.eloqua.com/ Name: ELOQUA
Value: GUID=16FA39BB2A6F451E990EADA2D8F1083B
.eloqua.com/ Name: ELQSTATUS
Value: OK
go.ledger.com/ Name: XSRF-TOKEN
Value: 8aF9tAQxdz1yfSCUGQVFov5CyFzFYgp2CxALLWgH6b2cvCzU5syZuxIIU4yCGWZ0f5a6MFxEmGr6MNcDD2cNJA%3D%3D
.ledger.com/ Name: _urlg_app_session
Value: M1BhSTd2YzU4Y0tIN0tWWGQ1RUNLT3BCRGJ3WDZTMlZiQnFNaWF3ekFtOUg2VDdoK1JUQTYvWlpQOW50MzVJUkZmUGw3OEQ2VEYwVHNaL2cyV3dxRVNIVjhFRkpUeGpCUy9OTFA4Z2FqelgwL1J2KzVFek1vUVNFZlZ5aEw2c1NDNkMxQWdGbUcwaCtoV3hxTW5FL01nPT0tLW1GSTdXeU95K0V1aUNVZWdweWNMb3c9PQ%3D%3D--d1547c101e5f36cad6699db4536718e639b772dc

1 Console Messages

Source Level URL
Text
other error URL: https://go.ledger.com/ledger/buywith?ajs_prop_source=email&ajs_prop_campaign=Newsletter-260424
Message:
Not allowed to launch 'ledgerlive://buy?ajs_prop_campaign=Newsletter-260424&ajs_prop_source=email' because a user gesture is required.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block