sendings.co.za Open in urlscan Pro
156.38.207.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-eu.mimecast.com/s/AvdoCMjkxTvODkmQCwf6ML?domain=sendings.co.za
Effective URL:
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Submission: On June 16 via api (June 16th 2023, 10:29:30 am UTC) from ZA — Scanned from GB

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 156.38.207.74, located in Pretoria, South Africa and belongs to xneelo, ZA. The main domain is sendings.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2023. Valid for: 3 months.

This is the only time sendings.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	91.220.42.215 91.220.42.215	42427 (MIMECAST-UK) (MIMECAST-UK)
2	156.38.207.74 156.38.207.74	37153 (xneelo) (xneelo)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	156.38.226.202 156.38.226.202	37153 (xneelo) (xneelo)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	4

2 91.220.42.215 (United Kingdom) 2 redirects

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com

protect-eu.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 156.38.207.74 (Pretoria, South Africa)

ASN37153 (xneelo, ZA)
PTR: 74.207.38.156.reverse.xneelo.net

sendings.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.38.226.202 (Pretoria, South Africa)

ASN37153 (xneelo, ZA)

xds.myblu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 659	134 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	89 KB
2	sendings.co.za sendings.co.za	100 KB
2	mimecast.com 2 redirects protect-eu.mimecast.com — Cisco Umbrella Rank: 34803	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	18 KB
1	myblu.io xds.myblu.io	9 KB
8	6

	Domain	Requested by
2	static.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	sendings.co.za connect.facebook.net
2	sendings.co.za	sendings.co.za
2	protect-eu.mimecast.com	2 redirects
1	www.facebook.com	connect.facebook.net
1	xds.myblu.io	sendings.co.za
8	6

This site contains no links.

Subject Issuer	Validity	Valid
sendings.co.za cPanel, Inc. Certification Authority	`2023-03-23` - `2023-06-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-25` - `2023-06-23`	3 months	crt.sh
xds.myblu.io cPanel, Inc. Certification Authority	`2023-05-19` - `2023-08-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Frame ID: 51CEB45CE50272D9DE4211ECA8BDCFD2
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v13.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34e0fca339f2ac%26domain%3Dsendings.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsendings.co.za%252Ff2ced539b067304%26relation%3Dparent.parent&container_width=1570&href=https%3A%2F%2Fsendings.co.za%2Fmailer%2F%2Fsubscriber%2Fnewsletter.php%3Fsid%3D0%26c%3D6%26t%3D4%26h%3D3&layout=standard&locale=en_US&sdk=joey&share=true&size=small&width=
Frame ID: 5F343A9A8BA80896D4AA697A0E84B5B0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Promote financial inclusion.

Page URL History Show full URLs

https://protect-eu.mimecast.com/s/AvdoCMjkxTvODkmQCwf6ML?domain=sendings.co.za HTTP 307
https://protect-eu.mimecast.com/r/0mQNnkzU92UVtcCQO2oWMGhNNoxNhuP-bzVtmBPwU4MF6lY4ofqq_5zrBAejbnPh2GaUAu9-8x... HTTP 307
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

352 kB
Transfer

987 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-eu.mimecast.com/s/AvdoCMjkxTvODkmQCwf6ML?domain=sendings.co.za HTTP 307
https://protect-eu.mimecast.com/r/0mQNnkzU92UVtcCQO2oWMGhNNoxNhuP-bzVtmBPwU4MF6lY4ofqq_5zrBAejbnPh2GaUAu9-8x3DwTBN-Rld36spN6veTTBe-km85BxjW02iGWttazXL9H816k9r4u1RCeDjv84UEniB6DBJcibwYaK79sPIeuD_0aSrjevtNn_ZGZ1zZYDnOLfGFrr5-miZbq9AW2QI-NHkGVe4ggF1oyy6Kxwp-6IJcmXiqHp2yWFl8gJ8-UMdHlWMXiAU3yd5AcbFYZ9oStDVWRBguCrJTaGxEmP2G2Y7nLG909ZAuD2K5eQ0kYwCl3bF67ZTiCQpR783k9FWEqTVbVJu4d-cd-vxV9wzbPmIdNT1E4oPGqF1h5krTfO4327oUQ4ItQlE5jp3Wk1nXzqV-OuKLKQhzQG-hX6OKGuValCMGSVGivQ8_rUB6EhhMPonc6DxuA3g72mMREHME1EaN6vzzeOcmiE5zeB0P29k-QVoFmtWk-a_Smfu4zrPICEMrH5zKF0f8_FKiHzVtq85OUM8DZ1NaajsB_BGvMKOQfLfWNbKVf03cbTZiiuMWq1W0ppQDlUExVUx7-W3WjTkSm-oSVlup5QWXY4yQ1RNBm_G16zkgVleAGSTiZBXRUI9Crr-g0TTs-DsunV658YAOZP5jciGrT6FPeGkhtsBZuaKdDHGSKkJ7V9YdOJ-1wveE4k2xP5kCQi2ktUkOv7BfDHFn_OxnjJUAgmQA2Xz3z2Woc8_RgIChHpTVLJyhOfGwBBoQh-MYSqCcwA0S8vP-j3zUAvEb5DMMJhbVsDQFapKuYhCOrHTG1XvCvnPJMMOBSOD4fAeNv2WuSPgxna8rvdf6bCcj-eolOe41sEhxxvsALwWTYTCGYftDBfRT4n4W4WneqbcfXOS0SUCbhSOKzrDjbZg1tgxkXeEgpx03WS9F2MkiRdVtqJKLwRNGBa4KnXZKJR-6ZhXkpnvq9Foibu51DJfkyij-iWyIiguqibwG-QdF9EjkapNymcvnEt5laeNDt-gWRSYBWsjdWvqXwL6BrOFqnjglHQrJxfBdshdtML5_-nXlRCB7ez1Rj2JySU1Hkc21Obe7CC9VmK2iom7bE1Ke5uoXH8vepteJ-DOchW0zBho8AKY-y89DKLoCQk5qVRpIRvR32aiguUd2Cr4-cLfs24Ubo4MUDCaifybJxD42IBAdPZ9MAKkEPFWUad8XK4gxYAG5JFeZhktlpWoiEK4sBqvU2PIi2XGboXdEy1IwX7e3QeF0_Sf4cbvBllxvK7uPpKeCRv9Vl695D4rPEEt6p2IrDP-Nf8tWTFTfP5dNhgmIVNxGwKQaLzxCrUMsQZmrZx5sXBMK-nziFZBEPrgK-puCnuQXCzUEA8GpjDUJm6t9SGbR2uGKRLy8b_njNq00_1OVoiWwqVbgWzSf-wPxqMYGODk__SrcHM6l7LHNKYzJbhKd3iefr2bBp1Xsrt01o53oDSwfRSkNhSkk-cuvxKne3VDqZuFWSkOSXq8txHoCCxtqk2itdcv_Yxc4kX0O0lvDs0aBsHLo9jzKm_9oL0ljKkzd-pZ4qxMXZ4hwuIih2g94T0jbuZBJEEFu3ZgJ1LOlywjYf9b1dZ09GI_10TwKp2pyPDhQlosR55wO9-3QlMaue8wQdnhvGLyQOuN-pa981S-IqD0PZLAiCCv5R99Cx9FnZnCGzETAz0cm3GunMPMoHlMpxRPjIf1HFc2Sm2DaNjm1wJa9xqml0aQzNkiGUlWqKEwQR_USjQkRrAoIS9klzbDLxBQDAXFMYeTuYHlnD0nq3QBCbJ9Dl8ZE1BWhKb3i8pzbp7X3uQ7LgKlk2F0HvbYNoPsWVDr9DzZLptllld-ligfPxBdx7FfJRKIHSciAEAvhBCB7B2wbHHbWqX6y1M7tQtLmdXA1dYN11CwqWsX_PD6mn2sKpIdYsHBITuyqy8S0mzPfn78p6FEDVw3UzHLsV5jDSYnZ2fxb06CzuuNzDbH_TyVlmw_ejvYpEXtH_M54_ib21JvgfcYZGiDXaUqDZf1Lg4kBrPwR0RM20JUHWchr_hZdEibMQ5SiL-mJxjl9pn1AEnB6vniMI2aXeqtmCdSnll7BnbQfTySXwvORvbqoluaxNruw0jdq5AmJHERbAVmqPOgxwactnNIaptRkVoaFbx6kzrbyvyPTCgJ75dZ-BMaHCWKvOMFurqY6geGI0Bph69606CqCFT-gbl_QUzMz5QAI2U78yuohi3iYlNh5cd8XzIADtPj5Y6c4jT8DlCq6tZwW0wGOAOn6Y1Mfxq_tV9b_Kln5cYVgLV7ZErLsSJg_jqe0QGSXJNfIBiGkSJGJT193GD8h4ILu6v1_w3QgwR9ZAvIZ4Mvh1W2u3uq-75UL6UD3g2YiTT59qkaPCQRIzCWWIy4QQjZ6U1A04mEpK0vszdPI9TCuOJLS8kNA6NeKHYGYPuoQ1Z4oCUyjKYEAxrpN3EmFioJVJBlhTT5Es-lq4kXcRZxDI1NyGqL2zAJZPfOOTbgtLLwsCU8kAWittOrgTAarRrzLJNGh2Z6xjOzz6_tBl1gAKBpj7Na3q7boTa1QSIdNUYXflLnPagdOOfS1_SsYV4mPVBral3JYwJ0ussryWWBvGIWXHnSJ8aLHChXdgCIhyAtwOYXB245ozjOsZjfycyAcwvPNATrmFjmXZGwYz6znXWmpNrsc0M209ClqGbq6QYu2_AOuBk3uuw8SmSZQkJ7r1j4ubzlZclsFY03edqAzIeleGh2j32oiqeS0Ex9QXEtxaklLUgw-sDFoJqhg2LvH8JY7pn5bRP6zV2yBiNIKrJ0JwjvHfWtsrE1Qpl5RcQs7eJpw_hqAEo2cZ8 HTTP 307
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request newsletter.php Show response
sendings.co.za/mailer//subscriber/
Redirect Chain

https://protect-eu.mimecast.com/s/AvdoCMjkxTvODkmQCwf6ML?domain=sendings.co.za
https://protect-eu.mimecast.com/r/0mQNnkzU92UVtcCQO2oWMGhNNoxNhuP-bzVtmBPwU4MF6lY4ofqq_5zrBAejbnPh2GaUAu9-8x3DwTBN-Rld36spN6veTTBe-km85BxjW02iGWttazXL9H816k9r4u1RCeDjv84UEniB6DBJcibwYaK79sPIeuD_0aS...
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1

13 KB
13 KB

688ms
232ms

Document
text/html

156.38.207.74
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.207.74 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: 74.207.38.156.reverse.xneelo.net
Software: Apache /
Resource Hash: cf1a1b2a03c8421f91e47be8b86127bc84d6fca33e58d551b59111f32db14934

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Jun 2023 10:29:25 GMT
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 16 Jun 2023 10:29:24 GMT
Location: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK jQuery_3.5.1.js Show response
sendings.co.za/mailer//admin/scripts/ 87 KB
88 KB 667ms
222ms Script
application/javascript 156.38.207.74
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://sendings.co.za/mailer//admin/scripts/jQuery_3.5.1.js
Requested by: Host: sendings.co.za
URL: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.207.74 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: 74.207.38.156.reverse.xneelo.net
Software: Apache /
Resource Hash: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 10:29:25 GMT
Last-Modified: Sat, 23 Jan 2021 13:01:38 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 89476
Content-Type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 170ms
54ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sendings.co.za
URL: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3392e00941760cbfc6a266395fefdc2e593fdb6076425c604aca597ef515df0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sendings.co.za/
Origin: https://sendings.co.za
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 10:29:25 GMT
content-md5: XH72oI/YzJ5yXTjzpbHq3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: OFN0AlKxZfH0mvmytJrG73U/2Qh39bmQafboHC5yhkyrzTmP8NwQ9xkOyhJZYbpKniTxwcDYP5/YktdnwmkZzw==
x-fb-trip-id: 1679558926
x-fb-content-md5: a0f3ce9090933e270de875deb8b3aff7
cross-origin-opener-policy: same-origin-allow-popups
etag: "c5c0befe7569bbc133de41294e32839e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 16 Jun 2023 10:33:29 GMT

GET
H/1.1 200
OK bluapproved_logo_landscape.png
xds.myblu.io/mailer/img/ 9 KB
9 KB 744ms
233ms Image
image/png 156.38.226.202
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xds.myblu.io/mailer/img/bluapproved_logo_landscape.png
Requested by: Host: sendings.co.za
URL: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 156.38.226.202 Pretoria, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
Software: Apache /
Resource Hash: d02109bf5e505f49ab8807905a1d2ff7015c386747241c7b8d8c5c18114ba328

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sendings.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 10:29:25 GMT
Last-Modified: Mon, 18 Jul 2022 14:50:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9384

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 307 KB
87 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=399b78c907670cebc3fa3bb1bad4e01e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

172cee0c9295ac9d264affa8dd8f9756fa5b4c063f8b68fe0ed89c33b936a05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sendings.co.za/
Origin: https://sendings.co.za
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 10:29:26 GMT
content-md5: Tou3e9TaUxfKsKjLE47W7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88709
x-fb-debug: RsPYCEI1xIbJUMSYHORt49ZlgWfh0afuuUAzq9wpW6jdH4ZxWNZr/LA7v8DPQXq0CI/Hg++gnMdwjrtrMuUx7g==
x-fb-trip-id: 1679558926
x-fb-content-md5: d6d2c517c0973279bc5fb2e7310837c3
cross-origin-opener-policy: same-origin-allow-popups
etag: "897433afc120d7d4cb48096ff14feefe"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 15 Jun 2024 09:47:25 GMT

GET
H2 200 like.php Show response
www.facebook.com/v13.0/plugins/ Frame 5F34 51 KB
18 KB 311ms
187ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v13.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34e0fca339f2ac%26domain%3Dsendings.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsendings.co.za%252Ff2ced539b067304%26relation%3Dparent.parent&container_width=1570&href=https%3A%2F%2Fsendings.co.za%2Fmailer%2F%2Fsubscriber%2Fnewsletter.php%3Fsid%3D0%26c%3D6%26t%3D4%26h%3D3&layout=standard&locale=en_US&sdk=joey&share=true&size=small&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=399b78c907670cebc3fa3bb1bad4e01e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a56ddb733cb4629488b6a3ae5d7cc305e2f391767cdb826a310453333b97991a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sendings.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 16 Jun 2023 10:29:27 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v13.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: MBbSv9oCc507jhyI1w5n+qQDwkKtrz7BtB0na4ukPUpew++SfjXFoeGK+OqVn40TcFOk5ir2yuZVH5OkVXKC9g==
x-xss-protection: 0

GET
H2 200 tNKyyceRUMc.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 5F34 517 KB
134 KB 165ms
56ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/tNKyyceRUMc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v13.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34e0fca339f2ac%26domain%3Dsendings.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsendings.co.za%252Ff2ced539b067304%26relation%3Dparent.parent&container_width=1570&href=https%3A%2F%2Fsendings.co.za%2Fmailer%2F%2Fsubscriber%2Fnewsletter.php%3Fsid%3D0%26c%3D6%26t%3D4%26h%3D3&layout=standard&locale=en_US&sdk=joey&share=true&size=small&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c13b65781813570dd60d87e7e2c2125813bc7b498ddc6a0b6c723aef7e07090d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:29:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oamqmNf6DU+pE/tDP5uiNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136518
x-fb-debug: 2fCPpMbVUb4ZL2sOTaC4nCT7SyxZiSRn/q1EW71Kyj3fPafmHExLpd/OacFycs5MzAhee96pZ7O4bmjN6+vewQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 15 Jun 2024 00:36:13 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5F34 299 B
862 B 162ms
54ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:29:27 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: 1fz6Bb/R/JPl6iCxAQ4Fbgi3rno8WJQZTn33VP/7cySinooa7WeqPlUvjftddjqbqr6/f0eI+mfIdOzFM0slXQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 06 Jun 2024 22:19:57 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
protect-eu.mimecast.com
sendings.co.za
static.xx.fbcdn.net
www.facebook.com
xds.myblu.io
156.38.207.74
156.38.226.202
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
91.220.42.215
172cee0c9295ac9d264affa8dd8f9756fa5b4c063f8b68fe0ed89c33b936a05f
3392e00941760cbfc6a266395fefdc2e593fdb6076425c604aca597ef515df0c
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a56ddb733cb4629488b6a3ae5d7cc305e2f391767cdb826a310453333b97991a
c13b65781813570dd60d87e7e2c2125813bc7b498ddc6a0b6c723aef7e07090d
cf1a1b2a03c8421f91e47be8b86127bc84d6fca33e58d551b59111f32db14934
d02109bf5e505f49ab8807905a1d2ff7015c386747241c7b8d8c5c18114ba328
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

sendings.co.za Open in urlscan Pro 156.38.207.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

40 %IPv6

6 Domains

6 Subdomains

4 IPs

3 Countries

352 kBTransfer

987 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

sendings.co.za Open in urlscan Pro
156.38.207.74 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

352 kB
Transfer

987 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions