powertofly.avature.net

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 209.137.158.201, located in Bell Gardens, United States and belongs to KDDIA-NET, US. The main domain is powertofly.avature.net.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 14th 2022. Valid for: a year.

This is the only time powertofly.avature.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	209.137.158.201 209.137.158.201	4459 (KDDIA-NET) (KDDIA-NET)
2 2	13.37.114.239 13.37.114.239	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
3	2

2 209.137.158.201 (Bell Gardens, United States)

ASN4459 (KDDIA-NET, US)
PTR: p201.158.137.209.vs77100.net

powertofly.avature.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.114.239 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-114-239.eu-west-3.compute.amazonaws.com

s4.sendassets.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	sendassets.io 2 redirects s4.sendassets.io — Cisco Umbrella Rank: 840918	972 B
2	avature.net powertofly.avature.net	2 KB
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1229	2 KB
3	3

	Domain	Requested by
2	s4.sendassets.io	2 redirects
2	powertofly.avature.net	powertofly.avature.net
1	www.instagram.com	powertofly.avature.net
3	3

This site contains no links.

Subject Issuer	Validity	Valid
*.avature.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-01-09` - `2023-03-22`	2 months	crt.sh

This page contains 1 frames:

Frame: https://www.instagram.com/powertofly/
Frame ID: 8AA2C52AA38099CCE0134435116F5ED7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://powertofly.avature.net/mailRedir.php?u=1&code=V0Zy2AqvLcxrdY8H55TMn1AYIvRYY0Rq&link=258&transformed... Page URL
https://powertofly.avature.net/mailRedir.php?u=1&code=DoEmSWUiuMyU5MfsC12q9i4DQgNomXxg&link=107&transformed... Page URL

Page Statistics

3
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

4 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://powertofly.avature.net/mailRedir.php?u=1&code=V0Zy2AqvLcxrdY8H55TMn1AYIvRYY0Rq&link=258&transformedUrl=53161e913d7ccbcd40ec5cf4c6674c63f36f9cf4c126c618946efa6fd77b02a9 Page URL
https://powertofly.avature.net/mailRedir.php?u=1&code=DoEmSWUiuMyU5MfsC12q9i4DQgNomXxg&link=107&transformedUrl=a3dcd83ac63923ce830a9f3cb3309342b2e5beb2f500a8af67ab995c99157a8b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://s4.sendassets.io/s2/wjzhysrc HTTP 301
https://s4.sendassets.io/signature_assets/t/b/67fcd15c-11f7-4727-b6a8-94b66e4056b7/c/c1d67691-2427-47a0-8cec-c2af307b8bd1 HTTP 302
https://www.instagram.com/powertofly/

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mailRedir.php
powertofly.avature.net/ 818 B
882 B 561ms
350ms Document
text/html 209.137.158.201
KDDIA-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://powertofly.avature.net/mailRedir.php?u=1&code=V0Zy2AqvLcxrdY8H55TMn1AYIvRYY0Rq&link=258&transformedUrl=53161e913d7ccbcd40ec5cf4c6674c63f36f9cf4c126c618946efa6fd77b02a9

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.137.158.201 Bell Gardens, United States, ASN4459 (KDDIA-NET, US),

Reverse DNS

p201.158.137.209.vs77100.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Mar 2023 21:20:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 14 Mar 2023 21:20:13 GMT
p3p: CP="STA"
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2 200 Primary Request mailRedir.php Show response
powertofly.avature.net/ 680 B
711 B 188ms
187ms Document
text/html 209.137.158.201
KDDIA-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://powertofly.avature.net/mailRedir.php?u=1&code=DoEmSWUiuMyU5MfsC12q9i4DQgNomXxg&link=107&transformedUrl=a3dcd83ac63923ce830a9f3cb3309342b2e5beb2f500a8af67ab995c99157a8b

Requested by

Host: powertofly.avature.net
URL: https://powertofly.avature.net/mailRedir.php?u=1&code=V0Zy2AqvLcxrdY8H55TMn1AYIvRYY0Rq&link=258&transformedUrl=53161e913d7ccbcd40ec5cf4c6674c63f36f9cf4c126c618946efa6fd77b02a9

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.137.158.201 Bell Gardens, United States, ASN4459 (KDDIA-NET, US),

Reverse DNS

p201.158.137.209.vs77100.net

Software

nginx /

Resource Hash

edb8b5d90f6a7c9f81e5eb6582a8b9e11c50dfc8f4eddae61c38b2a6c1ca52f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://powertofly.avature.net/mailRedir.php?u=1&code=V0Zy2AqvLcxrdY8H55TMn1AYIvRYY0Rq&link=258&transformedUrl=53161e913d7ccbcd40ec5cf4c6674c63f36f9cf4c126c618946efa6fd77b02a9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Mar 2023 21:20:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 14 Mar 2023 21:20:14 GMT
p3p: CP="STA"
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

429

/ Show response
www.instagram.com/powertofly/
Redirect Chain

https://s4.sendassets.io/s2/wjzhysrc
https://s4.sendassets.io/signature_assets/t/b/67fcd15c-11f7-4727-b6a8-94b66e4056b7/c/c1d67691-2427-47a0-8cec-c2af307b8bd1
https://www.instagram.com/powertofly/

0
2 KB

212ms
148ms

Document
text/html

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/powertofly/

Requested by

Host: powertofly.avature.net
URL: https://powertofly.avature.net/mailRedir.php?u=1&code=DoEmSWUiuMyU5MfsC12q9i4DQgNomXxg&link=107&transformedUrl=a3dcd83ac63923ce830a9f3cb3309342b2e5beb2f500a8af67ab995c99157a8b

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

/

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' .teststagram.com .instagram.com static.cdninstagram.com .google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com .teststagram.com static.cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* ws://localhost:* blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self' .teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src .facebook.com data: fonts.gstatic.com .fbcdn.net .instagram.com .teststagram.com static.cdninstagram.com .intern.facebook.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com www.gstatic.com .fbsbx.com android-webview-video-poster: .giphy.com .teststagram.com .igsonar.com .google-analytics.com;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com .giphy.com cdn.fbsbx.com data: blob:;frame-src .instagram.com .facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://powertofly.avature.net/mailRedir.php?u=1&code=DoEmSWUiuMyU5MfsC12q9i4DQgNomXxg&link=107&transformedUrl=a3dcd83ac63923ce830a9f3cb3309342b2e5beb2f500a8af67ab995c99157a8b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com *.giphy.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy-report-only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: rollout
date: Tue, 14 Mar 2023 21:20:14 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-fb-debug: ElrNQC2+vwY0wnXA7aTJAPlckkxNBZE4Xhx02GPA8FdY9gOvIl+0hkb9Y1c67czUN1gjHgYYkxn4ck1A++tsmw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Tue, 14 Mar 2023 21:20:14 GMT
location: https://www.instagram.com/powertofly/
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 + Phusion Passenger(R) 6.0.17
status: 302 Found
vary: Origin
x-api-version: 4
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) Enterprise 6.0.17
x-request-id: 6343d2ec-a90c-4aa5-91fa-63ca933c2746
x-runtime: 0.018286
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			powertofly.avature.net/	1969-12-31 23:59:59	Name: SmailRedir Value: 3b43c66he0npe9d8026fac8rt6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.instagram.com/powertofly/ Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

powertofly.avature.net
s4.sendassets.io
www.instagram.com
13.37.114.239
209.137.158.201
2a03:2880:f21c:81e5:face:b00c:0:4420
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edb8b5d90f6a7c9f81e5eb6582a8b9e11c50dfc8f4eddae61c38b2a6c1ca52f6

powertofly.avature.net Open in urlscan Pro 209.137.158.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

4 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

powertofly.avature.net Open in urlscan Pro
209.137.158.201 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

4 kB
Transfer

1 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions