![](/screenshots/8b5beebd-b2fc-4904-8ec1-a25266394eee.png)
sendings.co.za
Open in
urlscan Pro
156.38.207.74
Public Scan
Effective URL: https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Submission: On June 16 via api from ZA — Scanned from GB
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2023. Valid for: 3 months.
This is the only time sendings.co.za was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 91.220.42.215 91.220.42.215 | 42427 (MIMECAST-UK) (MIMECAST-UK) | |
2 | 156.38.207.74 156.38.207.74 | 37153 (xneelo) (xneelo) | |
4 | 2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 156.38.226.202 156.38.226.202 | 37153 (xneelo) (xneelo) | |
1 | 2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
8 | 4 |
ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
protect-eu.mimecast.com |
ASN37153 (xneelo, ZA)
PTR: 74.207.38.156.reverse.xneelo.net
sendings.co.za |
ASN32934 (FACEBOOK, US)
connect.facebook.net | |
static.xx.fbcdn.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 659 |
134 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176 |
89 KB |
2 |
sendings.co.za
sendings.co.za |
100 KB |
2 |
mimecast.com
2 redirects
protect-eu.mimecast.com — Cisco Umbrella Rank: 34803 |
3 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 101 |
18 KB |
1 |
myblu.io
xds.myblu.io |
9 KB |
8 | 6 |
Domain | Requested by | |
---|---|---|
2 | static.xx.fbcdn.net |
www.facebook.com
|
2 | connect.facebook.net |
sendings.co.za
connect.facebook.net |
2 | sendings.co.za |
sendings.co.za
|
2 | protect-eu.mimecast.com | 2 redirects |
1 | www.facebook.com |
connect.facebook.net
|
1 | xds.myblu.io |
sendings.co.za
|
8 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sendings.co.za cPanel, Inc. Certification Authority |
2023-03-23 - 2023-06-21 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-25 - 2023-06-23 |
3 months | crt.sh |
xds.myblu.io cPanel, Inc. Certification Authority |
2023-05-19 - 2023-08-17 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1
Frame ID: 51CEB45CE50272D9DE4211ECA8BDCFD2
Requests: 5 HTTP requests in this frame
Frame:
https://www.facebook.com/v13.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34e0fca339f2ac%26domain%3Dsendings.co.za%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsendings.co.za%252Ff2ced539b067304%26relation%3Dparent.parent&container_width=1570&href=https%3A%2F%2Fsendings.co.za%2Fmailer%2F%2Fsubscriber%2Fnewsletter.php%3Fsid%3D0%26c%3D6%26t%3D4%26h%3D3&layout=standard&locale=en_US&sdk=joey&share=true&size=small&width=
Frame ID: 5F343A9A8BA80896D4AA697A0E84B5B0
Requests: 3 HTTP requests in this frame
Screenshot
![](/screenshots/8b5beebd-b2fc-4904-8ec1-a25266394eee.png)
Page Title
Promote financial inclusion.Page URL History Show full URLs
-
https://protect-eu.mimecast.com/s/AvdoCMjkxTvODkmQCwf6ML?domain=sendings.co.za
HTTP 307
https://protect-eu.mimecast.com/r/0mQNnkzU92UVtcCQO2oWMGhNNoxNhuP-bzVtmBPwU4MF6lY4ofqq_5zrBAejbnPh2GaUAu9-8x... HTTP 307
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1 Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-eu.mimecast.com/s/AvdoCMjkxTvODkmQCwf6ML?domain=sendings.co.za
HTTP 307
https://protect-eu.mimecast.com/r/0mQNnkzU92UVtcCQO2oWMGhNNoxNhuP-bzVtmBPwU4MF6lY4ofqq_5zrBAejbnPh2GaUAu9-8x3DwTBN-Rld36spN6veTTBe-km85BxjW02iGWttazXL9H816k9r4u1RCeDjv84UEniB6DBJcibwYaK79sPIeuD_0aSrjevtNn_ZGZ1zZYDnOLfGFrr5-miZbq9AW2QI-NHkGVe4ggF1oyy6Kxwp-6IJcmXiqHp2yWFl8gJ8-UMdHlWMXiAU3yd5AcbFYZ9oStDVWRBguCrJTaGxEmP2G2Y7nLG909ZAuD2K5eQ0kYwCl3bF67ZTiCQpR783k9FWEqTVbVJu4d-cd-vxV9wzbPmIdNT1E4oPGqF1h5krTfO4327oUQ4ItQlE5jp3Wk1nXzqV-OuKLKQhzQG-hX6OKGuValCMGSVGivQ8_rUB6EhhMPonc6DxuA3g72mMREHME1EaN6vzzeOcmiE5zeB0P29k-QVoFmtWk-a_Smfu4zrPICEMrH5zKF0f8_FKiHzVtq85OUM8DZ1NaajsB_BGvMKOQfLfWNbKVf03cbTZiiuMWq1W0ppQDlUExVUx7-W3WjTkSm-oSVlup5QWXY4yQ1RNBm_G16zkgVleAGSTiZBXRUI9Crr-g0TTs-DsunV658YAOZP5jciGrT6FPeGkhtsBZuaKdDHGSKkJ7V9YdOJ-1wveE4k2xP5kCQi2ktUkOv7BfDHFn_OxnjJUAgmQA2Xz3z2Woc8_RgIChHpTVLJyhOfGwBBoQh-MYSqCcwA0S8vP-j3zUAvEb5DMMJhbVsDQFapKuYhCOrHTG1XvCvnPJMMOBSOD4fAeNv2WuSPgxna8rvdf6bCcj-eolOe41sEhxxvsALwWTYTCGYftDBfRT4n4W4WneqbcfXOS0SUCbhSOKzrDjbZg1tgxkXeEgpx03WS9F2MkiRdVtqJKLwRNGBa4KnXZKJR-6ZhXkpnvq9Foibu51DJfkyij-iWyIiguqibwG-QdF9EjkapNymcvnEt5laeNDt-gWRSYBWsjdWvqXwL6BrOFqnjglHQrJxfBdshdtML5_-nXlRCB7ez1Rj2JySU1Hkc21Obe7CC9VmK2iom7bE1Ke5uoXH8vepteJ-DOchW0zBho8AKY-y89DKLoCQk5qVRpIRvR32aiguUd2Cr4-cLfs24Ubo4MUDCaifybJxD42IBAdPZ9MAKkEPFWUad8XK4gxYAG5JFeZhktlpWoiEK4sBqvU2PIi2XGboXdEy1IwX7e3QeF0_Sf4cbvBllxvK7uPpKeCRv9Vl695D4rPEEt6p2IrDP-Nf8tWTFTfP5dNhgmIVNxGwKQaLzxCrUMsQZmrZx5sXBMK-nziFZBEPrgK-puCnuQXCzUEA8GpjDUJm6t9SGbR2uGKRLy8b_njNq00_1OVoiWwqVbgWzSf-wPxqMYGODk__SrcHM6l7LHNKYzJbhKd3iefr2bBp1Xsrt01o53oDSwfRSkNhSkk-cuvxKne3VDqZuFWSkOSXq8txHoCCxtqk2itdcv_Yxc4kX0O0lvDs0aBsHLo9jzKm_9oL0ljKkzd-pZ4qxMXZ4hwuIih2g94T0jbuZBJEEFu3ZgJ1LOlywjYf9b1dZ09GI_10TwKp2pyPDhQlosR55wO9-3QlMaue8wQdnhvGLyQOuN-pa981S-IqD0PZLAiCCv5R99Cx9FnZnCGzETAz0cm3GunMPMoHlMpxRPjIf1HFc2Sm2DaNjm1wJa9xqml0aQzNkiGUlWqKEwQR_USjQkRrAoIS9klzbDLxBQDAXFMYeTuYHlnD0nq3QBCbJ9Dl8ZE1BWhKb3i8pzbp7X3uQ7LgKlk2F0HvbYNoPsWVDr9DzZLptllld-ligfPxBdx7FfJRKIHSciAEAvhBCB7B2wbHHbWqX6y1M7tQtLmdXA1dYN11CwqWsX_PD6mn2sKpIdYsHBITuyqy8S0mzPfn78p6FEDVw3UzHLsV5jDSYnZ2fxb06CzuuNzDbH_TyVlmw_ejvYpEXtH_M54_ib21JvgfcYZGiDXaUqDZf1Lg4kBrPwR0RM20JUHWchr_hZdEibMQ5SiL-mJxjl9pn1AEnB6vniMI2aXeqtmCdSnll7BnbQfTySXwvORvbqoluaxNruw0jdq5AmJHERbAVmqPOgxwactnNIaptRkVoaFbx6kzrbyvyPTCgJ75dZ-BMaHCWKvOMFurqY6geGI0Bph69606CqCFT-gbl_QUzMz5QAI2U78yuohi3iYlNh5cd8XzIADtPj5Y6c4jT8DlCq6tZwW0wGOAOn6Y1Mfxq_tV9b_Kln5cYVgLV7ZErLsSJg_jqe0QGSXJNfIBiGkSJGJT193GD8h4ILu6v1_w3QgwR9ZAvIZ4Mvh1W2u3uq-75UL6UD3g2YiTT59qkaPCQRIzCWWIy4QQjZ6U1A04mEpK0vszdPI9TCuOJLS8kNA6NeKHYGYPuoQ1Z4oCUyjKYEAxrpN3EmFioJVJBlhTT5Es-lq4kXcRZxDI1NyGqL2zAJZPfOOTbgtLLwsCU8kAWittOrgTAarRrzLJNGh2Z6xjOzz6_tBl1gAKBpj7Na3q7boTa1QSIdNUYXflLnPagdOOfS1_SsYV4mPVBral3JYwJ0ussryWWBvGIWXHnSJ8aLHChXdgCIhyAtwOYXB245ozjOsZjfycyAcwvPNATrmFjmXZGwYz6znXWmpNrsc0M209ClqGbq6QYu2_AOuBk3uuw8SmSZQkJ7r1j4ubzlZclsFY03edqAzIeleGh2j32oiqeS0Ex9QXEtxaklLUgw-sDFoJqhg2LvH8JY7pn5bRP6zV2yBiNIKrJ0JwjvHfWtsrE1Qpl5RcQs7eJpw_hqAEo2cZ8 HTTP 307
https://sendings.co.za/mailer//subscriber/newsletter.php?e2=103518&c=6&h=3&t=4&sp=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
newsletter.php
sendings.co.za/mailer//subscriber/ Redirect Chain
|
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jQuery_3.5.1.js
sendings.co.za/mailer//admin/scripts/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bluapproved_logo_landscape.png
xds.myblu.io/mailer/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
307 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/v13.0/plugins/ Frame 5F34 |
51 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tNKyyceRUMc.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 5F34 |
517 KB 134 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5F34 |
299 B 862 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| FB object| __buffer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
protect-eu.mimecast.com
sendings.co.za
static.xx.fbcdn.net
www.facebook.com
xds.myblu.io
156.38.207.74
156.38.226.202
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
91.220.42.215
172cee0c9295ac9d264affa8dd8f9756fa5b4c063f8b68fe0ed89c33b936a05f
3392e00941760cbfc6a266395fefdc2e593fdb6076425c604aca597ef515df0c
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a56ddb733cb4629488b6a3ae5d7cc305e2f391767cdb826a310453333b97991a
c13b65781813570dd60d87e7e2c2125813bc7b498ddc6a0b6c723aef7e07090d
cf1a1b2a03c8421f91e47be8b86127bc84d6fca33e58d551b59111f32db14934
d02109bf5e505f49ab8807905a1d2ff7015c386747241c7b8d8c5c18114ba328
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4