prescreen.staging.safedzone.com Open in urlscan Pro
65.9.71.89 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prescreen.staging.safedzone.com/
Submission: On November 18 via automatic, source certstream-suspicious (November 18th 2021, 2:16:51 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 65.9.71.89, located in United States and belongs to AMAZON-02, US. The main domain is prescreen.staging.safedzone.com.
TLS certificate: Issued by Amazon on December 18th 2020. Valid for: a year.

This is the only time prescreen.staging.safedzone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	65.9.71.89 65.9.71.89	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2600:1f18:41d... 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	5

7 65.9.71.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-89.fra56.r.cloudfront.net

prescreen.staging.safedzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cognito-identity.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	safedzone.com prescreen.staging.safedzone.com	659 KB
4	amazonaws.com cognito-identity.us-east-1.amazonaws.com	2 KB
2	gstatic.com fonts.gstatic.com	40 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	33 KB
1	googleapis.com fonts.googleapis.com	1 KB
16	5

	Domain	Requested by
7	prescreen.staging.safedzone.com	prescreen.staging.safedzone.com
4	cognito-identity.us-east-1.amazonaws.com	prescreen.staging.safedzone.com
2	fonts.gstatic.com	fonts.googleapis.com
1	maxcdn.bootstrapcdn.com	prescreen.staging.safedzone.com
1	fonts.googleapis.com	prescreen.staging.safedzone.com
1	stackpath.bootstrapcdn.com	prescreen.staging.safedzone.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
*.prescreen.staging.safedzone.com Amazon	`2020-12-18` - `2022-01-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
cognito-identity.us-east-1.amazonaws.com Amazon	`2021-07-07` - `2022-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prescreen.staging.safedzone.com/
Frame ID: 95443F1BE82F5D9F5B4079C971670E8A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Health Pass

Page Statistics

16
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

735 kB
Transfer

2662 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
prescreen.staging.safedzone.com/ 4 KB
2 KB 182ms
153ms Document
text/html 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 734b111b153a5d6f9300c13433c914db63d27bd9fcb3c1a4a9d867df676bf719

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
date: Thu, 18 Nov 2021 02:16:48 GMT
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
etag: W/"a63597024b5db403e5e74f9723463adf"
x-amz-server-side-encryption: AES256
server: AmazonS3
cache-control: no-cache, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xwjxRFn8RP7n5RQtE4Y098cX31f_6AUXEbKq85n_Fq43Y7_KTxkCrw==

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 87ms
49ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prescreen.staging.safedzone.com/
Origin: https://prescreen.staging.safedzone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 08/03/2021 15:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b196f64494fe7d7fef11a9330b2abaac
cf-ray: 6afdb2df0921d61c-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Requested by

Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ca4b54cfda22ea49baa858eef2b34c04e48f4f99025922d811bcf70fa70b225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 18 Nov 2021 02:16:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Nov 2021 02:16:47 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/ 30 KB
7 KB 34ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Requested by

Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617
age: 20754495
cdn-cachedat: 2021-03-11 11:58:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3cd2c79d2a226e82c59e22a633cb615d
cf-ray: 6afdb2dee83f5bf5-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 3.92fc1f0a.chunk.css
prescreen.staging.safedzone.com/static/css/ 149 KB
24 KB 312ms
311ms Stylesheet
text/css 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prescreen.staging.safedzone.com/static/css/3.92fc1f0a.chunk.css
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b86a749ccba351f83b4383124f4c64eb081ba0c9e3142929a5c85dd03513623

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Nov 2021 02:16:48 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"7f7e0261c8999bef724d451c7eefed76"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cache-control: no-cache, s-maxage=2
x-amz-cf-id: iRsm_BAQS_UINiTk6xnSD9LvAYqoq_C-MZXwWuEp8Aind0f-Dc9Mmg==

GET
H2 200 main.1f8c90ac.chunk.css
prescreen.staging.safedzone.com/static/css/ 324 KB
53 KB 227ms
226ms Stylesheet
text/css 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prescreen.staging.safedzone.com/static/css/main.1f8c90ac.chunk.css
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f52baa88bde8945ba16ae835d37930f3096b2eb70066a0c2527cf24687823202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Nov 2021 02:16:48 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"79d81cbfcc36e385e038fda7e4c5b27e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cache-control: no-cache, s-maxage=2
x-amz-cf-id: 3RhVCr-z5TaPmnU1RjH-TPZFdzwwbOKoWKDjocSvpxJjHpQtk0STMg==

GET
H2 200 3.62e91858.chunk.js Show response
prescreen.staging.safedzone.com/static/js/ 2 MB
541 KB 240ms
239ms Script
application/javascript 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prescreen.staging.safedzone.com/static/js/3.62e91858.chunk.js
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a8855cf6b034cd4f80f79706f2699e44598c56a860f77bf3b3003559491efd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Nov 2021 02:16:48 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"741dd7ea52f0299b56cae097398c8798"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cache-control: no-cache, s-maxage=2
x-amz-cf-id: 2RIXxBO8GIoBu56jrKArRMmxXz6x7HHrJjdUUlY-zM8Sg1XAokcmpQ==

GET
H2 200 main.e4f93cd2.chunk.js Show response
prescreen.staging.safedzone.com/static/js/ 28 KB
8 KB 199ms
198ms Script
application/javascript 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prescreen.staging.safedzone.com/static/js/main.e4f93cd2.chunk.js
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 649db970e5d28869304c2c9be04004a6bd62a54d6eb57e5df818ad8db3eca835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Nov 2021 02:16:48 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"085ccd8fa2c4cd1fbbab77ce300b1b4d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cache-control: no-cache, s-maxage=2
x-amz-cf-id: k9HprQlP2I95_o2QPYvOIMNn2q6MwXUu5MU9_fCEiW5gzOwJj-OIYA==

OPTIONS
H2 200 /
cognito-identity.us-east-1.amazonaws.com/ 0
0 308ms
100ms Preflight 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-east-1.amazonaws.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Origin: https://prescreen.staging.safedzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 18 Nov 2021 02:16:47 GMT
content-length: 0
x-amzn-requestid: 66b351d5-d69f-497c-a2ef-ce0a625c57c5
access-control-allow-origin: *
access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800

GET
H2 200 logo_customer.jpg
prescreen.staging.safedzone.com/ 25 KB
26 KB 382ms
381ms Image
image/jpeg 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prescreen.staging.safedzone.com/logo_customer.jpg
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c729ffda07889f62d503bb1a52145d11baf9dc99daa1f39ff57b48081c6e6a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Nov 2021 02:16:48 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "8bdd6809e8ea52c87a3db1fef7fdba83"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: no-cache, s-maxage=2
accept-ranges: bytes
content-length: 25719
x-amz-cf-id: IRqJarw8n7sn2khb7ZlRd3yGYybBG6Sv6Tgj_f3KwY_VE3fAHpmpXQ==

GET
H2 200 logo_sdz.png
prescreen.staging.safedzone.com/ 5 KB
5 KB 179ms
178ms Image
image/png 65.9.71.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prescreen.staging.safedzone.com/logo_sdz.png
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee7f2d542e9c68463d562d6ef326792014f5cc8f408cb7068046dac291af01cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prescreen.staging.safedzone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 18 Nov 2021 02:16:48 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 04:16:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "12a25a6f3cde8d936b1459b636f13def"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, s-maxage=2
accept-ranges: bytes
content-length: 4615
x-amz-cf-id: M0gdGSZV_ycWJqLB3JQRagGEk6VWHrE-kg8BoHHCDXnmrLE-WR-4FQ==

POST
H2 200 / Show response
cognito-identity.us-east-1.amazonaws.com/ 63 B
271 B 118ms
118ms Fetch
application/x-amz-json-1.1 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-east-1.amazonaws.com/
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/static/js/3.62e91858.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 39392c9ba2aca0672eb0526cbed978c91128a3a12ddb2ba4f34ed0654657471a

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/x-amz-json-1.1
amz-sdk-invocation-id: affdedfa-0b8b-46f7-8816-1d2461a89cfa
Referer: https://prescreen.staging.safedzone.com/
amz-sdk-request: attempt=1; max=3
x-amz-target: AWSCognitoIdentityService.GetId
x-amz-user-agent: aws-sdk-js-v3-@aws-sdk/client-cognito-identity/1.0.0-rc.4 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 aws-amplify/3.8.7 js

Response headers

access-control-allow-origin: *
date: Thu, 18 Nov 2021 02:16:48 GMT
content-type: application/x-amz-json-1.1
x-amzn-requestid: 0f65be45-f6b1-409e-b12c-a1f9fc3684af
content-length: 63
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://prescreen.staging.safedzone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:44:42 GMT
x-content-type-options: nosniff
age: 502325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 06:44:42 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 35ms
12ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://prescreen.staging.safedzone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:40:37 GMT
x-content-type-options: nosniff
age: 38170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 15:40:37 GMT

POST
H2 200 / Show response
cognito-identity.us-east-1.amazonaws.com/ 2 KB
2 KB 137ms
136ms Fetch
application/x-amz-json-1.1 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-east-1.amazonaws.com/
Requested by: Host: prescreen.staging.safedzone.com
URL: https://prescreen.staging.safedzone.com/static/js/3.62e91858.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 3b0cd6b06180310107a7cf65868ce52c4f16c7502bc6d11a68c129bc6741a9ab

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/x-amz-json-1.1
amz-sdk-invocation-id: 4fc27e0a-b903-48e7-bc38-366ff3d5320c
Referer: https://prescreen.staging.safedzone.com/
amz-sdk-request: attempt=1; max=3
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity
x-amz-user-agent: aws-sdk-js-v3-@aws-sdk/client-cognito-identity/1.0.0-rc.4 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 aws-amplify/3.8.7 js

Response headers

access-control-allow-origin: *
date: Thu, 18 Nov 2021 02:16:48 GMT
content-type: application/x-amz-json-1.1
x-amzn-requestid: 99f7711c-e3c7-46b2-9a3d-f6dd20a86aab
content-length: 1784
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

OPTIONS
H2 200 /
cognito-identity.us-east-1.amazonaws.com/ 0
0 100ms
100ms Preflight 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-east-1.amazonaws.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:41d6:7402:17a7:2fe5:db36:5a82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Origin: https://prescreen.staging.safedzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 18 Nov 2021 02:16:48 GMT
content-length: 0
x-amzn-requestid: 4de775f5-7621-4fa3-ab46-8797f815458a
access-control-allow-origin: *
access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cognito-identity.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
prescreen.staging.safedzone.com
stackpath.bootstrapcdn.com
2600:1f18:41d6:7402:17a7:2fe5:db36:5a82
2606:4700::6812:acf
2a00:1450:4001:810::200a
2a00:1450:4001:82f::2003
65.9.71.89
2a8855cf6b034cd4f80f79706f2699e44598c56a860f77bf3b3003559491efd1
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
39392c9ba2aca0672eb0526cbed978c91128a3a12ddb2ba4f34ed0654657471a
3b0cd6b06180310107a7cf65868ce52c4f16c7502bc6d11a68c129bc6741a9ab
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5b86a749ccba351f83b4383124f4c64eb081ba0c9e3142929a5c85dd03513623
649db970e5d28869304c2c9be04004a6bd62a54d6eb57e5df818ad8db3eca835
6c729ffda07889f62d503bb1a52145d11baf9dc99daa1f39ff57b48081c6e6a4
734b111b153a5d6f9300c13433c914db63d27bd9fcb3c1a4a9d867df676bf719
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ca4b54cfda22ea49baa858eef2b34c04e48f4f99025922d811bcf70fa70b225
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee7f2d542e9c68463d562d6ef326792014f5cc8f408cb7068046dac291af01cf
f52baa88bde8945ba16ae835d37930f3096b2eb70066a0c2527cf24687823202

prescreen.staging.safedzone.com Open in urlscan Pro 65.9.71.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

100 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

735 kBTransfer

2662 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

prescreen.staging.safedzone.com Open in urlscan Pro
65.9.71.89 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

735 kB
Transfer

2662 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions