d33jabh7klz3lt.cloudfront.net Open in urlscan Pro
2600:9000:2490:a00:1a:19ac:8040:21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?...
Effective URL:
https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?...
Submission: On May 21 via manual (May 21st 2024, 10:29:29 am UTC) from NO — Scanned from NO

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2600:9000:2490:a00:1a:19ac:8040:21, located in United States and belongs to AMAZON-02, US. The main domain is d33jabh7klz3lt.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d33jabh7klz3lt.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2600:9000:249... 2600:9000:2490:a00:1a:19ac:8040:21	16509 (AMAZON-02) (AMAZON-02)
1	103.224.90.49 103.224.90.49	63956 (INT-5GN-A...) (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD)
2	2

2 2600:9000:2490:a00:1a:19ac:8040:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d33jabh7klz3lt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.90.49 (Australia)

ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU)
PTR: cloudhost-68424.au-south-1.nxcli.net

babymama.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudfront.net 1 redirects d33jabh7klz3lt.cloudfront.net	3 KB
1	babymama.ph babymama.ph	695 B
2	2

	Domain	Requested by
2	d33jabh7klz3lt.cloudfront.net	1 redirects
1	babymama.ph
2	2

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9
Frame ID: BD9CFE62F8A0A2E36A68D4ECEE27E8EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-sma... HTTP 307
https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-sma... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9 HTTP 307
https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://d33jabh7klz3lt.cloudfront.net/favicon.ico HTTP 302
https://babymama.ph/wpstore/wp-content/uploads/2022/09/cropped-favicon_green-32x32.png

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request wt-smart-coupon-public.js Show response d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/ Redirect Chain http://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9 https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9	7 KB 2 KB	200ms 62ms	Document application/x-javascript	2600:9000:2490:a00:1a:19ac:8040:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:a00:1a:19ac:8040:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `07a5241b763163decee8b2f29de2bc3c097690de30999345aedba7d5fdb76186` Request headers Accept-Language no-NO,no;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 11714652 cache-control max-age=31536000 content-encoding gzip content-length 1798 content-type application/x-javascript date Sat, 06 Jan 2024 20:25:11 GMT expires Sun, 05 Jan 2025 20:25:11 GMT last-modified Sat, 26 Aug 2023 06:11:59 GMT referrer-policy no-referrer-when-downgrade server nginx vary Accept-Encoding via 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront) x-amz-cf-id 2QHW4Z96slNQvU2bdtvxTBPc3RIHtsGy2I9fkCCQRUNjZ-PHGw4lTg== x-amz-cf-pop FRA56-P6 x-cache Hit from cloudfront x-cache-nxaccel MISS Redirect headers Location https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9 Non-Authoritative-Reason HttpsUpgrades
GET H2	200	cropped-favicon_green-32x32.png babymama.ph/wpstore/wp-content/uploads/2022/09/ Redirect Chain https://d33jabh7klz3lt.cloudfront.net/favicon.ico https://babymama.ph/wpstore/wp-content/uploads/2022/09/cropped-favicon_green-32x32.png	474 B 695 B	1410ms 689ms	Other image/webp	103.224.90.49 INT-5GN-AS-AP 5G ...
General Check archive.org Show headers Download Go to Full URL https://babymama.ph/wpstore/wp-content/uploads/2022/09/cropped-favicon_green-32x32.png Protocol H2 Server 103.224.90.49 , Australia, ASN63956 (INT-5GN-AS-AP 5G NETWORK OPERATIONS PTY LTD, AU), Reverse DNS cloudhost-68424.au-south-1.nxcli.net Software nginx / Resource Hash `bffe6c6c1c744e4327706c243b90c1b3cb535d322827c34470f7df4e4d43c557` Request headers Accept-Language no-NO,no;q=0.9;q=0.9 Referer https://d33jabh7klz3lt.cloudfront.net/wpstore/wp-content/plugins/wt-smart-coupons-for-woocommerce/public/js/wt-smart-coupon-public.js?ver=1.4.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Tue, 21 May 2024 10:29:27 GMT referrer-policy no-referrer-when-downgrade last-modified Tue, 27 Sep 2022 13:58:10 GMT server nginx etag "1da-5e9a908d285fe" vary Accept,User-Agent x-cache-nxaccel MISS content-type image/webp access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 474 expires Wed, 21 May 2025 10:29:27 GMT Redirect headers date Tue, 21 May 2024 10:29:25 GMT content-encoding gzip via 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront) last-modified Tue, 21 May 2024 10:22:07 GMT server nginx x-amz-cf-pop FRA56-P6 etag "7ef3933d0347a8eb9b3dbf6f4b035b78" vary Accept-Encoding x-cache-nxaccel MISS content-type text/html; charset=UTF-8 location https://babymama.ph/wpstore/wp-content/uploads/2022/09/cropped-favicon_green-32x32.png x-cache Miss from cloudfront link <https://babymama.ph/wp-json/>; rel="https://api.w.org/" x-amz-cf-id NoCFOPFfef9ps-RaRGOGnVba09s7Ybx02Za0j7TRhgxGrM-5rU26uA==

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

babymama.ph
d33jabh7klz3lt.cloudfront.net
103.224.90.49
2600:9000:2490:a00:1a:19ac:8040:21
07a5241b763163decee8b2f29de2bc3c097690de30999345aedba7d5fdb76186
bffe6c6c1c744e4327706c243b90c1b3cb535d322827c34470f7df4e4d43c557

d33jabh7klz3lt.cloudfront.net Open in urlscan Pro 2600:9000:2490:a00:1a:19ac:8040:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

50 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

3 kBTransfer

7 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

d33jabh7klz3lt.cloudfront.net Open in urlscan Pro
2600:9000:2490:a00:1a:19ac:8040:21 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions