cerv.is Open in urlscan Pro
76.223.26.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f...
Effective URL:
https://cerv.is/0225x62
Submission: On August 01 via manual (August 1st 2023, 5:59:25 am UTC) from SG — Scanned from SG

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 76.223.26.253, located in United States and belongs to AMAZON-02, US. The main domain is cerv.is.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 9th 2023. Valid for: a year.

This is the only time cerv.is was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	76.223.26.253 76.223.26.253	16509 (AMAZON-02) (AMAZON-02)
4	13.33.88.38 13.33.88.38	16509 (AMAZON-02) (AMAZON-02)
8	3

3 76.223.26.253 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a9d0301dccf0c93d0.awsglobalaccelerator.com

www.cervistech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cerv.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.88.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-38.sin2.r.cloudfront.net

0cd4735ce248.22155050.us-east-2.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	awswaf.com 0cd4735ce248.22155050.us-east-2.token.awswaf.com	562 KB
2	cervistech.com 1 redirects www.cervistech.com — Cisco Umbrella Rank: 472525	2 KB
1	cerv.is cerv.is	1 KB
8	3

	Domain	Requested by
4	0cd4735ce248.22155050.us-east-2.token.awswaf.com	www.cervistech.com 0cd4735ce248.22155050.us-east-2.token.awswaf.com cerv.is
2	www.cervistech.com	1 redirects
1	cerv.is	www.cervistech.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
cervistech.com Amazon RSA 2048 M01	`2023-02-09` - `2024-01-17`	a year	crt.sh
*.22155050.us-east-2.token.awswaf.com Amazon RSA 2048 M02	`2023-03-01` - `2023-10-18`	8 months	crt.sh

This page contains 1 frames:

Primary Page: https://cerv.is/0225x62
Frame ID: 459424CA6131C6EB0C3BF2690072C68C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_t... Page URL
https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_t... HTTP 302
https://cerv.is/0225x62 Page URL

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

565 kB
Transfer

2109 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 Page URL
https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 HTTP 302
https://cerv.is/0225x62 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	202	safelink.php Show response www.cervistech.com/acts/module/	1 KB 1 KB	681ms 202ms	Document text/html	76.223.26.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.223.26.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a9d0301dccf0c93d0.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash `9fddb20145fa2aa202ac62c2a4df712d4ec76beaa62d1cf5fe1f756e26cb7019` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, max-age=0 content-length 1247 content-type text/html; charset=UTF-8 date Tue, 01 Aug 2023 05:59:17 GMT server awselb/2.0 x-amzn-waf-action challenge
GET H2	200	challenge.js Show response 0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/	1 MB 280 KB	848ms 827ms	Script text/javascript	13.33.88.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js Requested by Host: www.cervistech.com URL: https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-38.sin2.r.cloudfront.net Software / Resource Hash `1e36e7c58ec1b7ec780224d50771d76c5b89fbc9b6f232fa73966eedcc5d7024` Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.cervistech.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Tue, 01 Aug 2023 05:59:18 GMT content-encoding gzip via 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 vary Accept-Encoding x-cache Miss from cloudfront x-amzn-waf-challenge-id Root=1-64c89f36-4e5188f738ad922c7acf22c0 content-type text/javascript cache-control private, max-age=86400 x-amz-cf-id 9qZl5OFIYsMYL0WRzNgDzygXz_UK9UF3IHzViQzMma7XlUUtbo55-g== expires 0
POST H2	200	verify Show response 0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/	316 B 734 B	946ms 933ms	Fetch application/json	13.33.88.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/verify Requested by Host: 0cd4735ce248.22155050.us-east-2.token.awswaf.com URL: https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-38.sin2.r.cloudfront.net Software / Resource Hash `c04b3c2ae4ea4f1723695c97ba1b5f74aa09cd833f3eab1691ec8c04b4e44359` Request headers Referer https://www.cervistech.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 01 Aug 2023 05:59:20 GMT via 1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 access-control-max-age 86400 access-control-allow-methods OPTIONS,GET,POST content-type application/json access-control-allow-origin * x-cache Miss from cloudfront x-amzn-waf-challenge-id Root=1-64c89f38-5d1f1cf740cfc0c435d6e61a cache-control no-cache, no-store, must-revalidate content-length 316 x-amz-cf-id NSOukRKvaHNEMYUlNmzicRvAtV6j3Wrgda3ZhvGNNPahO3BbIQZlhw== expires 0
POST H2	200	telemetry 0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/	880 B 1 KB	811ms 810ms	Fetch application/json	13.33.88.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/telemetry Requested by Host: 0cd4735ce248.22155050.us-east-2.token.awswaf.com URL: https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-38.sin2.r.cloudfront.net Software / Resource Hash Request headers Referer https://www.cervistech.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 01 Aug 2023 05:59:22 GMT via 1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 access-control-max-age 86400 access-control-allow-methods OPTIONS,GET,POST content-type application/json access-control-allow-origin * x-cache Miss from cloudfront x-amzn-waf-challenge-id Root=1-64c89f3a-7d840885216ef6a8756d8068 cache-control no-cache, no-store, must-revalidate content-length 880 x-amz-cf-id 0GClkPXP64kl02Pui5ZlhQlpRt0zb3dAQ6DMqNO36_z_pYR2EqoSLw== expires 0
GET H2	202	Primary Request 0225x62 Show response cerv.is/ Redirect Chain https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 https://cerv.is/0225x62	1 KB 1 KB	219ms 208ms	Document text/html	76.223.26.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cerv.is/0225x62 Requested by Host: www.cervistech.com URL: https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.223.26.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a9d0301dccf0c93d0.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash `9fddb20145fa2aa202ac62c2a4df712d4ec76beaa62d1cf5fe1f756e26cb7019` Request headers Referer https://www.cervistech.com/acts/module/safelink.php?orig_type=email&org_id=0225&tc=fbd1d51ccb2d04a&tc_tok=bb56c30c9d97dfb6f04d5354d4f31260&orig_url=https://cerv.is/0225x62 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, max-age=0 content-length 1247 content-type text/html; charset=UTF-8 date Tue, 01 Aug 2023 05:59:22 GMT server awselb/2.0 x-amzn-waf-action challenge Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Tue, 01 Aug 2023 05:59:22 GMT location https://cerv.is/0225x62 referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; preload x-content-type-options nosniff
POST		telemetry 0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/	0 0

GET H2	200	challenge.js Show response 0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/	1 MB 280 KB	1010ms 1010ms	Script text/javascript	13.33.88.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/challenge.js Requested by Host: cerv.is URL: https://cerv.is/0225x62 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-38.sin2.r.cloudfront.net Software / Resource Hash `37447d568abbc65d1b63ae392fe0de12f58a74d2d907ecd8ccf714f778b2f622` Request headers accept-language zh-SG,zh;q=0.9 Referer https://cerv.is/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Tue, 01 Aug 2023 05:59:23 GMT content-encoding gzip via 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 vary Accept-Encoding x-cache Miss from cloudfront x-amzn-waf-challenge-id Root=1-64c89f3b-6cd685c5201040c05ec3c679 content-type text/javascript cache-control private, max-age=86400 x-amz-cf-id 9KfAOcBh8SCw6MQkANH8qF71dcMKr2ts4HnKg044Rrr-zxY9Z-wejw== expires 0
POST		verify 0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 0cd4735ce248.22155050.us-east-2.token.awswaf.com
URL: https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/telemetry

Domain: 0cd4735ce248.22155050.us-east-2.token.awswaf.com
URL: https://0cd4735ce248.22155050.us-east-2.token.awswaf.com/0cd4735ce248/7f0a9c6dcd4a/ee219a7382cb/verify

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| awsWafCookieDomainList

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.cervistech.com/	1970-01-20 13:46:55	Name: aws-waf-token Value: abd77c26-6c11-445a-846e-823f208c0d79:EgoAdJwoW5YOAAAA:rESxSdR6NrI/TOzmTsrPc9xXE4bY4UylIVd2YvdFDpM7alpX3Dfl/GyiqZY4rnYl4u8E4VEhyE8Q1WLmhMeaUrjkZvpV8qcdwb2QDJdMai2YwhNDV4/P37km1ygUwRpI9FgZAoqnnl6+a8iWQiL5EHJjysVMZ525CBdo52f2dDYUJgWoOTtO4V77P0vMzf0RWaDs1Rvqhua+2Q/TRpBOD5CBOaGs+x+mT3/sDPbv2mi7H3oIsAMLP/fTQMSPtE7om7QNgKhRCLi/28jB4VHUJdQR+ra9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cd4735ce248.22155050.us-east-2.token.awswaf.com
cerv.is
www.cervistech.com
0cd4735ce248.22155050.us-east-2.token.awswaf.com
13.33.88.38
76.223.26.253
1e36e7c58ec1b7ec780224d50771d76c5b89fbc9b6f232fa73966eedcc5d7024
37447d568abbc65d1b63ae392fe0de12f58a74d2d907ecd8ccf714f778b2f622
9fddb20145fa2aa202ac62c2a4df712d4ec76beaa62d1cf5fe1f756e26cb7019
c04b3c2ae4ea4f1723695c97ba1b5f74aa09cd833f3eab1691ec8c04b4e44359

cerv.is Open in urlscan Pro 76.223.26.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

565 kBTransfer

2109 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

cerv.is Open in urlscan Pro
76.223.26.253 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

565 kB
Transfer

2109 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions