URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Submission Tags: falconsandbox
Submission: On February 19 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 44.195.138.222, located in Ashburn, United States and belongs to . The main domain is login.commonsku.com. The Cisco Umbrella rank of the primary domain is 679513.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 27th 2023. Valid for: a year.
This is the only time login.commonsku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 44.195.138.222 ()
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:225... 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
8 5
Apex Domain
Subdomains
Transfer
5 commonsku.com
login.commonsku.com — Cisco Umbrella Rank: 679513
files.commonsku.com — Cisco Umbrella Rank: 445521
609 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 260
468 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 737
25 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
12 KB
8 4
Domain Requested by
3 login.commonsku.com login.commonsku.com
2 files.commonsku.com login.commonsku.com
1 bam.nr-data.net login.commonsku.com
1 js-agent.newrelic.com login.commonsku.com
1 cdn.jsdelivr.net login.commonsku.com
8 5

This site contains no links.

Subject Issuer Validity Valid
commonsku.com
Amazon RSA 2048 M01
2023-07-27 -
2024-08-25
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
files.commonsku.com
Amazon RSA 2048 M01
2023-05-24 -
2024-06-22
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-01-15 -
2025-02-15
a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-29 -
2024-10-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Frame ID: 4FE23C259A7F96151C9A655F0074D780
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Change Request - HIT PROMOTIONAL PRODUCTS

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

646 kB
Transfer

1217 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request po-approve.php
login.commonsku.com/
55 KB
22 KB
Document
General
Full URL
https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.138.222 Ashburn, United States, ASN (),
Reverse DNS
ec2-44-195-138-222.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bfd25ac1aa2f449d85de8aec8057933168af0e591bcfabb8fd3ce1e0f7616462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 19:16:38 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
foundation.min.css
cdn.jsdelivr.net/foundation/6.2.4/
63 KB
12 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/foundation/6.2.4/foundation.min.css
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a239e7d887aa259ee55c438bd99713c8bcde0867f11bbc04837288f37b9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.commonsku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:16:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7209550
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230055-FRA
server
cloudflare
etag
W/"fb4a-tUGsgxYiOnrnwNR6YZOE1r5/+B0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtCvbNm5cU28hmDXKO%2BBxhIqss9uxg6eTeoNsYNJ5fVDmVXpFkWTQ9FICnMb%2Bzjp1pWb8k85hOhF%2FF51NdSCvNEia16Np69mdbrw1Kd3YXemrUI85Oh03%2FHrzUM9EW%2B2Yv3mUqc78l8i9ySnkQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8580d8703e572c41-FRA
public_order.css
login.commonsku.com/css/
16 KB
5 KB
Stylesheet
General
Full URL
https://login.commonsku.com/css/public_order.css
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.138.222 Ashburn, United States, ASN (),
Reverse DNS
ec2-44-195-138-222.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d1e9058e9c1951b2595cd46e50b4bf96ae8228938f7cf8004332c59a217e3b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Feb 2024 19:16:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 13 Feb 2024 19:04:57 GMT
server
nginx
content-encoding
gzip
etag
W/"65cbbd59-3e65"
content-type
text/css
cache-control
max-age=31536000, public
expires
Tue, 18 Feb 2025 19:16:39 GMT
b77e0729-c345-4098-b340-abf314e7d54e
files.commonsku.com/medium/
55 KB
55 KB
Image
General
Full URL
https://files.commonsku.com/medium/b77e0729-c345-4098-b340-abf314e7d54e
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:de00:15:9dba:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d279d7137452565fa62e77a23c38df5c7cd0d56476f623d0f8526c102c44288e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.commonsku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 18:26:18 GMT
x-amz-version-id
rdTVi70IRACWPYKd38kFwK1G_lYLGNg1
via
1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jul 2021 20:26:28 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3022
etag
"e23946cdc6d96e8b145c94011fb95d41"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
56206
x-amz-cf-id
SbBqAczzztlY0BfD69SI08VAdqmqJwXUPSzqADtGlz-8gVSEW3euMQ==
footer-client.js
login.commonsku.com/js/
629 KB
201 KB
Script
General
Full URL
https://login.commonsku.com/js/footer-client.js
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.138.222 Ashburn, United States, ASN (),
Reverse DNS
ec2-44-195-138-222.compute-1.amazonaws.com
Software
nginx /
Resource Hash
81ca65ca1812346618bf0e8c1ebace0e3e65d41fcf5b5cbe29677f043afb5624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Feb 2024 19:16:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 13 Feb 2024 19:04:58 GMT
server
nginx
content-encoding
gzip
etag
W/"65cbbd5a-9d5a3"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 18 Feb 2025 19:16:39 GMT
410280ae-1f00-4a40-8da2-48d59a38bd2a
files.commonsku.com/headers/
325 KB
326 KB
Image
General
Full URL
https://files.commonsku.com/headers/410280ae-1f00-4a40-8da2-48d59a38bd2a
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:de00:15:9dba:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63721dc64a74160e4057fe9cc8a941b44ea9bc5085fc9bcc7260cb499bc4a952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.commonsku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 18:26:19 GMT
x-amz-version-id
4yGLIIYgZgGOBuWFOXZFgzPaeEXpNWDp
via
1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified
Fri, 16 Jul 2021 17:58:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3021
etag
"ae7748227476fde5f0e340e481cdf4f9"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
332612
x-amz-cf-id
cChDlaxogfZR7tBP1cy4gY6zNAinW0tM8xH2be6mLpfsZPUw3vdipA==
nr-full-1.252.0.min.js
js-agent.newrelic.com/
74 KB
25 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-full-1.252.0.min.js
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c25418cce4867b47376766823ff8aeb5d0ebf46cb986d7c10cd6ad38ad65004
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://login.commonsku.com/
Origin
https://login.commonsku.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
erpQAsDFxG_6aM4W2oXrEE2UTrC4hTVP
content-encoding
br
via
1.1 varnish
date
Mon, 19 Feb 2024 19:16:39 GMT
strict-transport-security
max-age=300
x-amz-request-id
6DDWQMZ0DGY8SFMR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
24959
x-amz-id-2
k6/vSazPmZaEhSqmw8ha/R8HxDEFDHSbDs2g0P31mmpMVFBzk9dCkrsNgRpjp39xz4qrcwHuMqU=
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Tue, 13 Feb 2024 00:41:07 GMT
server
AmazonS3
x-timer
S1708370199.339205,VS0,VE0
etag
"2f8ac62328d6fa35d0edb414cf141d02"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
86245
ed702ded3d
bam.nr-data.net/1/
40 B
468 B
XHR
General
Full URL
https://bam.nr-data.net/1/ed702ded3d?a=510369182&v=1.252.0&to=YFJRMBEFXEVZURFRCVkYZhYKS0JZFVMVSBRYQVZKEwxC&rst=1311&ck=0&s=82843bbfa08f8a26&ref=https://login.commonsku.com/po-approve.php&hr=0&af=err,xhr,stn,ins&ap=519&be=929&fe=322&dc=321&at=TBVSRlkfT0s%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1708370198045,%22n%22:0,%22f%22:0,%22dn%22:20,%22dne%22:20,%22c%22:20,%22s%22:116,%22ce%22:215,%22rq%22:215,%22rp%22:930,%22rpe%22:931,%22di%22:1247,%22ds%22:1247,%22de%22:1250,%22dc%22:1250,%22l%22:1250,%22le%22:1251%7D,%22navigation%22:%7B%7D%7D&fp=1072&fcp=1072
Requested by
Host: login.commonsku.com
URL: https://login.commonsku.com/po-approve.php?id=789cad48-f51b-4f02-96ec-7f25ffa98a7c&change=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca742541d65d718402499ed1d84d003258ce2116562169b85744cf7d798485a

Request headers

Referer
https://login.commonsku.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 19 Feb 2024 19:16:40 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://login.commonsku.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
8580d8725c5b2bec-FRA
Content-Length
40

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.252.0.PROD object| newrelic function| debounce function| debug function| getUrlParameter function| decimalAdjust function| round function| empty function| getUnique function| getStrippedMask function| formatMoney function| sortSizes function| hasUrls function| isYoutube function| isVimeo function| isVideofarm function| isVine function| isOnScreen function| formatPercent function| fixNumber function| displayProductFeed function| htmlspecialchars function| str_split function| rawurlencode function| parseMonth function| parseLinks function| addBookmark function| parsePhoneNumber function| isValidImageUrl function| isValidDate function| uppercaseFirstLetterOfEachWord function| sortByDateCreated function| resetDialog object| Format function| createSelect function| updateBackground function| hexToRgb function| mysqlTimeStampToJavascriptDate function| formatDate function| formatDateAndTime function| formatTimeStamp function| formatDateString function| _formatDT function| formatNewsfeedDate function| GetClientUTC function| getKey function| getPricing function| getColumnCost function| getUnitCost function| formatQuantity function| formatError function| buildSlider function| getProvinces function| getStates function| getAUStates function| getCountries function| get_location function| Lists function| getPermission function| checkPermission function| fixFooter function| displayTooltip function| setupTooltip function| uploadFile function| uploadGuestFile function| onUserImageError function| download object| CSKU boolean| MARKETPLACE_ACCESS_ENABLED function| isOldDashboardLink function| getLocationByIdentity function| $ function| jQuery function| DP_jQuery_1708370199284 function| addColorOnBtn

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN