urlscan.io logo urlscan.io
SecurityTrails logo

54.145.252.160 Open in urlscan Pro
54.145.252.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://54.145.252.160/
Effective URL: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Submission Tags: falconsandbox
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 54.145.252.160, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 54.145.252.160.
TLS certificate: Issued by Amazon on December 21st 2021. Valid for: a year.
This is the only time 54.145.252.160 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 54.145.252.160 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 4
Apex Domain
Subdomains		 Transfer
3 cdn-marketing-reports.com
cdn.cdn-marketing-reports.com
38 KB
1 gstatic.com
fonts.gstatic.com
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
8 3
Domain Requested by
3 cdn.cdn-marketing-reports.com 54.145.252.160
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 54.145.252.160
8 3

This site contains links to these domains. Also see Links.

Domain
raventools.com
www.tapclicks.com
Subject Issuer Validity Valid
*.raventools.com
Amazon		 2021-12-21 -
2023-01-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-05 -
2023-06-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Frame ID: 55222000AE768A1C813EE04CA8B9AD38
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Raven Login

Page URL History Show full URLs

  1. http://54.145.252.160/ HTTP 301
    https://54.145.252.160/ HTTP 302
    https://54.145.252.160/tools/m/start HTTP 302
    https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

63 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

199 kB
Transfer

759 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://54.145.252.160/ HTTP 301
    https://54.145.252.160/ HTTP 302
    https://54.145.252.160/tools/m/start HTTP 302
    https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
54.145.252.160/tools/m/login/
Redirect Chain
  • http://54.145.252.160/
  • https://54.145.252.160/
  • https://54.145.252.160/tools/m/start
  • https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.252.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-252-160.compute-1.amazonaws.com
Software
Apache / PHP/5.6.40
Resource Hash
6fd57b67a56d82f9d7398d70ffa5d0251e344aaef4f1521f99a2bdf1c2ae0e30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
1420
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Jun 2022 00:37:33 GMT
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40

Redirect headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Jun 2022 00:37:32 GMT
Location
/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
32c7c6a04efabb1f5dc0e28994e942f3.css
54.145.252.160/dm/ 		58 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://54.145.252.160/dm/32c7c6a04efabb1f5dc0e28994e942f3.css
Requested by
Host: 54.145.252.160
URL: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.252.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-252-160.compute-1.amazonaws.com
Software
Apache / PHP/5.6.40
Resource Hash
01f8a6300de173dc0515e06e1c956cd24fafb372939ce461dd533ccdb8b9196e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 24 Jun 2022 00:37:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 16:16:36 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Length
8044
Expires
Fri, 24 Jun 2022 01:37:33 GMT
ae7a646e74f15c9228ed0112b5f0683c.js
54.145.252.160/dm/ 		642 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://54.145.252.160/dm/ae7a646e74f15c9228ed0112b5f0683c.js
Requested by
Host: 54.145.252.160
URL: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.252.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-252-160.compute-1.amazonaws.com
Software
Apache / PHP/5.6.40
Resource Hash
e0f6e3a01875444401f606d12bc2787503508affa6fea33de03404e0620e48b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 24 Jun 2022 00:37:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 16:16:36 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=3600
transfer-encoding
chunked
Connection
keep-alive
Expires
Fri, 24 Jun 2022 01:37:33 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish&display=swap
Requested by
Host: 54.145.252.160
URL: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5ce2682e921d434c633fe6f769780337ba0d7d200cc884e4eed4d0ce9d2cb68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://54.145.252.160/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 23:58:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 24 Jun 2022 00:37:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Jun 2022 00:37:33 GMT
raven-new-logo-white.svg
cdn.cdn-marketing-reports.com/assets/img/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cdn-marketing-reports.com/assets/img/raven-new-logo-white.svg
Requested by
Host: 54.145.252.160
URL: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:7c25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aefe192640109049dbe3a19aa0cd08688846c6320db7f69250cfc49f9203cfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://54.145.252.160/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 00:37:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 23 Jun 2022 15:22:03 GMT
server
cloudflare
etag
"2406-5e21f04073cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
72016544cb5e90fe-FRA
content-length
3343
expires
Sat, 25 Jun 2022 00:37:33 GMT
icon-external-link.svg
cdn.cdn-marketing-reports.com/assets/img/ 		597 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cdn-marketing-reports.com/assets/img/icon-external-link.svg
Requested by
Host: 54.145.252.160
URL: https://54.145.252.160/tools/m/login/?ref=%2Ftools%2Fm%2Fstart&dmnrdr=62b5074cbcfa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:7c25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5d0b859025e23734059cacf0848d5376d538967df1b1465e69db5687ba8dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://54.145.252.160/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 00:37:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Jun 2022 15:22:03 GMT
server
cloudflare
etag
"255-5e21f04073cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
720165477c5390fe-FRA
content-length
333
expires
Sat, 25 Jun 2022 00:37:34 GMT
1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
fonts.gstatic.com/s/mulish/v11/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v11/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNR8aevGw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b00cc37bebabd4ff71a567f5c7502f1be92a4997160b4a46fa574b4fc6cac4ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://54.145.252.160
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:18:11 GMT
x-content-type-options
nosniff
age
199163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11152
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 17:18:11 GMT
VerbMedium-webfont.woff
cdn.cdn-marketing-reports.com/assets/webfonts/verb/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.cdn-marketing-reports.com/assets/webfonts/verb/VerbMedium-webfont.woff
Requested by
Host: 54.145.252.160
URL: https://54.145.252.160/dm/32c7c6a04efabb1f5dc0e28994e942f3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:7c25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f405989d91be51f370b7bfd159a9a12dde31c057e6050dccfe9f938156bce184

Request headers

Referer
https://54.145.252.160/
Origin
https://54.145.252.160
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 00:37:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Jun 2022 15:22:03 GMT
server
cloudflare
etag
W/"86b8-5e21f04073cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
7201654839c99196-FRA
expires
Sat, 25 Jun 2022 00:37:34 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| GAMMA object| Handlebars function| toString string| functionType object| handlebars object| Raven function| $ function| jQuery function| _ object| fn function| PubSubParent object| PubSub boolean| Widget_Debug object| widget_factory_instance object| WidgetFactory object| widgets function| Widget object| collections object| api object| class_api object| models object| instances function| JSError object| loading object| available function| setLoading function| clearLoading function| setAvailable function| isAvailable function| getInstance function| isLoading function| model_prototype object| ModelFactory object| Login string| widget_controller_url object| implementation object| ret_templates string| tplname

3 Cookies

Domain/Path Name / Value
54.145.252.160/ Name: AWSELB
Value: 7FE52D45045E9FE2A2E9653DBB25A35C319A18479124E93D46D913A53EA2204E3A7D33612E503A5FE18D1BEAE54BFFDF7814C48FAE450F7DE40D563AE7A20792AD8B898315
54.145.252.160/ Name: AWSELBCORS
Value: 7FE52D45045E9FE2A2E9653DBB25A35C319A18479124E93D46D913A53EA2204E3A7D33612E503A5FE18D1BEAE54BFFDF7814C48FAE450F7DE40D563AE7A20792AD8B898315
54.145.252.160/ Name: raven_session
Value: eyJzZXNzaW9uX2lkIjoiOTU4NTE0ZmQ3NWM2NTgzM2JkNmY0YThlOWJhYWU1MTEiLCJleHBpcmVfdGltZSI6MTY1ODYyMzA1Mn0%3D