urlscan.io logo urlscan.io
SecurityTrails logo

white.cmail20.com Open in urlscan Pro
52.28.41.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
Submission: On June 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 52.28.41.50, located in Frankfurt, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is white.cmail20.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 17th 2017. Valid for: 2 years.
This is the only time white.cmail20.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.28.41.50 16509 (AMAZON-02)
2 151.101.112.89 54113 (FASTLY)
3 2
Apex Domain
Subdomains		 Transfer
2 createsend1.com
img.createsend1.com
1 KB
1 cmail20.com
white.cmail20.com
1 KB
3 2
Domain Requested by
2 img.createsend1.com white.cmail20.com
1 white.cmail20.com
3 2

This site contains no links.

Subject Issuer Validity Valid
*.createsend1.com
DigiCert SHA2 Secure Server CA		 2017-05-17 -
2019-07-31		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
Frame ID: CD899A53DBE812086F51F3E79B112158
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2 kB
Transfer

3 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
white.cmail20.com/t/j-u-bhjkyjk-l-y/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.41.50 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-41-50.eu-central-1.compute.amazonaws.com
Software
_waflopenresty/1.11.2.2 /
Resource Hash
3bbf18f0eba8f0d287a8fa754d871c9e820b3040b94270bb10bf778c937d3383
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
white.cmail20.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CD899A53DBE812086F51F3E79B112158

Response headers

Date
Wed, 13 Jun 2018 17:06:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
_waflopenresty/1.11.2.2
Vary
Accept-Encoding
Cache-Control
private
Content-Encoding
gzip
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
X-Frame-Options
SAMEORIGIN
top.gif
img.createsend1.com/img/misc/confirmations/ 		196 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.createsend1.com/img/misc/confirmations/top.gif
Requested by
Host: white.cmail20.com
URL: https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
Protocol
SPDY
Server
151.101.112.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
csw /
Resource Hash
cfa2e702d8d8129abe855393287f808d15b979cff4b77ffeb351bba4d54faf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 17:06:42 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
5268606
x-cache
HIT, HIT
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
196
x-xss-protection
1;mode=block
x-served-by
cache-sjc3134-SJC, cache-hhn1533-HHN
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Apr 2018 04:19:58 GMT
server
csw
x-timer
S1528909602.212792,VS0,VE1
etag
"02b528415d2d31:0"
x-frame-options
SAMEORIGIN
content-type
image/gif
fastly-debug-digest
49468694deae64e34bc40485e0641c17dd4fbea7ff6d64be69fa75a4b79a9868
cache-control
public,max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
bottom.gif
img.createsend1.com/img/misc/confirmations/ 		198 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.createsend1.com/img/misc/confirmations/bottom.gif
Requested by
Host: white.cmail20.com
URL: https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
Protocol
SPDY
Server
151.101.112.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
csw /
Resource Hash
fbf7db4d61c57f803e557e876ba99f1450a99662e5570a1fbfde9cf1ca00f631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://white.cmail20.com/t/j-u-bhjkyjk-l-y/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 17:06:42 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
3548037
x-cache
HIT, HIT
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
status
200
content-length
198
x-xss-protection
1;mode=block
x-served-by
cache-sjc3123-SJC, cache-hhn1533-HHN
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 May 2018 06:06:26 GMT
server
csw
x-timer
S1528909602.212836,VS0,VE1
etag
"05d8adea4e2d31:0"
x-frame-options
SAMEORIGIN
content-type
image/gif
fastly-debug-digest
49b875d0cc74916970fec4493ec988e363a5f4d0095ac0a994f8a435871d04e4
cache-control
public,max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.createsend1.com
white.cmail20.com
151.101.112.89
52.28.41.50
3bbf18f0eba8f0d287a8fa754d871c9e820b3040b94270bb10bf778c937d3383
cfa2e702d8d8129abe855393287f808d15b979cff4b77ffeb351bba4d54faf55
fbf7db4d61c57f803e557e876ba99f1450a99662e5570a1fbfde9cf1ca00f631