259317.seu2.cleverreach.com Open in urlscan Pro
52.17.104.159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae...
Submission: On April 13 via api (April 13th 2022, 10:01:37 am UTC) from IE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 52.17.104.159, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is 259317.seu2.cleverreach.com.
TLS certificate: Issued by Amazon on October 12th 2021. Valid for: a year.

This is the only time 259317.seu2.cleverreach.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.17.104.159 52.17.104.159	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.49 18.66.122.49	16509 (AMAZON-02) (AMAZON-02)
4	18.66.97.112 18.66.97.112	16509 (AMAZON-02) (AMAZON-02)
8	3

2 52.17.104.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-104-159.eu-west-1.compute.amazonaws.com

259317.seu2.cleverreach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats-eu2.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-49.fra60.r.cloudfront.net

files.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-112.fra56.r.cloudfront.net

cloud-files.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d388us03v35p3m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	crsend.com files.crsend.com — Cisco Umbrella Rank: 156143 cloud-files.crsend.com — Cisco Umbrella Rank: 655599 stats-eu2.crsend.com — Cisco Umbrella Rank: 193641	360 KB
1	cloudfront.net d388us03v35p3m.cloudfront.net	5 KB
1	cleverreach.com 259317.seu2.cleverreach.com	5 KB
8	3

	Domain	Requested by
3	cloud-files.crsend.com	259317.seu2.cleverreach.com
2	files.crsend.com	259317.seu2.cleverreach.com
1	stats-eu2.crsend.com	259317.seu2.cleverreach.com
1	d388us03v35p3m.cloudfront.net	259317.seu2.cleverreach.com
1	259317.seu2.cleverreach.com
8	5

This site contains no links.

Subject Issuer	Validity	Valid
cleverreach.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
files.crsend.com Amazon	`2021-08-16` - `2022-09-14`	a year	crt.sh
cloud-files.crsend.com Amazon	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92
Frame ID: 4730D3C0A1E324AFBAA145F07D8D8924
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

„Schleifen für die Ukraine“ Spendenaktion

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

370 kB
Transfer

393 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Show response 259317.seu2.cleverreach.com/m/13523304/	31 KB 5 KB	322ms 256ms	Document text/html	52.17.104.159 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.17.104.159 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-104-159.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash `b630ec726b8cea8cd7e902df0c9cda4d35f1e5eac05021fd7cd18ddeef11003b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 4549 content-type text/html; charset=UTF-8 date Wed, 13 Apr 2022 10:01:32 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding x-cr-i www-eu2-i-0019e22d25c0b44c6 D=174423 t=1649844092424494
GET H2	200	Design+ohne+Titel-6.png files.crsend.com/259000/259317/images/	268 KB 269 KB	38ms 8ms	Image image/png	18.66.122.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.crsend.com/259000/259317/images/Design+ohne+Titel-6.png Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `0b3cad05c4bc5212464428f4792da032ae7878df64eea71f50de8444ecd47861` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 09:58:29 GMT via 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront) last-modified Tue, 12 Apr 2022 14:42:44 GMT server AmazonS3 age 1206 etag "012b5a35b7611cb5012d43af63b3ec42" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 274427 x-amz-cf-id W6otEEBZJUvlgkBic91YLHIZsVzNXt8ssv5L-djuExT-oDkGyRQ6AA==
GET H2	200	Schleifen+f%C3%BCr+die+Ukraine+Kopie.png files.crsend.com/259000/259317/images/	86 KB 86 KB	38ms 8ms	Image image/png	18.66.122.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.crsend.com/259000/259317/images/Schleifen+f%C3%BCr+die+Ukraine+Kopie.png Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-49.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `f82ef162be627110d6a5ecd169a963c9c3bce8d1ca4bd0162ab5f78592b3b0d5` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 09:58:29 GMT via 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront) last-modified Tue, 12 Apr 2022 15:24:55 GMT server AmazonS3 age 661 etag "6b4fd642d9d538f58e0bc80f14627264" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 88005 x-amz-cf-id yQOlxrRUmbFREtJ_TJ9uH9at4pO47it-rNDRVPwbB-WJRIS7DcUceA==
GET H2	200	cred_Sm-facebook.png cloud-files.crsend.com/html/templates/de/basic/announcement/	1 KB 2 KB	35ms 6ms	Image image/png	18.66.97.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cloud-files.crsend.com/html/templates/de/basic/announcement/cred_Sm-facebook.png Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-112.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `ed9a4205e4554a673ad93d80f2d8c0705f73275dae29abc58e8cd79e4fa23b05` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 09:50:21 GMT via 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront) last-modified Mon, 07 Oct 2019 09:53:51 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:999/gname:gitlab-runner/uname:gitlab-runner/gid:998/mode:33204/mtime:1565777413/atime:1570364566/md5:6fcb91e794ee15d82c2bdc33b6b7420b/ctime:1565777413 age 686 etag "6fcb91e794ee15d82c2bdc33b6b7420b" x-cache Hit from cloudfront content-type image/png cache-control max-age=900 x-amz-cf-pop FRA56-P2 accept-ranges bytes content-length 1086 x-amz-cf-id waFdU6DIQcXuwH9txSb5dH0ZaNaBCa953aGu-Y-FrmqoYOa1_dySGQ==
GET H2	200	cred_Sm-instagram.png cloud-files.crsend.com/html/templates/de/basic/announcement/	1 KB 2 KB	36ms 6ms	Image image/png	18.66.97.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cloud-files.crsend.com/html/templates/de/basic/announcement/cred_Sm-instagram.png Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-112.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `9584083a689c194d54fcd9b04b3d2eaaf9a41f50b834713675452a7fb9785159` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 09:48:59 GMT via 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront) last-modified Mon, 07 Oct 2019 09:53:52 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:999/gname:gitlab-runner/uname:gitlab-runner/gid:998/mode:33204/mtime:1565777413/atime:1570364566/md5:b0f49cb5153efd22ea5f066e2c99305b/ctime:1565777413 age 754 etag "b0f49cb5153efd22ea5f066e2c99305b" x-cache Hit from cloudfront content-type image/png cache-control max-age=900 x-amz-cf-pop FRA56-P2 accept-ranges bytes content-length 1284 x-amz-cf-id _cf8sMLXOKZphswOgxtFM8H0xPdpELoERobl89jtOYgjS6-2iHZqSQ==
GET H2	200	cred_Sm-linkedin.png cloud-files.crsend.com/html/templates/de/basic/announcement/	1 KB 2 KB	36ms 7ms	Image image/png	18.66.97.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cloud-files.crsend.com/html/templates/de/basic/announcement/cred_Sm-linkedin.png Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-112.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `a75614ed424bfca4fc988d001796b0b9063827cacee76fe5610a4a1531c4f579` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 09:54:17 GMT via 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront) last-modified Mon, 07 Oct 2019 09:53:52 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:999/gname:gitlab-runner/uname:gitlab-runner/gid:998/mode:33204/mtime:1565777413/atime:1570364566/md5:65475875cfe41fc06d2ab943f901c52c/ctime:1565777413 age 436 etag "65475875cfe41fc06d2ab943f901c52c" x-cache Hit from cloudfront content-type image/png cache-control max-age=900 x-amz-cf-pop FRA56-P2 accept-ranges bytes content-length 1253 x-amz-cf-id 4eu7htTUEMiUK0uqbSdUR8K-oFwkM_bhuTaKFYy4CNabDUdmcJNzBA==
GET H2	200	badget1.png d388us03v35p3m.cloudfront.net/cr3_images/	5 KB 5 KB	36ms 7ms	Image image/png	18.66.97.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d388us03v35p3m.cloudfront.net/cr3_images/badget1.png Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-112.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `919a4aaa3a13291347e7fab77590c7ee7376a8deb492293929f7a347e6436731` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 13 Apr 2022 02:58:46 GMT via 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront) last-modified Mon, 19 Sep 2016 11:15:48 GMT server AmazonS3 age 25367 etag "464055ddab1a2d932f1b4be5ca861562" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA56-P2 accept-ranges bytes content-length 4841 x-amz-cf-id lfm0epm5fr-Om8Kk1bIC4RTTMbFY-9UQNOpUelqxy7zynj-mJ-XpiA==
GET H2	200	mc_259317_13523304_df9a6ae5f166-ra9vuk.gif stats-eu2.crsend.com/stats/	49 B 344 B	155ms 148ms	Image image/gif	52.17.104.159 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stats-eu2.crsend.com/stats/mc_259317_13523304_df9a6ae5f166-ra9vuk.gif Requested by Host: 259317.seu2.cleverreach.com URL: https://259317.seu2.cleverreach.com/m/13523304/0-19adf000d35d2446af14a8a3a436ee464cd90cc6f03f6587362d32b5581dd2edceb1e8f3c848bd48cae4d8c4b98a5f92 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.17.104.159 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-104-159.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash `8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b` Request headers accept-language de-DE,de;q=0.9 Referer https://259317.seu2.cleverreach.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Wed, 13 Apr 2022 10:01:32 GMT server Apache content-type image/gif x-cr-i stats-eu2-i-018ef7982f0264589 D=117323 t=1649844092711097 cache-control no-store, no-cache, must-revalidate content-length 49 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			259317.seu2.cleverreach.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: MMvFh7tOeVxKcfGVNSQArzroGktJWHsK8PBqL376oPtUjkQf
			stats-eu2.crsend.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: t-tB4qXNYMeXPIQ4MtYWCIJMWkDvAXCh8bR0uicGhMtLLchA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

259317.seu2.cleverreach.com
cloud-files.crsend.com
d388us03v35p3m.cloudfront.net
files.crsend.com
stats-eu2.crsend.com
18.66.122.49
18.66.97.112
52.17.104.159
0b3cad05c4bc5212464428f4792da032ae7878df64eea71f50de8444ecd47861
8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b
919a4aaa3a13291347e7fab77590c7ee7376a8deb492293929f7a347e6436731
9584083a689c194d54fcd9b04b3d2eaaf9a41f50b834713675452a7fb9785159
a75614ed424bfca4fc988d001796b0b9063827cacee76fe5610a4a1531c4f579
b630ec726b8cea8cd7e902df0c9cda4d35f1e5eac05021fd7cd18ddeef11003b
ed9a4205e4554a673ad93d80f2d8c0705f73275dae29abc58e8cd79e4fa23b05
f82ef162be627110d6a5ecd169a963c9c3bce8d1ca4bd0162ab5f78592b3b0d5

259317.seu2.cleverreach.com Open in urlscan Pro 52.17.104.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

3 IPs

2 Countries

370 kBTransfer

393 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Indicators

259317.seu2.cleverreach.com Open in urlscan Pro
52.17.104.159 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

370 kB
Transfer

393 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions