d1xxdi1bvp4gvz.cloudfront.net Open in urlscan Pro
2600:9000:20c3:6400:1d:1ec:dfc0:21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://d1xxdi1bvp4gvz.cloudfront.net/?key=d8cfe7a79dbee1ec174f4b97d592af89&ch=%20pc-privacy-shield.findmysoft.com/download/%20pc-priv...
Effective URL:
http://d1xxdi1bvp4gvz.cloudfront.net/?key=d8cfe7a79dbee1ec174f4b97d592af89&ch=%20pc-privacy-shield.findmysoft.com/download/%20pc-priv...
Submission: On August 21 via manual (August 21st 2020, 12:54:00 pm UTC) from US

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2600:9000:20c3:6400:1d:1ec:dfc0:21, located in United States and belongs to AMAZON-02, US. The main domain is d1xxdi1bvp4gvz.cloudfront.net.

This is the only time d1xxdi1bvp4gvz.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2600:9000:20c... 2600:9000:20c3:6400:1d:1ec:dfc0:21	16509 (AMAZON-02) (AMAZON-02)
1	212.124.124.178 212.124.124.178	47328 (TRI-AS Tr...) (TRI-AS True Records Inc.)
2	2

1 2600:9000:20c3:6400:1d:1ec:dfc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1xxdi1bvp4gvz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.124.124.178 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)

www.squarebirdie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	squarebirdie.com www.squarebirdie.com	431 B
1	cloudfront.net d1xxdi1bvp4gvz.cloudfront.net	946 B
2	2

	Domain	Requested by
1	www.squarebirdie.com	d1xxdi1bvp4gvz.cloudfront.net
1	d1xxdi1bvp4gvz.cloudfront.net
2	2

This site contains no links.

Subject Issuer	Validity	Valid
www.squarebirdie.com Let's Encrypt Authority X3	`2020-06-25` - `2020-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://d1xxdi1bvp4gvz.cloudfront.net/?key=d8cfe7a79dbee1ec174f4b97d592af89&ch=%20pc-privacy-shield.findmysoft.com/download/%20pc-privacy-shield.findmysoft.com/dl/download_html.php?type=dl_link&dldr=0&s=4fb28f5bc8589f301ba12fbea17eae15&1597999078011
Frame ID: C3F0544DB453CFEA3968B62C9A5C74A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response d1xxdi1bvp4gvz.cloudfront.net/	589 B 946 B	542ms 518ms	Document text/html	2600:9000:20c3:6400:1d:1ec:dfc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1xxdi1bvp4gvz.cloudfront.net/?key=d8cfe7a79dbee1ec174f4b97d592af89&ch=%20pc-privacy-shield.findmysoft.com/download/%20pc-privacy-shield.findmysoft.com/dl/download_html.php?type=dl_link&dldr=0&s=4fb28f5bc8589f301ba12fbea17eae15&1597999078011 Protocol HTTP/1.1 Server 2600:9000:20c3:6400:1d:1ec:dfc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software awselb/2.0 / Resource Hash `ce0c71372efa447bbb218e2002c9b1f613419093a04e317cfa0315cef91fdf29` Request headers Host d1xxdi1bvp4gvz.cloudfront.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html;charset=UTF-8 Content-Length 589 Connection keep-alive Server awselb/2.0 Date Fri, 21 Aug 2020 12:53:44 GMT X-Cache Miss from cloudfront Via 1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront) X-Amz-Cf-Pop MUC50-C1 X-Amz-Cf-Id xoLzbY10RmAhTM49a4jSfw3hOLIwDGoqH9y4hbMCaQThWWrd8oc-mw==
GET H/1.1	200	no-impression.gif www.squarebirdie.com/	49 B 431 B	615ms 101ms	Image image/gif	212.124.124.178 TRI-AS True Recor...
General Check archive.org Show headers Download Go to Show image Full URL https://www.squarebirdie.com/no-impression.gif?p=5469&ch=%2520pc-privacy-shield.findmysoft.com%252Fdownload%252F%2520pc-privacy-shield.findmysoft.com%252Fdl%252Fdownload_html.php%253Ftype%253Ddl_link&h=59fdc61ab598ded097e89a7c0360ba52&l=DE&sh=800&sw=1280&ad.trans.id=vorogd8et7fe&s=d07e1b0a408fa0f0424e799ce7480e14&t=1598014424852&DC=DO Requested by Host: d1xxdi1bvp4gvz.cloudfront.net URL: http://d1xxdi1bvp4gvz.cloudfront.net/?key=d8cfe7a79dbee1ec174f4b97d592af89&ch=%20pc-privacy-shield.findmysoft.com/download/%20pc-privacy-shield.findmysoft.com/dl/download_html.php?type=dl_link&dldr=0&s=4fb28f5bc8589f301ba12fbea17eae15&1597999078011 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.124.124.178 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES), Reverse DNS Software / Resource Hash `2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef` Request headers Referer http://d1xxdi1bvp4gvz.cloudfront.net/?key=d8cfe7a79dbee1ec174f4b97d592af89&ch=%20pc-privacy-shield.findmysoft.com/download/%20pc-privacy-shield.findmysoft.com/dl/download_html.php?type=dl_link&dldr=0&s=4fb28f5bc8589f301ba12fbea17eae15&1597999078011 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 21 Aug 2020 12:53:45 GMT p3p CP="CAO PSA OUR" cache-control no-cache accept-ranges bytes content-type image/gif content-length 49 expires Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1xxdi1bvp4gvz.cloudfront.net
www.squarebirdie.com
212.124.124.178
2600:9000:20c3:6400:1d:1ec:dfc0:21
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
ce0c71372efa447bbb218e2002c9b1f613419093a04e317cfa0315cef91fdf29

d1xxdi1bvp4gvz.cloudfront.net Open in urlscan Pro 2600:9000:20c3:6400:1d:1ec:dfc0:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1 kBTransfer

1 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

d1xxdi1bvp4gvz.cloudfront.net Open in urlscan Pro
2600:9000:20c3:6400:1d:1ec:dfc0:21 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions