danvilleutilities.cmail19.com Open in urlscan Pro
18.196.132.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
Submission: On October 10 via manual (October 10th 2019, 2:27:25 pm UTC) from US

Summary HTTP 10 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 18.196.132.139, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is danvilleutilities.cmail19.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2019. Valid for: a year.

This is the only time danvilleutilities.cmail19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.196.132.139 18.196.132.139	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	13.225.78.89 13.225.78.89	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.99.211 13.32.99.211	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.85.183.253 52.85.183.253	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.120 13.225.78.120	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.99.10 13.32.99.10	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
10	8

1 18.196.132.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-132-139.eu-central-1.compute.amazonaws.com

danvilleutilities.cmail19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.89 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-89.fra2.r.cloudfront.net

i1.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.211 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-99-211.prg50.r.cloudfront.net

i2.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.183.253 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-253.fra50.r.cloudfront.net

i3.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.120 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-120.fra2.r.cloudfront.net

i4.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.10 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-99-10.prg50.r.cloudfront.net

i5.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	createsend1.com i1.createsend1.com i2.createsend1.com i3.createsend1.com i4.createsend1.com i5.createsend1.com	1 MB
2	gstatic.com fonts.gstatic.com	22 KB
1	googleapis.com fonts.googleapis.com	871 B
1	cmail19.com danvilleutilities.cmail19.com	6 KB
10	4

	Domain	Requested by
2	fonts.gstatic.com	danvilleutilities.cmail19.com
2	i1.createsend1.com	danvilleutilities.cmail19.com
1	i5.createsend1.com	danvilleutilities.cmail19.com
1	i4.createsend1.com	danvilleutilities.cmail19.com
1	i3.createsend1.com	danvilleutilities.cmail19.com
1	i2.createsend1.com	danvilleutilities.cmail19.com
1	fonts.googleapis.com	danvilleutilities.cmail19.com
1	danvilleutilities.cmail19.com
10	8

This site contains links to these domains. Also see Links.

Domain
danvilleutilities.createsend1.com

Subject Issuer	Validity	Valid
*.createsend1.com DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-07-08`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
Frame ID: 61305AD15D4F2F294538A9F9D9AB0193
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

8
IPs

2
Countries

1499 kB
Transfer

1540 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://danvilleutilities.createsend1.com/t/j-e-clulrn-l-o/
Title: Click here

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-r/

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-y/

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-j/
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-t/

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-i/
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-d/

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-h/
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-k/

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-l-clulrn-l-u/
Title: VIEW ARCHIVE

Search URL Search Domain Scan URL

URL: https://danvilleutilities.createsend1.com/t/j-u-clulrn-l-b/
Title: Unsubscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 811FE803D10848282540EF23F30FEDED Show response
danvilleutilities.cmail19.com/t/ViewEmail/j/ 43 KB
6 KB 978ms
899ms Document
text/html 18.196.132.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-196-132-139.eu-central-1.compute.amazonaws.com

Software

_waflopenresty/1.11.2.2 /

Resource Hash

5654b2dcc5ae7555368416fe95434bf31e64cce0449fa53bc2c5287b4e12f986

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;

Request headers

Host: danvilleutilities.cmail19.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Thu, 10 Oct 2019 14:27:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: _waflopenresty/1.11.2.2
Vary: Accept-Encoding
Cache-Control: private
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"

GET
H2 200 css
fonts.googleapis.com/ 11 KB
871 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,400italic,700italic

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f9205087a43dfafc36b6dd1d3f35b68ba2cdafedafc6e6f2292c048ac9281676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 10 Oct 2019 14:27:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 10 Oct 2019 14:27:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 10 Oct 2019 14:27:03 GMT

GET
H2 200 Danville_Newsletter_Header_logo2-9903cf0514028a3c.png
i1.createsend1.com/ei/j/A5/209/95B/003644/csfinal/ 11 KB
11 KB 354ms
278ms Image
image/png 13.225.78.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.createsend1.com/ei/j/A5/209/95B/003644/csfinal/Danville_Newsletter_Header_logo2-9903cf0514028a3c.png

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

csw /

Resource Hash

4ea7a35d9f0aaaf39297be537c3977dc7380a344a1cfc23c04699cefeb7e7f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 14:27:04 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status: 200
x-xss-protection: 1;mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
content-length: 10975
x-content-type-options: nosniff
x-amz-cf-id: ZagfI0cT1ky4SQolrJuDOAWlVUoR7wyHlEU0Ea3Yam-zlxbU4Gf4eg==

GET
H2 200 Danville_article_thumbnail_SEER-requirement-update-9900000000028a3c.png
i2.createsend1.com/ei/j/A5/209/95B/003644/csfinal/ 97 KB
97 KB 437ms
349ms Image
image/png 13.32.99.211
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.createsend1.com/ei/j/A5/209/95B/003644/csfinal/Danville_article_thumbnail_SEER-requirement-update-9900000000028a3c.png

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.99.211 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-99-211.prg50.r.cloudfront.net

Software

csw /

Resource Hash

d173b25dbb06ad2eb9a55cebbd4a610f92010ce404be6a1515c7451da66d80ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 14:27:04 GMT
via: 1.1 c882e2039e12421bb0728fbe184b7c4f.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: PRG50
x-cache: Miss from cloudfront
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status: 200
x-xss-protection: 1;mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
content-length: 99077
x-content-type-options: nosniff
x-amz-cf-id: LNBgEKE32zCYZr2Mjo7z9sXkQYQUBZr2WfSqQC2hUmGhM17CSXAeUQ==

GET
H2 200 Danville_article_thumbnail_beat-the-cold-with-natu-9900000000028a3c.png
i3.createsend1.com/ei/j/A5/209/95B/003644/csfinal/ 91 KB
92 KB 683ms
603ms Image
image/png 52.85.183.253
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i3.createsend1.com/ei/j/A5/209/95B/003644/csfinal/Danville_article_thumbnail_beat-the-cold-with-natu-9900000000028a3c.png

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.85.183.253 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-85-183-253.fra50.r.cloudfront.net

Software

csw /

Resource Hash

bebdedc140b09c54ef50b6b6dd79a7c6bef738fc10c30bef84b3b0845084c0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 14:27:04 GMT
via: 1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: FRA50
x-cache: Miss from cloudfront
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status: 200
x-xss-protection: 1;mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
content-length: 93541
x-content-type-options: nosniff
x-amz-cf-id: d-eCLj3_NCIEpW1Pgkc-vaJrTZZlWTZnKtrTOFVS2r12g3y62PGSJg==

GET
H2 200 Danville_article_thumbnail_tis-the-season-for-cust-9900000000028a3c.png
i4.createsend1.com/ei/j/A5/209/95B/003644/csfinal/ 88 KB
88 KB 1827ms
1754ms Image
image/png 13.225.78.120
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i4.createsend1.com/ei/j/A5/209/95B/003644/csfinal/Danville_article_thumbnail_tis-the-season-for-cust-9900000000028a3c.png

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-120.fra2.r.cloudfront.net

Software

csw /

Resource Hash

70fec33508a3dc530314f153c52206885cf99fbd1e93cdba7307b559fd431a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 14:27:05 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status: 200
x-xss-protection: 1;mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
content-length: 89970
x-content-type-options: nosniff
x-amz-cf-id: dS_VL2HBQ7Z2-fRqRcbZjPyRZgvOqH3tcpf5QInX5nzq_n1-AZFVJA==

GET
H2 200 Danville_web_article_primary_photo_return-to-newsl-990000000005143c.png
i5.createsend1.com/ei/j/A5/209/95B/003644/csfinal/ 67 KB
68 KB 861ms
779ms Image
image/png 13.32.99.10
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i5.createsend1.com/ei/j/A5/209/95B/003644/csfinal/Danville_web_article_primary_photo_return-to-newsl-990000000005143c.png

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.99.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-99-10.prg50.r.cloudfront.net

Software

csw /

Resource Hash

a6c7e393fcee629a9928bef40461acb89e2a8f127a5a673c7d161e20e9fbe170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 14:27:04 GMT
via: 1.1 d6741ecb99575c02b6d872aa948c4283.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: PRG50
x-cache: Miss from cloudfront
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status: 200
x-xss-protection: 1;mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
content-length: 68817
x-content-type-options: nosniff
x-amz-cf-id: eOaL7Qm0JIjA4SLEJ7-hehehRYznp21zCvT4Nlec2aNs1DfipQDkbg==

GET
H2 200 Danville_Newsletter_Header_background2.png
i1.createsend1.com/ei/j/A5/209/95B/003643/csfinal/ 1 MB
1 MB 1127ms
1055ms Image
image/png 13.225.78.89
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.createsend1.com/ei/j/A5/209/95B/003643/csfinal/Danville_Newsletter_Header_background2.png

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.89 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-89.fra2.r.cloudfront.net

Software

csw /

Resource Hash

115d1d08b6ec24af6be1cb257e237e85de25b51ea2e13fd6ae068650de50425f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 14:27:05 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
server: csw
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status: 200
x-xss-protection: 1;mode=block
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
content-length: 1138316
x-content-type-options: nosniff
x-amz-cf-id: 75GkaDqb8e-Up1OSTeQAmC4qw9udFcanzH9n0sINvK_pl9sEZSlodA==

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,400italic,700italic
Origin: https://danvilleutilities.cmail19.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 00:34:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 222736
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10968
x-xss-protection: 0
expires: Wed, 07 Oct 2020 00:34:48 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: danvilleutilities.cmail19.com
URL: https://danvilleutilities.cmail19.com/t/ViewEmail/j/811FE803D10848282540EF23F30FEDED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,400italic,700italic
Origin: https://danvilleutilities.cmail19.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 01:04:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:17 GMT
server: sffe
age: 220963
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10996
x-xss-protection: 0
expires: Wed, 07 Oct 2020 01:04:21 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

danvilleutilities.cmail19.com
fonts.googleapis.com
fonts.gstatic.com
i1.createsend1.com
i2.createsend1.com
i3.createsend1.com
i4.createsend1.com
i5.createsend1.com
13.225.78.120
13.225.78.89
13.32.99.10
13.32.99.211
18.196.132.139
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
52.85.183.253
115d1d08b6ec24af6be1cb257e237e85de25b51ea2e13fd6ae068650de50425f
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4ea7a35d9f0aaaf39297be537c3977dc7380a344a1cfc23c04699cefeb7e7f12
5654b2dcc5ae7555368416fe95434bf31e64cce0449fa53bc2c5287b4e12f986
70fec33508a3dc530314f153c52206885cf99fbd1e93cdba7307b559fd431a52
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
a6c7e393fcee629a9928bef40461acb89e2a8f127a5a673c7d161e20e9fbe170
bebdedc140b09c54ef50b6b6dd79a7c6bef738fc10c30bef84b3b0845084c0f7
d173b25dbb06ad2eb9a55cebbd4a610f92010ce404be6a1515c7451da66d80ef
f9205087a43dfafc36b6dd1d3f35b68ba2cdafedafc6e6f2292c048ac9281676

danvilleutilities.cmail19.com Open in urlscan Pro 18.196.132.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

25 %IPv6

4 Domains

8 Subdomains

8 IPs

2 Countries

1499 kBTransfer

1540 kBSize

0 Cookies

11 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

danvilleutilities.cmail19.com Open in urlscan Pro
18.196.132.139 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

8
IPs

2
Countries

1499 kB
Transfer

1540 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions