amundsen.shortest-route.com Open in urlscan Pro
91.192.43.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic%2Fread_message.jsp%...
Effective URL:
https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Submission: On May 15 via manual (May 15th 2024, 2:29:47 am UTC) from IN — Scanned from NZ

Summary HTTP 10 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 91.192.43.153, located in Germany and belongs to GLOBALACCESS, DE. The main domain is amundsen.shortest-route.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 20th 2023. Valid for: a year.

This is the only time amundsen.shortest-route.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.192.43.151 91.192.43.151	15960 (GLOBALACCESS) (GLOBALACCESS)
2	91.192.43.153 91.192.43.153	15960 (GLOBALACCESS) (GLOBALACCESS)
2	2404:6800:400... 2404:6800:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	91.192.43.154 91.192.43.154	15960 (GLOBALACCESS) (GLOBALACCESS)
3	52.95.129.3 52.95.129.3	16509 (AMAZON-02) (AMAZON-02)
1	54.176.0.33 54.176.0.33	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4006:811::2003	15169 (GOOGLE) (GOOGLE)
10	6

2 91.192.43.151 (Germany) 2 redirects

ASN15960 (GLOBALACCESS, DE)

news.easypromo.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.192.43.153 (Germany)

ASN15960 (GLOBALACCESS, DE)

amundsen.shortest-route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:809::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.43.154 (Germany)

ASN15960 (GLOBALACCESS, DE)

news.easypromo.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.129.3 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.176.0.33 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-0-33.us-west-1.compute.amazonaws.com

tracking.gopsjump.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:811::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	amazonaws.com s3-ap-southeast-2.amazonaws.com	215 KB
3	easypromo.nz 2 redirects news.easypromo.nz	971 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
2	shortest-route.com amundsen.shortest-route.com	25 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	gopsjump.com.au tracking.gopsjump.com.au	523 B
10	6

	Domain	Requested by
3	s3-ap-southeast-2.amazonaws.com	amundsen.shortest-route.com
3	news.easypromo.nz	2 redirects amundsen.shortest-route.com
2	fonts.googleapis.com	amundsen.shortest-route.com
2	amundsen.shortest-route.com
1	fonts.gstatic.com	fonts.googleapis.com
1	tracking.gopsjump.com.au	amundsen.shortest-route.com
10	6

This site contains links to these domains. Also see Links.

Domain
news.easypromo.nz

Subject Issuer	Validity	Valid
cook.shortest-route.com GeoTrust TLS RSA CA G1	`2023-07-20` - `2024-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
secure.ecircle-ag.com RapidSSL TLS RSA CA G1	`2024-02-11` - `2025-03-06`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-01` - `2025-01-07`	a year	crt.sh
tracking.gopsjump.com.au Amazon RSA 2048 M03	`2024-02-10` - `2025-03-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Frame ID: CC7CB650E1437B2F2B67265FF4C1BA66
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic... HTTP 307
https://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic... HTTP 302
http://news.easypromo.nz/public/read_message.jsp?tsp=1715727888782&custid=8758&uid=9482291069&sig=CLP... HTTP 307
https://news.easypromo.nz/public/read_message.jsp?tsp=1715727888782&custid=8758&uid=9482291069&sig=CLP... HTTP 302
https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

90 %
HTTPS

29 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

276 kB
Transfer

299 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://news.easypromo.nz/public/read_message.jsp?tsp=1715740181900&custid=8758&uid=9482291069&sig=COBCBEGKBEADFDPB&mid=855652541
Title: click here

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/re?l=DIe5flq5I4ctiem5I0ITlw6zzmmd&s=JMIGHLDLEIIJKHBM&req=aff_sub5%3D855652541

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/re?l=DIe5flq5I4ctiem5I1ITlw6zzmmd&s=JMIGHLDLEIIJKHBM&req=aff_sub5%3D855652541

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/re?l=DIe5flq5I4ctiem5I2ITlw6zzmmd&s=JMIGHLDLEIIJKHBM&req=aff_sub5%3D855652541
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/re?l=DIe5flq5I4ctiem5I3ITlw6zzmmd&s=JMIGHLDLEIIJKHBM&req=aff_sub5%3D855652541
Title: Get Started

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/re?l=DIe5flq5I4ctiem5I4ITlw6zzmmd&s=JMIGHLDLEIIJKHBM
Title: here.

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/re?l=DIe5flq5I4ctiem5I5ITlw6zzmmd&s=JMIGHLDLEIIJKHBM&req=email%3Drichard.hooper%40downergroup.com
Title: click here.

Search URL Search Domain Scan URL

URL: http://news.easypromo.nz/public/unsubscribe.jsp?gid=851464186&uid=9482291069&mid=855652541&sig=HNMDDMBPHKFPLJCI&&slt=4
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic%2Fread_message.jsp%3Ftsp%3D1715727888782%26custid%3D8758%26uid%3D9482291069%26sig%3DCLPHBMNOHDDEMOLE%26mid%3D855652541&s=PJFOEMHENEAGEJFE HTTP 307
https://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic%2Fread_message.jsp%3Ftsp%3D1715727888782%26custid%3D8758%26uid%3D9482291069%26sig%3DCLPHBMNOHDDEMOLE%26mid%3D855652541&s=PJFOEMHENEAGEJFE HTTP 302
http://news.easypromo.nz/public/read_message.jsp?tsp=1715727888782&custid=8758&uid=9482291069&sig=CLPHBMNOHDDEMOLE&mid=855652541 HTTP 307
https://news.easypromo.nz/public/read_message.jsp?tsp=1715727888782&custid=8758&uid=9482291069&sig=CLPHBMNOHDDEMOLE&mid=855652541 HTTP 302
https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request read_message.jsp;jsessionid=0;apw64 Show response
amundsen.shortest-route.com/easypromo/public/
Redirect Chain

http://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic%2Fread_message.jsp%3Ftsp%3D1715727888782%26custid%3D8758%26uid%3D9482291069%26sig%3DCLPHBMNOHDD...
https://news.easypromo.nz/re?l=BD0Ie5flq5I4ctiem5Ilw7033p3I0&u=http%3A%2F%2Fnews.easypromo.nz%2Fpublic%2Fread_message.jsp%3Ftsp%3D1715727888782%26custid%3D8758%26uid%3D9482291069%26sig%3DCLPHBMNOHD...
http://news.easypromo.nz/public/read_message.jsp?tsp=1715727888782&custid=8758&uid=9482291069&sig=CLPHBMNOHDDEMOLE&mid=855652541
https://news.easypromo.nz/public/read_message.jsp?tsp=1715727888782&custid=8758&uid=9482291069&sig=CLPHBMNOHDDEMOLE&mid=855652541
https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792

24 KB
25 KB

1299ms
643ms

Document
text/html

91.192.43.153
GLOBALACCESS

General

Check archive.org

Show headers Download Go to

Full URL

https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.192.43.153 , Germany, ASN15960 (GLOBALACCESS, DE),

Reverse DNS

Software

WebServer /

Resource Hash

aed50ae4b05f4d2d3af8ffa1d8adaf7fd67507370b1efdb91a9d4a96ce3f72a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, no-cache, no-store, must-revalidate, proxy-revalidate
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 02:29:41 GMT
expires: Tue, 14 May 2024 02:29:41 GMT
feature-policy: autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
p3p: CP="CAO PSA OUR"
pragma: no-cache
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: WebServer
strict-transport-security: max-age=63072000; includeSubDomains
transfer-encoding: chunked
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Wed, 15 May 2024 02:29:40 GMT
feature-policy: autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
location: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: WebServer
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 644ms
249ms Stylesheet
text/css 2404:6800:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i

Requested by

Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 02:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 01:35:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 02:29:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
722 B 738ms
344ms Stylesheet
text/css 2404:6800:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

156d6126d329168667f3fc9fd67a12202eae1ac3619318e0fff058fb74944c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 02:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 01:30:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 02:29:42 GMT

GET
H/1.1 200 p.gif
news.easypromo.nz/tr/ 42 B
216 B 971ms
325ms Image
image/gif 91.192.43.154
GLOBALACCESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.easypromo.nz/tr/p.gif?uid=9482291069&mid=855652541&msd=1715727726661&s=PEIGKDPCHAGGDIAP&st=
Requested by: Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.192.43.154 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS
Software: WebServer /
Resource Hash: 492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed Feb 9 0:19:49 CET 2000
pragma: no-cache
date: Wed, 15 May 2024 02:29:42 GMT
server: WebServer
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK 130x40.png
s3-ap-southeast-2.amazonaws.com/achtdocs/2405/MyHomeLoanCompare/ 3 KB
3 KB 207ms
79ms Image
image/png 52.95.129.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/achtdocs/2405/MyHomeLoanCompare/130x40.png
Requested by: Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.3 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: cbf960951b168e553f544c891585b1d72ad7a24c1dc99299d39670b6659610a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 02:29:43 GMT
x-amz-version-id: pOFrt4w7FzQh08bnxXIbwnzXnoKb16UL
Last-Modified: Mon, 29 Apr 2024 06:57:59 GMT
Server: AmazonS3
x-amz-request-id: 47YNW6KZ46PPA0N6
ETag: "9d6bcc854e2dc0e77ca3a751ab38dc22"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2823
x-amz-id-2: Lw829/Ced100rc2hCF/369eCs98f6JUplMXOzGHGt5Ka9Pau0iTfo+qXcCwWXjDgWc7F/rafaUU=

GET
H/1.1 200
OK My-Home-Loan-Compare.png
s3-ap-southeast-2.amazonaws.com/achtdocs/2405/MyHomeLoanCompare/ 192 KB
192 KB 211ms
78ms Image
image/png 52.95.129.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/achtdocs/2405/MyHomeLoanCompare/My-Home-Loan-Compare.png
Requested by: Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.3 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36abf0c2f8f6dd6a407a20fba476f9549da1ffeac630d192b5ddb8799521f055

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 02:29:43 GMT
x-amz-version-id: LejTLP7v7o8K4wBPd7XbOQvnw6tl43GJ
Last-Modified: Mon, 29 Apr 2024 06:57:58 GMT
Server: AmazonS3
x-amz-request-id: 47YGR8WDWY6YXKRT
ETag: "4657196720c1349888ef8d847d3bdbf9"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 196565
x-amz-id-2: /wKKFuOHrd3ULZHCbUi0eSzUkfgkVSAAglKrzlTyjoUPCyagXinXpm3xAdHbk6kQ8H1GYCTwzFc=

GET
H/1.1 200
OK 512x512.png
s3-ap-southeast-2.amazonaws.com/achtdocs/2405/MyHomeLoanCompare/ 19 KB
20 KB 215ms
83ms Image
image/png 52.95.129.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-2.amazonaws.com/achtdocs/2405/MyHomeLoanCompare/512x512.png
Requested by: Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.3 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09fe0f5b0efd7754b2fe0fc4977f923e9e8832f06f932f22ca18230e835723d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 02:29:43 GMT
x-amz-version-id: Z_09FT_5rEOt_jIvy3q4.XAzo7cXEE0y
Last-Modified: Mon, 29 Apr 2024 06:57:57 GMT
Server: AmazonS3
x-amz-request-id: 47YK5XJBRJHZ5ZP0
ETag: "2cb33fc65cf23a43c34d0bc1467e29b2"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19537
x-amz-id-2: 6qXf3UFlaOscpBzDLhkeougB0oX1rqgzhcBqA+rIOJHmXQxpBQtthSf1MgjWscikFoofvtjo0b0=

GET
H/1.1 200
OK aff_i
tracking.gopsjump.com.au/ 43 B
523 B 510ms
167ms Image
image/gif 54.176.0.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.gopsjump.com.au/aff_i?offer_id=6839&file_id=50771&aff_id=8317&aff_sub5=855652541
Requested by: Host: amundsen.shortest-route.com
URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.176.0.33 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-0-33.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 15 May 2024 02:29:42 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 102b31bdd3a875bf38ac74ea82facb
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: ab0fa8b6cd79757a17c725d10542fb20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 548ms
152ms Font
font/woff2 2404:6800:4006:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://amundsen.shortest-route.com
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 03:29:11 GMT
x-content-type-options: nosniff
age: 428432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 May 2025 03:29:11 GMT

GET
H/1.1 404
Not Found favicon.ico
amundsen.shortest-route.com/ 83 B
243 B 628ms
322ms Other
text/html 91.192.43.153
GLOBALACCESS

General

Check archive.org

Show headers Download Go to

Full URL

https://amundsen.shortest-route.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.192.43.153 , Germany, ASN15960 (GLOBALACCESS, DE),

Reverse DNS

Software

Resource Hash

37aa963285b643c2e5504aa1f3dec16653e222b5b8d9531347206e3a5f51c4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: no-cache
content-length: 83
content-type: text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			amundsen.shortest-route.com/easypromo/	1970-01-20 20:35:40	Name: ECM Value: C21C4288C6F6B9D4BAA6A70FE419F51D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792 Message: Mixed Content: The page at 'https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792' was loaded over HTTPS, but requested an insecure element 'http://news.easypromo.nz/tr/p.gif?uid=9482291069&mid=855652541&msd=1715727726661&s=PEIGKDPCHAGGDIAP&st='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792(Line 161) Message: Mixed Content: The page at 'https://amundsen.shortest-route.com/easypromo/public/read_message.jsp;jsessionid=0;apw64?sigreq=-803487792' was loaded over HTTPS, but requested an insecure element 'http://news.easypromo.nz/tr/p.gif?uid=9482291069&mid=855652541&msd=1715727726661&s=PEIGKDPCHAGGDIAP&st='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://amundsen.shortest-route.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amundsen.shortest-route.com
fonts.googleapis.com
fonts.gstatic.com
news.easypromo.nz
s3-ap-southeast-2.amazonaws.com
tracking.gopsjump.com.au
2404:6800:4006:809::200a
2404:6800:4006:811::2003
52.95.129.3
54.176.0.33
91.192.43.151
91.192.43.153
91.192.43.154
09fe0f5b0efd7754b2fe0fc4977f923e9e8832f06f932f22ca18230e835723d6
156d6126d329168667f3fc9fd67a12202eae1ac3619318e0fff058fb74944c1d
36abf0c2f8f6dd6a407a20fba476f9549da1ffeac630d192b5ddb8799521f055
37aa963285b643c2e5504aa1f3dec16653e222b5b8d9531347206e3a5f51c4ae
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
aed50ae4b05f4d2d3af8ffa1d8adaf7fd67507370b1efdb91a9d4a96ce3f72a5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cbf960951b168e553f544c891585b1d72ad7a24c1dc99299d39670b6659610a7
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9

amundsen.shortest-route.com Open in urlscan Pro 91.192.43.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

29 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

276 kBTransfer

299 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

amundsen.shortest-route.com Open in urlscan Pro
91.192.43.153 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

29 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

276 kB
Transfer

299 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions