urlscan.io logo urlscan.io
SecurityTrails logo

queencharlottelodge.createsend1.com Open in urlscan Pro
54.176.81.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track.esperanza.jmsend.com/y.z?l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90L3ItZS10aWlqZHJ1ay1uamR1dWpsaG...
Effective URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santan...
Submission: On January 24 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 54.176.81.4, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is queencharlottelodge.createsend1.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 7th 2023. Valid for: a year.
This is the only time queencharlottelodge.createsend1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.248.15.35 14061 (DIGITALOC...)
1 54.176.81.4 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.32.110.75 16509 (AMAZON-02)
1 13.224.103.74 16509 (AMAZON-02)
1 13.224.103.5 16509 (AMAZON-02)
1 13.224.103.59 16509 (AMAZON-02)
1 151.101.0.217 54113 (FASTLY)
2 18.244.140.128 16509 (AMAZON-02)
1 18.239.94.11 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 11
2    104.248.15.35 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 2.jngo.net
track.esperanza.jmsend.com
1    54.176.81.4 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-81-4.us-west-1.compute.amazonaws.com
queencharlottelodge.createsend1.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    13.32.110.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-75.vie50.r.cloudfront.net
i1.createsend1.com
1    13.224.103.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-74.zrh50.r.cloudfront.net
i2.createsend1.com
1    13.224.103.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-5.zrh50.r.cloudfront.net
i3.createsend1.com
1    13.224.103.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-59.zrh50.r.cloudfront.net
i4.createsend1.com
1    151.101.0.217 (United States)

ASN54113 (FASTLY, US)
i.vimeocdn.com
2    18.244.140.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-140-128.lhr50.r.cloudfront.net
i5.createsend1.com
1    18.239.94.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-11.ams1.r.cloudfront.net
i10.createsend1.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:ba58 (United States)

ASN13335 (CLOUDFLARENET, US)
createsend1.report-uri.com
Apex Domain
Subdomains		 Transfer
10 createsend1.com
queencharlottelodge.createsend1.com
i1.createsend1.com — Cisco Umbrella Rank: 158212
i2.createsend1.com — Cisco Umbrella Rank: 193968
i3.createsend1.com — Cisco Umbrella Rank: 240620
i4.createsend1.com — Cisco Umbrella Rank: 237518
i5.createsend1.com — Cisco Umbrella Rank: 265073
i10.createsend1.com — Cisco Umbrella Rank: 296790
3 MB
2 gstatic.com
fonts.gstatic.com
97 KB
2 jmsend.com
track.esperanza.jmsend.com
1 KB
1 report-uri.com
createsend1.report-uri.com
592 B
1 vimeocdn.com
i.vimeocdn.com — Cisco Umbrella Rank: 3376
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
15 6
Domain Requested by
3 i1.createsend1.com queencharlottelodge.createsend1.com
2 fonts.gstatic.com fonts.googleapis.com
2 i5.createsend1.com queencharlottelodge.createsend1.com
2 track.esperanza.jmsend.com 2 redirects
1 createsend1.report-uri.com queencharlottelodge.createsend1.com
1 i10.createsend1.com queencharlottelodge.createsend1.com
1 i.vimeocdn.com queencharlottelodge.createsend1.com
1 i4.createsend1.com queencharlottelodge.createsend1.com
1 i3.createsend1.com queencharlottelodge.createsend1.com
1 i2.createsend1.com queencharlottelodge.createsend1.com
1 fonts.googleapis.com client
1 queencharlottelodge.createsend1.com
15 12

This site contains links to these domains. Also see Links.

Domain
queencharlottelodge.updatemyprofile.com
Subject Issuer Validity Valid
*.createsend1.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-10-19 -
2024-11-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
report-uri.com
E1		 2023-11-28 -
2024-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Frame ID: 3EE258674C61D9C06FAD20790062A07F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://track.esperanza.jmsend.com/y.z?l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90L3ItZS10aW... HTTP 302
    https://track.esperanza.jmsend.com/z.aspx?page=y&l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90... HTTP 302
    https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddre... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

12
Subdomains

11
IPs

2
Countries

3128 kB
Transfer

3173 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.esperanza.jmsend.com/y.z?l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90L3ItZS10aWlqZHJ1ay1uamR1dWpsaGR1LW0v&j=370877333&e=31607&p=1&t=h&ECA4FFD9D2174ABA8C74EB1686E32C8F HTTP 302
    https://track.esperanza.jmsend.com/z.aspx?page=y&l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90L3ItZS10aWlqZHJ1ay1uamR1dWpsaGR1LW0v&j=370877333&e=31607&p=1&t=h&ECA4FFD9D2174ABA8C74EB1686E32C8F HTTP 302
    https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/
Redirect Chain
  • https://track.esperanza.jmsend.com/y.z?l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90L3ItZS10aWlqZHJ1ay1uamR1dWpsaGR1LW0v&j=370877333&e=31607&p=1&t=h&ECA4FFD9D2174ABA8C74EB1686E32C8F
  • https://track.esperanza.jmsend.com/z.aspx?page=y&l=aHR0cHM6Ly9xdWVlbmNoYXJsb3R0ZWxvZGdlLmNyZWF0ZXNlbmQxLmNvbS90L3ItZS10aWlqZHJ1ay1uamR1dWpsaGR1LW0v&j=370877333&e=31607&p=1&t=h&ECA4FFD9D2174ABA8C74E...
  • https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%...
43 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.176.81.4 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-81-4.us-west-1.compute.amazonaws.com
Software
csw /
Resource Hash
f78cd9c951992a0ff7a62c10c2cba5c9c718ba6b54b761668b4a499fa0c616ba
Security Headers
Name Value
Content-Security-Policy script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jan 2024 21:27:28 GMT
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Server
csw
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow

Redirect headers

X-Powered-By
Express
cache-control
private,private, must-revalidate, max-age=0
connection
close
content-length
413
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 21:27:28 GMT
location
https://queencharlottelodge.createsend1.com:443/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
pragma
no-cache
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,700,400
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63668c9bb00822945d952730dad2b6dca3a9a35d608b3329bfde34706cc38d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 21:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 21:27:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 21:27:28 GMT
OntheRoadAgainI-Jan2024-9900000000079e3c.png
i1.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/OntheRoadAgainI-Jan2024-9900000000079e3c.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-75.vie50.r.cloudfront.net
Software
csw /
Resource Hash
961b438dd785b8d9bd718d9089b6e7558cce52f8a4a68ecd27de73e2203b1e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:05:36 GMT
via
1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
csw
x-amz-cf-pop
VIE50-C2
age
19313
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=86400
content-length
1088700
x-xss-protection
1; mode=block
x-amz-cf-id
VLO8RjTXpxm87raflR40dSvwTyFOR49Q72D6JHzFVbORwcq5q1NVrw==
JanuaryE-News2024TradeshowDates1-9900000000079e3c.png
i2.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/JanuaryE-News2024TradeshowDates1-9900000000079e3c.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-74.zrh50.r.cloudfront.net
Software
csw /
Resource Hash
b896b7caece8f9c7b4a3c3aeaeb66133c868f3468ce7f07331d5febb759e602a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:05:36 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ee.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
csw
x-amz-cf-pop
ZRH50-C1
age
19313
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=86400
content-length
100701
x-xss-protection
1; mode=block
x-amz-cf-id
llluwgF4BKEFG8YJfm7uOFMdkGgFwB9GDKBWLAHq5Z7KCrlrDpSIRQ==
2021TheLodge-6b43dfe1b8cd28dc.jpg
i3.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/2021TheLodge-6b43dfe1b8cd28dc.jpg
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-5.zrh50.r.cloudfront.net
Software
csw /
Resource Hash
abf9603489bf213b6caf1f997ae2742b87d6bf02f7a0a17f44f686f514319acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:05:40 GMT
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
csw
x-amz-cf-pop
ZRH50-C1
age
19309
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=86400
content-length
130098
x-xss-protection
1; mode=block
x-amz-cf-id
MVTjA9w5HbK7Q9qOP5FsRMGiLLfmwSkkIVGA_cgOiDrYVkGPZmMA7w==
OntheRoadAgainII-Jan2024-9900000000079e3c.png
i4.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/ 		913 KB
915 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i4.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/OntheRoadAgainII-Jan2024-9900000000079e3c.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-59.zrh50.r.cloudfront.net
Software
csw /
Resource Hash
4fca59488d0a0445559467daf9cfa57fd61f5ba7e9b65d2ae734c46c0cbd40a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:05:40 GMT
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
csw
x-amz-cf-pop
ZRH50-C1
age
19309
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=86400
content-length
935022
x-xss-protection
1; mode=block
x-amz-cf-id
BNIbk7LRXx9TcFG_17RVsgAkmZcbPD70cc4L7z61kF7OlMxxqI2f0A==
overlay
i.vimeocdn.com/filter/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/filter/overlay?src=http://img.youtube.com/vi/nXz9f4Y-hQ4/0.jpg&src=https://integrationstore-b0c3f53658fe7a75.microservice.createsend.com/files/9392B9D9-F380-42FC-9571-7E109B7A1C26/youtube-play-button-overlay.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
578eb94a204fd78d5c2137d344685107436af65f8a84d90667038da4548ec26b

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-dfw-kdal2120138-DFW, cache-mad22077-MAD
date
Wed, 24 Jan 2024 21:27:29 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
197232
x-timer
S1706131649.010497,VS0,VE3
access-control-max-age
86400
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
accept-ranges
bytes
content-length
18083
viewmaster-server
viewmaster-glb-prod
x-cache-hits
223, 1
OntheRoadAgain-Jan20241-9900000000079e3c.png
i5.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/ 		785 KB
786 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i5.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/OntheRoadAgain-Jan20241-9900000000079e3c.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-128.lhr50.r.cloudfront.net
Software
csw /
Resource Hash
202f95310dbfbb96283dec9da8385a3d0405570a4c706e8c327248c3c3e3c923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:12:05 GMT
via
1.1 d5915fbf562d36d8917411262c8cd60a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
csw
x-amz-cf-pop
LHR50-P7
age
18924
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=86400
content-length
803559
x-xss-protection
1; mode=block
x-amz-cf-id
Wy65NigiqamRQ_krntzYybCcO8oVXb7nj2lwX9_mOV62Hi7kSNrLNg==
facebook-black-medium.png
i1.createsend1.com/static/eb/master/13-the-blueprint-3/images/socialmedia/ 		398 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.createsend1.com/static/eb/master/13-the-blueprint-3/images/socialmedia/facebook-black-medium.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-75.vie50.r.cloudfront.net
Software
csw /
Resource Hash
50592a232df3a3d8f131ad9917c1baafaf64cbe105ce73947073bad15b550f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:09:36 GMT
via
1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
494273
x-cache
Hit from cloudfront
content-length
398
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Oct 2023 22:53:54 GMT
server
csw
etag
"4c10c822df2da1:0"
content-type
image/png
cache-control
public,max-age=864000
accept-ranges
bytes
x-amz-cf-id
lHP44AA6j6wK4qWLPgRLoNBR--v0K8PdwQCkIuFeoB7y3oHiPxMvDw==
instagram-black-medium.png
i10.createsend1.com/static/eb/master/13-the-blueprint-3/images/socialmedia/ 		468 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i10.createsend1.com/static/eb/master/13-the-blueprint-3/images/socialmedia/instagram-black-medium.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-11.ams1.r.cloudfront.net
Software
csw /
Resource Hash
eb77be1dfef825bde9218ad0a504e19ca56481b7ae52eab8a706db4ac92dd4c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:58:27 GMT
via
1.1 054609fe51831eb8825d39133f1a4c84.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS1-P3
age
671342
x-cache
Hit from cloudfront
content-length
468
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Oct 2023 22:53:54 GMT
server
csw
etag
"56ce522df2da1:0"
content-type
image/png
cache-control
public,max-age=864000
accept-ranges
bytes
x-amz-cf-id
9-hNoDbWJJ0ggHfXIIbeDqorzIm-OpfCkjNnNWubmQKcPlcO_Hcv7w==
website-black-medium.png
i5.createsend1.com/static/eb/master/13-the-blueprint-3/images/socialmedia/ 		575 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i5.createsend1.com/static/eb/master/13-the-blueprint-3/images/socialmedia/website-black-medium.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.140.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-140-128.lhr50.r.cloudfront.net
Software
csw /
Resource Hash
5294a2297d593729fdf189bf6619d2c089f92d96bd729d29c6cd398baf6a21d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 23:57:15 GMT
via
1.1 d5915fbf562d36d8917411262c8cd60a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P7
age
250214
x-cache
Hit from cloudfront
content-length
575
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Oct 2023 22:53:55 GMT
server
csw
etag
"76468523df2da1:0"
content-type
image/png
cache-control
public,max-age=864000
accept-ranges
bytes
x-amz-cf-id
KMLG0rTV0zGHVZZtBT0oVTDbH6op3-EuuIpyc3MRnj4bHWHi4nPDhQ==
QCLnoHGKF3.png
i1.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.createsend1.com/ei/r/AA/AF6/D5E/162439/csfinal/QCLnoHGKF3.png
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-75.vie50.r.cloudfront.net
Software
csw /
Resource Hash
ea8217db65605b0be1e9caf93e5e168d12621eb2e4a4d6b4fa66155c557ae91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://queencharlottelodge.createsend1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:05:40 GMT
via
1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
csw
x-amz-cf-pop
VIE50-C2
age
19309
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=86400
content-length
5994
x-xss-protection
1; mode=block
x-amz-cf-id
G_vYVN_LpY7H4YHlUVKUdrwPEaEb8wXHtvN49JjqwDVTbzPsHh9w2A==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://queencharlottelodge.createsend1.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options
nosniff
age
78939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:50 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://queencharlottelodge.createsend1.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:03:55 GMT
x-content-type-options
nosniff
age
105814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 16:03:55 GMT
enforce
createsend1.report-uri.com/r/t/csp/ 		0
592 B 		Other
General
Check archive.org
Download Go to
Full URL
https://createsend1.report-uri.com/r/t/csp/enforce
Requested by
Host: queencharlottelodge.createsend1.com
URL: https://queencharlottelodge.createsend1.com/t/r-e-tiijdruk-njduujlhdu-m/?MassEmailID=370877333&email_id=30192&emailaddress=jcolello%40santanderconsumerusa.com&submission_date=7%2f25%2f2019+12%3a58%3a53+PM&MemberID=ECA4FFD9D2174ABA8C74EB1686E32C8F&confirmed=1&Modified=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ba58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://queencharlottelodge.createsend1.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 21:27:30 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
84ab5c59cf28215f-MAD
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
track.esperanza.jmsend.com/ Name: ASPSESSIONIDASCTRDCA
Value: DEDKBJKAKGFEOOGMCBJJFFNN

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

createsend1.report-uri.com
fonts.googleapis.com
fonts.gstatic.com
i.vimeocdn.com
i1.createsend1.com
i10.createsend1.com
i2.createsend1.com
i3.createsend1.com
i4.createsend1.com
i5.createsend1.com
queencharlottelodge.createsend1.com
track.esperanza.jmsend.com
104.248.15.35
13.224.103.5
13.224.103.59
13.224.103.74
13.32.110.75
151.101.0.217
18.239.94.11
18.244.140.128
2606:4700::6811:ba58
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
54.176.81.4
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
202f95310dbfbb96283dec9da8385a3d0405570a4c706e8c327248c3c3e3c923
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4fca59488d0a0445559467daf9cfa57fd61f5ba7e9b65d2ae734c46c0cbd40a2
50592a232df3a3d8f131ad9917c1baafaf64cbe105ce73947073bad15b550f99
5294a2297d593729fdf189bf6619d2c089f92d96bd729d29c6cd398baf6a21d6
578eb94a204fd78d5c2137d344685107436af65f8a84d90667038da4548ec26b
63668c9bb00822945d952730dad2b6dca3a9a35d608b3329bfde34706cc38d0e
961b438dd785b8d9bd718d9089b6e7558cce52f8a4a68ecd27de73e2203b1e03
abf9603489bf213b6caf1f997ae2742b87d6bf02f7a0a17f44f686f514319acf
b896b7caece8f9c7b4a3c3aeaeb66133c868f3468ce7f07331d5febb759e602a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8217db65605b0be1e9caf93e5e168d12621eb2e4a4d6b4fa66155c557ae91b
eb77be1dfef825bde9218ad0a504e19ca56481b7ae52eab8a706db4ac92dd4c4
f78cd9c951992a0ff7a62c10c2cba5c9c718ba6b54b761668b4a499fa0c616ba