urlscan.io logo urlscan.io
SecurityTrails logo

enews.travismathew.com Open in urlscan Pro
142.0.93.11  Public Scan

Go To Rescan Add Verdict Report
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Submission: On September 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 142.0.93.11, located in United States and belongs to LISTRAK-AS1, US. The main domain is enews.travismathew.com.
This is the only time enews.travismathew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 142.0.93.11 394396 (LISTRAK-AS1)
1 2a00:1450:400... 15169 (GOOGLE)
9 93.184.220.43 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 104.18.7.244 13335 (CLOUDFLAR...)
19 6
3    142.0.93.11 (United States)

ASN394396 (LISTRAK-AS1, US)
PTR: staticip.listrak.com
enews.travismathew.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    93.184.220.43 (London, United Kingdom)

ASN15133 (EDGECAST, US)
mediacdn.espssl.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:6c00::210:baaa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.travismathew.com
4    104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)
recs.listrakbi.com
Domain Requested by
9 mediacdn.espssl.com enews.travismathew.com
4 recs.listrakbi.com enews.travismathew.com
3 enews.travismathew.com 1 redirects enews.travismathew.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.travismathew.com enews.travismathew.com
1 fonts.googleapis.com enews.travismathew.com
19 6

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
s3.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-10-30 -
2021-11-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.travismathew.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-07 -
2021-12-16		 2 years crt.sh
listrakbi.com
Cloudflare Inc ECC CA-3		 2021-08-09 -
2022-08-08		 a year crt.sh

This page contains 1 frames:

Primary Page: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Frame ID: 12C02EBD744A81A7066CA24712FDF1DA
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

See something? Come back for 15% off!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+/(?:sys_master|hybr|_ui/(?:.*responsive/)?(?:desktop|common(?:/images|/img|/css|ico)?))/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

89 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

883 kB
Transfer

880 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://enews.travismathew.com/q/gogEDDuolGSpMz_PaWBFbGIHowG3OmPo5d HTTP 302
  • http://enews.travismathew.com/q/8D5mQgro_11O8vOku7QucuyzzF1ER86Ogo

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
enews.travismathew.com/q/ 		54 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
HTTP/1.1
Server
142.0.93.11 , United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS
staticip.listrak.com
Software
nginx/1.19.10 / ASP.NET
Resource Hash
d492d2780094c5e3c468ea2aaa0aab76e11b2f0440abdd79d834426cb2900e64

Request headers

Host
enews.travismathew.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.19.10
Date
Wed, 22 Sep 2021 21:30:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
55804
Connection
keep-alive
Cache-Control
private
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:30:08 GMT
server
ESF
date
Wed, 22 Sep 2021 21:30:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 21:30:08 GMT
Combo-Logo-Black-Small.png
mediacdn.espssl.com/9662/Shared/Template/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/9662/Shared/Template/Combo-Logo-Black-Small.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
f12588b5711b8e64d2e4fc8660185ba11520f0cc25fea85728d0b51639414e60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Thu, 17 Jan 2019 20:38:48 GMT
server
ECS (frb/668D)
age
12978
etag
"c11af3a5a4aed41:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
4693
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://enews.travismathew.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 13:18:36 GMT
x-content-type-options
nosniff
age
29492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 13:18:36 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://enews.travismathew.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:28:30 GMT
x-content-type-options
nosniff
age
601298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 22:28:30 GMT
product-hero1.jpg
mediacdn.espssl.com/9662/Shared/GXP/Browse/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/9662/Shared/GXP/Browse/product-hero1.jpg
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
898af16c56abcdc6bba292fcb128b609f607d6fc7a3dd37dfc4860108489a5f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Tue, 01 Jun 2021 17:16:35 GMT
server
Microsoft-IIS/10.0
etag
"f169c4df957d71:0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
79857
1MV346-6MWB.jpg
www.travismathew.com/medias/sys_master/images/images/hfe/hf3/8959244697630/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travismathew.com/medias/sys_master/images/images/hfe/hf3/8959244697630/1MV346-6MWB.jpg
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:baaa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b8c821092670c08ee5a6f39c6cedfc521fdc42b5c32928af13266f6311887fb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
x-check-cacheable
YES
x-serial
959
etag
f3ab45942729bc0fbfdbdc1433020de1
content-type
image/webp
cache-control
private, no-transform, max-age=1484217
last-modified
Fri, 10 Sep 2021 01:46:48 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=197
content-length
290578
server
Akamai Image Manager
expires
Sun, 10 Oct 2021 01:47:05 GMT
teresa.smith@stjoe.org
recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/13/30/490/716/email/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/13/30/490/716/email/teresa.smith@stjoe.org
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047719931aa8cbf6ecbeff36d4248cd4e5e29c1f23c8bf9c1b2921772af3e190

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
692ea1f92c4b691f-FRA
x-aspnet-version
4.0.30319
content-length
46065
teresa.smith@stjoe.org
recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/525/30/490/716/email/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/525/30/490/716/email/teresa.smith@stjoe.org
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688172371dc1f804eaeaceafb7234703cb4e7aca7b2997b12e58d71238a74236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
692ea1f92c4e691f-FRA
x-aspnet-version
4.0.30319
content-length
46025
teresa.smith@stjoe.org
recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/13/772/490/716/email/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/13/772/490/716/email/teresa.smith@stjoe.org
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b74f3d86c308591059cb55356811fe62c551dcd9bd7a8ce120e500a7bba45be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
692ea1f92c50691f-FRA
x-aspnet-version
4.0.30319
content-length
50368
teresa.smith@stjoe.org
recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/525/772/490/716/email/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recs.listrakbi.com/composer/image/f3c238ea-11db-4aaf-9e44-f48fbfe332f3/f177c1bc-9c43-432a-abe5-e48a7f69f4d1/14124e95-b7e5-4c54-9c1f-e1f3ae4d5656/525/772/490/716/email/teresa.smith@stjoe.org
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b32e51b4e0902ba3b49d74a8b24616a4fd2c0e1639e8749e2830ae14199f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
5.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
image/jpeg
cache-control
private
cf-ray
692ea1f92c51691f-FRA
x-aspnet-version
4.0.30319
content-length
46052
instagram-banner.png
mediacdn.espssl.com/9662/Shared/GXP/Template/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/9662/Shared/GXP/Template/instagram-banner.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7ce0eef62e096e66ec0f9b04e709f3ebae9cda09f31ca43bb515085db9af5e5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Tue, 01 Jun 2021 18:08:04 GMT
server
Microsoft-IIS/10.0
etag
"443a15111157d71:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
59823
retail_store_footer.jpg
mediacdn.espssl.com/9662/Shared/Template/StoreLocator/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/9662/Shared/Template/StoreLocator/retail_store_footer.jpg
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
1ac8164a9d3e3622ce7016f0b01d82d02749d07124253c6c4604eab8fd76efc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Mon, 04 Feb 2019 13:40:10 GMT
server
ECS (frb/668C)
age
18613
etag
"de5850268fbcd41:0"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
166709
instagram.png
mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/instagram.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
be0a41dcd0cce9ee322b239401b9aed24628ae6b99b4096ad7571203023ebf0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Thu, 21 Jul 2016 20:11:25 GMT
server
ECS (frb/674B)
age
68874
etag
"2118f8ce3d11:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1835
youtube.png
mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/youtube.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
3a6f71aa8a5940087211e0e20be82c12cd3106f63c87700be4f81c124cae01c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Thu, 21 Jul 2016 20:11:25 GMT
server
ECS (frb/67D3)
age
45832
etag
"28388f8ce3d11:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1506
facebook.png
mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/facebook.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
2019d007ce37728d05094b20ee128d6f1918b4e741f7057f46c8e3047d2ce5b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Thu, 21 Jul 2016 20:11:25 GMT
server
ECS (frb/668C)
age
68848
etag
"d3e97f8ce3d11:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1362
twitter.png
mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/email/Composer/Icons/square/large/white/images/twitter.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
23717f32aaffbf5d395bc397bf505de92c2dffb13c886b458d0442bf1c33749c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Thu, 21 Jul 2016 20:11:25 GMT
server
ECS (frb/6760)
age
68848
etag
"28388f8ce3d11:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
1673
mobile-logo-tm.png
mediacdn.espssl.com/9662/Shared/Template/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacdn.espssl.com/9662/Shared/Template/mobile-logo-tm.png
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
bb45b2a5f9cca395534c6dd576fb04104822f01a0bb4ef1e2d6c58ee1bb29095

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:30:08 GMT
last-modified
Fri, 01 Feb 2019 18:25:23 GMT
server
ECS (frb/6752)
age
57752
etag
"9f9dcc7e5bbad41:0"
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
no-transform,public,max-age=3600,s-maxage=86400
x-cache
HIT
accept-ranges
bytes
content-length
5582
8D5mQgro_11O8vOku7QucuyzzF1ER86Ogo
enews.travismathew.com/q/
Redirect Chain
  • http://enews.travismathew.com/q/gogEDDuolGSpMz_PaWBFbGIHowG3OmPo5d
  • http://enews.travismathew.com/q/8D5mQgro_11O8vOku7QucuyzzF1ER86Ogo
70 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://enews.travismathew.com/q/8D5mQgro_11O8vOku7QucuyzzF1ER86Ogo
Requested by
Host: enews.travismathew.com
URL: http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Protocol
HTTP/1.1
Server
142.0.93.11 , United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS
staticip.listrak.com
Software
nginx/1.19.10 / ASP.NET
Resource Hash
d946e379f4620deb1cf7a91bdf5294f46625bb783df97901524fb9dbf7eeecb7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
enews.travismathew.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://enews.travismathew.com/q/cPAstBc58GHr578rSclt02_oP0r4msDBtvpMI1RH6Jjg98gQCKMIatGHP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 21:30:13 GMT
Server
nginx/1.19.10
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
70

Redirect headers

Date
Wed, 22 Sep 2021 21:30:13 GMT
Server
nginx/1.19.10
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Location
/q/8D5mQgro_11O8vOku7QucuyzzF1ER86Ogo
Cache-Control
private
Connection
keep-alive
Content-Length
70

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Domain/Path Name / Value
recs.listrakbi.com/ Name: AWSALBCORS
Value: DerzK5mVUC40xtZgYcWpEVNlFg0yu6S48L1VstdMBP50Mwsulu7P3/NtEraBwx00OJqB2wWhTfrV6euC1U1tlANIW7I9WigcY+xfgFo09WuMbG1QD1wUfPA/ArFi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

enews.travismathew.com
fonts.googleapis.com
fonts.gstatic.com
mediacdn.espssl.com
recs.listrakbi.com
www.travismathew.com
104.18.7.244
142.0.93.11
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200a
2a02:26f0:6c00::210:baaa
93.184.220.43
047719931aa8cbf6ecbeff36d4248cd4e5e29c1f23c8bf9c1b2921772af3e190
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
1ac8164a9d3e3622ce7016f0b01d82d02749d07124253c6c4604eab8fd76efc8
2019d007ce37728d05094b20ee128d6f1918b4e741f7057f46c8e3047d2ce5b4
23717f32aaffbf5d395bc397bf505de92c2dffb13c886b458d0442bf1c33749c
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3a6f71aa8a5940087211e0e20be82c12cd3106f63c87700be4f81c124cae01c8
688172371dc1f804eaeaceafb7234703cb4e7aca7b2997b12e58d71238a74236
7ce0eef62e096e66ec0f9b04e709f3ebae9cda09f31ca43bb515085db9af5e5c
898af16c56abcdc6bba292fcb128b609f607d6fc7a3dd37dfc4860108489a5f7
96b32e51b4e0902ba3b49d74a8b24616a4fd2c0e1639e8749e2830ae14199f73
9b74f3d86c308591059cb55356811fe62c551dcd9bd7a8ce120e500a7bba45be
b8c821092670c08ee5a6f39c6cedfc521fdc42b5c32928af13266f6311887fb1
bb45b2a5f9cca395534c6dd576fb04104822f01a0bb4ef1e2d6c58ee1bb29095
be0a41dcd0cce9ee322b239401b9aed24628ae6b99b4096ad7571203023ebf0c
d492d2780094c5e3c468ea2aaa0aab76e11b2f0440abdd79d834426cb2900e64
d946e379f4620deb1cf7a91bdf5294f46625bb783df97901524fb9dbf7eeecb7
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f12588b5711b8e64d2e4fc8660185ba11520f0cc25fea85728d0b51639414e60