factotum.cmail19.com Open in urlscan Pro
52.28.41.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
Submission: On June 04 via automatic, source phishtank (June 4th 2018, 11:27:25 pm UTC)

Summary HTTP 18 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 52.28.41.50, located in Frankfurt, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is factotum.cmail19.com.

This is the only time factotum.cmail19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.28.41.50 52.28.41.50	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.21.234 172.217.21.234	15169 (GOOGLE) (GOOGLE - Google LLC)
9	151.101.12.89 151.101.12.89	54113 (FASTLY) (FASTLY - Fastly)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	216.58.207.67 216.58.207.67	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.60.216.38 185.60.216.38	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK - Facebook)
18	8

1 52.28.41.50 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-41-50.eu-central-1.compute.amazonaws.com

factotum.cmail19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.12.89 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

css.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i9.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i3.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i4.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i5.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i6.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (Menlo Park, United States)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.216.38 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	createsend1.com css.createsend1.com i9.createsend1.com i2.createsend1.com i3.createsend1.com i4.createsend1.com i5.createsend1.com i6.createsend1.com js.createsend1.com	138 KB
3	facebook.com www.facebook.com staticxx.facebook.com	1002 B
2	gstatic.com fonts.gstatic.com	36 KB
1	facebook.net connect.facebook.net	63 KB
1	googleapis.com fonts.googleapis.com	385 B
1	cmail19.com factotum.cmail19.com	4 KB
0	Failed function sub() { [native code] }. Failed
18	7

	Domain	Requested by
2	staticxx.facebook.com	connect.facebook.net
2	fonts.gstatic.com	factotum.cmail19.com
2	js.createsend1.com	factotum.cmail19.com
1	www.facebook.com	factotum.cmail19.com
1	connect.facebook.net	factotum.cmail19.com
1	i6.createsend1.com	factotum.cmail19.com
1	i5.createsend1.com	factotum.cmail19.com
1	i4.createsend1.com	factotum.cmail19.com
1	i3.createsend1.com	factotum.cmail19.com
1	i2.createsend1.com	factotum.cmail19.com
1	i9.createsend1.com	factotum.cmail19.com
1	css.createsend1.com	factotum.cmail19.com
1	fonts.googleapis.com	factotum.cmail19.com
1	factotum.cmail19.com
0	blank Failed	factotum.cmail19.com
18	15

This site contains links to these domains. Also see Links.

Domain
factotum.createsend1.com
factotum.forwardtomyfriend.com
factotum.updatemyprofile.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
Frame ID: 19B04A127C06E47AB38BB46B274A8DDC
Requests: 16 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
Frame ID: 7B3162970FB0490AFE99C51C40E4BCD8
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
Frame ID: 176DD8FE525072FAE4E12A9F32B60D9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

18
Requests

6 %
HTTPS

0 %
IPv6

7
Domains

15
Subdomains

8
IPs

3
Countries

242 kB
Transfer

475 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://factotum.createsend1.com/t/i-e-bdiktul-gthiyjdit-r/
Title: View email in web browser

Search URL Search Domain Scan URL

URL: https://factotum.createsend1.com/t/i-l-bdiktul-gthiyjdit-n/

Search URL Search Domain Scan URL

URL: https://factotum.createsend1.com/t/i-l-bdiktul-gthiyjdit-v/
Title: Read our privacy policy

Search URL Search Domain Scan URL

URL: http://factotum.createsend1.com/t/i-tw-bdiktul-gthiyjdit-t/

Search URL Search Domain Scan URL

URL: http://factotum.createsend1.com/t/i-tw-bdiktul-gthiyjdit-i/
Title: Tweet

Search URL Search Domain Scan URL

URL: http://factotum.createsend1.com/t/i-li-bdiktul-gthiyjdit-d/

Search URL Search Domain Scan URL

URL: http://factotum.createsend1.com/t/i-li-bdiktul-gthiyjdit-h/
Title: Share

Search URL Search Domain Scan URL

URL: http://factotum.forwardtomyfriend.com/i-gthiyjdit-C3874BB6-bdiktul-l-k

Search URL Search Domain Scan URL

URL: http://factotum.forwardtomyfriend.com/i-gthiyjdit-C3874BB6-bdiktul-l-u
Title: Forward

Search URL Search Domain Scan URL

URL: http://factotum.updatemyprofile.com/i-bdiktul-C3874BB6-gthiyjdit-o
Title: Preferences

Search URL Search Domain Scan URL

URL: http://factotum.createsend1.com/t/i-u-bdiktul-gthiyjdit-b/
Title: Unsubscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 28DA68DF85DD7AD162AF25ACF5E3F0AC Show response
factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/ 19 KB
4 KB 349ms
342ms Document
text/html 52.28.41.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
Protocol: HTTP/1.1
Server: 52.28.41.50 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-41-50.eu-central-1.compute.amazonaws.com
Software: _waflopenresty/1.11.2.2 /
Resource Hash: 47f1ec4b3849da5415dddbe358bf8c16a0d411177e45b3ec3527fbeb874e5d91

Request headers

Host: factotum.cmail19.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 19B04A127C06E47AB38BB46B274A8DDC

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: _waflopenresty/1.11.2.2
Vary: Accept-Encoding
Cache-Control: private
Content-Encoding: gzip
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"

GET
S 200 css
fonts.googleapis.com/ 981 B
385 B 16ms
14ms Stylesheet
text/css 172.217.21.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,700,400

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

SPDY

Server

172.217.21.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f10.1e100.net

Software

ESF /

Resource Hash

d2223479733300ee9ad6a7465cd7378d5cf1239db39cdcd83cf7a1e053677e4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 04 Jun 2018 23:27:13 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Mon, 04 Jun 2018 23:27:13 GMT

GET
H/1.1 200
OK social.min.css
css.createsend1.com/css/ 2 KB
2 KB 35ms
6ms Stylesheet
text/css 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

http://css.createsend1.com/css/social.min.css?h=D1AFBC29201804191133

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

8f9489cbe3ff1704531af8451b140f1a7ffd115416e7b15866387cca89c852b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3974001
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 759
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3147-SJC, cache-fra19136-FRA
Fastly-Debug-Digest: 6ec49ca211cccf8bbb76a7bf5a6c807454f12391b44f848435cf377f84446785
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 19 Apr 2018 04:15:36 GMT
Server: csw
X-Timer: S1528154833.496496,VS0,VE0
X-Frame-Options: SAMEORIGIN
ETag: "064c1195d7d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 3, 2

GET
H/1.1 200
OK factotum-email-logo2.png
i9.createsend1.com/ti/i/2A/932/00F/003812/images/ 11 KB
11 KB 17ms
6ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i9.createsend1.com/ti/i/2A/932/00F/003812/images/factotum-email-logo2.png

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

7d48932dcda3b2789fcd2ed1e09a581b46b0bb1285884cf268a2fda640e4d4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 16594
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 11018
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3123-SJC, cache-fra19151-FRA
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Jun 2016 12:20:53 GMT
Server: csw
X-Timer: S1528154834.515235,VS0,VE0
ETag: "f68ebe3380c1d11:0"
Content-Type: image/png
Fastly-Debug-Digest: 96601d25a91fa0cac0597b4b18f39920df418573b88c730f2db05b902bb1e6ba
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
H/1.1 200
OK factotum-footer.png
i2.createsend1.com/ti/i/2A/932/00F/003812/images/ 26 KB
27 KB 30ms
7ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i2.createsend1.com/ti/i/2A/932/00F/003812/images/factotum-footer.png

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

c1e3187573070aed07660eb2a7c99da5e3fa2e9dca2405746e2fc0f9efaaa04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 60908
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 26856
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3139-SJC, cache-fra19125-FRA
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Jun 2016 12:20:53 GMT
Server: csw
X-Timer: S1528154834.525882,VS0,VE1
ETag: "ec27c13380c1d11:0"
Content-Type: image/png
Fastly-Debug-Digest: b4abaf53d66719d8746491d38c45ec5b5dccc337737722b2ae67540ea6bec408
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK fblike.png
i3.createsend1.com/ti/i/2A/932/00F/003812/images/ 15 KB
15 KB 158ms
152ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i3.createsend1.com/ti/i/2A/932/00F/003812/images/fblike.png

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

ff6021f397a4acd356a2fe566e647e4a136f07afd7ea7911c3f5b45bccc135bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 16594
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 15028
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3125-SJC, cache-fra19120-FRA
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Jun 2016 12:20:53 GMT
Server: csw
X-Timer: S1528154834.509889,VS0,VE146
ETag: "ca82c43380c1d11:0"
Content-Type: image/png
Fastly-Debug-Digest: 02c0b522231db4f1e2b6d41c31da9da3d1f0f396225eba0374c74ad705118fb6
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 23, 1

GET
H/1.1 200
OK tweet.png
i4.createsend1.com/ti/i/2A/932/00F/003812/images/ 15 KB
15 KB 29ms
7ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i4.createsend1.com/ti/i/2A/932/00F/003812/images/tweet.png

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

7d1a933de39c8bd9b797c29088335b3d3af3b1b6245ac0220167ba88eff28241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 16594
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 15101
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3132-SJC, cache-fra19146-FRA
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Jun 2016 12:20:53 GMT
Server: csw
X-Timer: S1528154834.526612,VS0,VE1
ETag: "2450ca3380c1d11:0"
Content-Type: image/png
Fastly-Debug-Digest: 6c31d9bb84de95aed56deff52c29da0bafc836d33b00f4ba45af940403e55ea3
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK lishare.png
i5.createsend1.com/ti/i/2A/932/00F/003812/images/ 15 KB
15 KB 28ms
6ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i5.createsend1.com/ti/i/2A/932/00F/003812/images/lishare.png

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

3e9a3b2ceccec6904b076ddebeefc3b66b3d2b750c8575b9e13a71042b493171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 16594
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 15070
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3144-SJC, cache-fra19129-FRA
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Jun 2016 12:20:53 GMT
Server: csw
X-Timer: S1528154834.525394,VS0,VE1
ETag: "ecb7c73380c1d11:0"
Content-Type: image/png
Fastly-Debug-Digest: e0d51dd574fb50c02f1dff13ca7f2ab38b5e6fc3aca2dec48afc15bf2b116e9a
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK forward.png
i6.createsend1.com/ti/i/2A/932/00F/003812/images/ 15 KB
15 KB 29ms
6ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i6.createsend1.com/ti/i/2A/932/00F/003812/images/forward.png

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

b3d618401ce2f0ccac31c0b5b1800f7dca2e28d224645cfce8dd118925f351a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 16594
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 15101
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3128-SJC, cache-fra19148-FRA
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 08 Jun 2016 12:20:53 GMT
Server: csw
X-Timer: S1528154834.529234,VS0,VE1
ETag: "6c57c63380c1d11:0"
Content-Type: image/png
Fastly-Debug-Digest: 6be47afaece6e21c991c765ebfff5793f2035d441f3c72e0e349f6fb0b766acd
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
js.createsend1.com/js/ 93 KB
34 KB 12ms
6ms Script
application/javascript 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

http://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A4659201804191133

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3974008
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 33680
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3151-SJC, cache-fra19141-FRA
Fastly-Debug-Digest: e781ad01d66482a939b8c7292875d8268d92dbc8ac3adcc381cc450c88eabf70
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 19 Apr 2018 04:15:44 GMT
Server: csw
X-Timer: S1528154833.477029,VS0,VE0
X-Frame-Options: SAMEORIGIN
ETag: "018d11595d7d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2, 4480

GET
S 200 all.js Show response
connect.facebook.net/en_US/ 207 KB
63 KB 19ms
6ms Script
application/x-javascript 157.240.20.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

SPDY

Server

157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

9634e875e35b7f85d07afb9c5e94069f5ec0fd0a37514cbd6992c37163efff4a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YxRDXq8tr0YU7VUhGpLisw==
status: 200
content-length: 63432
x-xss-protection: 0
x-fb-debug: baCXVyr8/RTqONFdUNWE4WBaUZxEifM/eioIwzyXnjfZprOOiHwu5tWaRJcxAdbK9Oz1TXGrTbXkPKXw6XeHWQ==
x-fb-content-md5: 50965bfb6dd41f3a1efa281b183ea086
x-frame-options: DENY
date: Mon, 04 Jun 2018 23:27:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "89bbcb31a6a69ac32fd5061c38a3e1f8"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Mon, 04 Jun 2018 23:32:04 GMT

GET
H/1.1 200
OK track.min.js Show response
js.createsend1.com/js/ 5 KB
3 KB 7ms
6ms Script
application/javascript 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

http://js.createsend1.com/js/track.min.js?h=BBE678E3201804191133

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

f8b6582a3cec220b7ab8f411fba4ba84e7c363599b20309956875d7fa44f108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 04 Jun 2018 23:27:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 598074
X-Cache: HIT, HIT
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 1807
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3130-SJC, cache-fra19141-FRA
Fastly-Debug-Digest: ca833868d2db5f30c4f7e56924ed82a3249e9cc220766090b469c8b1d55b9fb8
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 29 May 2018 00:13:10 GMT
Server: csw
X-Timer: S1528154834.504718,VS0,VE0
X-Frame-Options: SAMEORIGIN
ETag: "0ef7ad3e1f6d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2, 1

GET
S 200 mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v15/ 26 KB
18 KB 7ms
6ms Font
font/ttf 216.58.207.67
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0e.ttf

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

SPDY

Server

216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f3.1e100.net

Software

sffe /

Resource Hash

927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,700,400
Origin: http://factotum.cmail19.com

Response headers

date: Mon, 12 Feb 2018 15:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9707185
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 17857
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:44 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 15:00:48 GMT

GET
S 200 mem5YaGs126MiZpBA-UN7rgOUuhs.ttf
fonts.gstatic.com/s/opensans/v15/ 28 KB
18 KB 12ms
12ms Font
font/ttf 216.58.207.67
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhs.ttf

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

SPDY

Server

216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f3.1e100.net

Software

sffe /

Resource Hash

0782a52179d0e25f19c39b43253795b25787d65abdbd8bfa38be0f21a4512748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,700,400
Origin: http://factotum.cmail19.com

Response headers

date: Thu, 24 May 2018 12:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 989827
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 18670
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 May 2019 12:30:06 GMT

GET blank
/ 0
0

GET
S 200 /
www.facebook.com/impression.php/f1267bf434e5858/ 43 B
1002 B 53ms
41ms Image
image/gif 185.60.216.38
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/impression.php/f1267bf434e5858/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D

Requested by

Host: factotum.cmail19.com
URL: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Protocol

SPDY

Server

185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: no-cache
x-fb-debug: fNjjCJn49XWcglCRR4+FWAjgM2akBgTen6iXR6W8sEEkgal2EbAFTPL7aCFpNBfqJIXMdMo7+hdl2YZ43KRRhg==
date: Mon, 04 Jun 2018 23:27:13 GMT
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK EIL5DcDc3Zh.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 7B31 0
0 8ms
6ms Document
text/html 185.60.216.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

HTTP/1.1

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: staticxx.facebook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 19B04A127C06E47AB38BB46B274A8DDC
Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Response headers

Expires: Tue, 04 Jun 2019 20:16:49 GMT
X-XSS-Protection: 0
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: 7HBqi3tdQdZPsTy6pPvDki86vMHaZg2xIIZEPohTADOkFlnaDGcqFgVPZE83gDMxIvrqTIzZNOAdo2zSMgWSgA==
Date: Mon, 04 Jun 2018 23:27:13 GMT
Connection: close
Content-Length: 13665

GET
H2 200 EIL5DcDc3Zh.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 176D 0
0 8ms
6ms Document
text/html 157.240.20.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 19B04A127C06E47AB38BB46B274A8DDC
Referer: http://factotum.cmail19.com/t/ViewEmail/i/AD447D79A1FAFDE72540EF23F30FEDED/28DA68DF85DD7AD162AF25ACF5E3F0AC

Response headers

status: 200
expires: Tue, 04 Jun 2019 17:32:12 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: z/hnm0hwqkkJi8dm3/vUoXSB3A2QPiMH2E4Q+TtfmIDHiBQt+k+peKrps1B0uRIQ8ypjAi6pdOdJ8GIrMeboDA==
content-length: 13699
date: Mon, 04 Jun 2018 23:27:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blank
URL: about:blank

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| FB object| CS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blank
connect.facebook.net
css.createsend1.com
factotum.cmail19.com
fonts.googleapis.com
fonts.gstatic.com
i2.createsend1.com
i3.createsend1.com
i4.createsend1.com
i5.createsend1.com
i6.createsend1.com
i9.createsend1.com
js.createsend1.com
staticxx.facebook.com
www.facebook.com
blank
151.101.12.89
157.240.20.19
172.217.21.234
185.60.216.19
185.60.216.38
216.58.207.67
52.28.41.50
0782a52179d0e25f19c39b43253795b25787d65abdbd8bfa38be0f21a4512748
3e9a3b2ceccec6904b076ddebeefc3b66b3d2b750c8575b9e13a71042b493171
47f1ec4b3849da5415dddbe358bf8c16a0d411177e45b3ec3527fbeb874e5d91
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7d1a933de39c8bd9b797c29088335b3d3af3b1b6245ac0220167ba88eff28241
7d48932dcda3b2789fcd2ed1e09a581b46b0bb1285884cf268a2fda640e4d4f4
8f9489cbe3ff1704531af8451b140f1a7ffd115416e7b15866387cca89c852b4
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
9634e875e35b7f85d07afb9c5e94069f5ec0fd0a37514cbd6992c37163efff4a
b3d618401ce2f0ccac31c0b5b1800f7dca2e28d224645cfce8dd118925f351a8
c1e3187573070aed07660eb2a7c99da5e3fa2e9dca2405746e2fc0f9efaaa04c
d2223479733300ee9ad6a7465cd7378d5cf1239db39cdcd83cf7a1e053677e4a
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
f8b6582a3cec220b7ab8f411fba4ba84e7c363599b20309956875d7fa44f108f
ff6021f397a4acd356a2fe566e647e4a136f07afd7ea7911c3f5b45bccc135bb

factotum.cmail19.com Open in urlscan Pro 52.28.41.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

6 %HTTPS

0 %IPv6

7 Domains

15 Subdomains

8 IPs

3 Countries

242 kBTransfer

475 kBSize

0 Cookies

11 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

factotum.cmail19.com Open in urlscan Pro
52.28.41.50 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

6 %
HTTPS

0 %
IPv6

7
Domains

15
Subdomains

8
IPs

3
Countries

242 kB
Transfer

475 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions