urlscan.io logo urlscan.io
SecurityTrails logo

click1.em.investingchannel.com Open in urlscan Pro
74.214.203.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click1.em.investingchannel.com/ViewMessage.do?m=mcccwytnw&r=nwytdtpktw&s=pvvkgwhtvsjqdccydffwdltsvmjmyjrjwdj&q=1677510000&a=view
Effective URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Submission: On February 27 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.em.investingchannel.com. The Cisco Umbrella rank of the primary domain is 754853.
This is the only time click1.em.investingchannel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 74.214.203.11 14618 (AMAZON-AES)
4 2a03:2880:f00... 32934 (FACEBOOK)
1 2404:6800:400... 15169 (GOOGLE)
7 52.7.51.238 14618 (AMAZON-AES)
1 2404:6800:400... 15169 (GOOGLE)
2 172.96.161.50 23470 (RELIABLESITE)
1 96.46.128.252 14618 (AMAZON-AES)
18 7
2    74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)
click1.em.investingchannel.com
4    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2404:6800:4003:c03::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    52.7.51.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-51-238.compute-1.amazonaws.com
iclnd.investingchannel.com
1    2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.96.161.50 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)
i.ibb.co
1    96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com
688815.efeedbacktrk.com
Apex Domain
Subdomains		 Transfer
9 investingchannel.com
click1.em.investingchannel.com — Cisco Umbrella Rank: 754853
iclnd.investingchannel.com — Cisco Umbrella Rank: 167951
310 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
177 KB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12837
105 KB
1 efeedbacktrk.com
688815.efeedbacktrk.com
466 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
971 B
18 6
Domain Requested by
7 iclnd.investingchannel.com click1.em.investingchannel.com
4 connect.facebook.net click1.em.investingchannel.com
connect.facebook.net
2 i.ibb.co click1.em.investingchannel.com
2 click1.em.investingchannel.com
1 688815.efeedbacktrk.com click1.em.investingchannel.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com click1.em.investingchannel.com
18 7
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-07		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
ibb.co
R3		 2023-02-06 -
2023-05-07		 3 months crt.sh
*.efeedbacktrk.com
Go Daddy Secure Certificate Authority - G2		 2022-04-28 -
2023-04-26		 a year crt.sh
*.investingchannel.com
Go Daddy Secure Certificate Authority - G2		 2022-05-11 -
2023-06-12		 a year crt.sh

This page contains 1 frames:

Primary Page: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Frame ID: 9D2BF42C6499BC1E8066F8C46AEE3D40
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Perfect Advising Match Your Perfect Advising Match

Page URL History Show full URLs

  1. http://click1.em.investingchannel.com/ViewMessage.do?m=mcccwytnw&r=nwytdtpktw&s=pvvkgwhtvsjqdccydffwdltsvmjmyjrjwd... Page URL
  2. http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

18
Requests

67 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

625 kB
Transfer

1068 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click1.em.investingchannel.com/ViewMessage.do?m=mcccwytnw&r=nwytdtpktw&s=pvvkgwhtvsjqdccydffwdltsvmjmyjrjwdj&q=1677510000&a=view Page URL
  2. http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 3
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ViewMessage.do
click1.em.investingchannel.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://click1.em.investingchannel.com/ViewMessage.do?m=mcccwytnw&r=nwytdtpktw&s=pvvkgwhtvsjqdccydffwdltsvmjmyjrjwdj&q=1677510000&a=view
Protocol
HTTP/1.1
Server
74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0f6cbe45d300489f0febd766be344c2888a70b90697d5463ee4963f35502f6fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html;charset=utf-8
Date
Mon, 27 Feb 2023 17:42:01 GMT
Keep-Alive
timeout=60
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do?m=mcccwytnw&r=nwytdtpktw&s=pvvkgwhtvsjqdccydffwdltsvmjmyjrjwdj&q=1677510000&a=view
Protocol
H2
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cc9f65d4176e771518f954571d73eba4480f26489b098ffc1945416d43da842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 17:42:01 GMT
content-md5
3/VxYBpfFPJ35Oz8xlPczg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
4aSIwGwpDVZH670pk/gAiX2v1xqB37ASwz+YXRfMy5cwPXhs88X4BdvYg7CjsvM+K/6EhKyu0OzVpY5o0wuBlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
x-fb-content-md5
f60c1b093bfecdef1d0c9f067b13cd6c
cross-origin-opener-policy
same-origin-allow-popups
etag
"477a2cb9e98b3cd586c6337d3d7d2656"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=1,i
expires
Mon, 27 Feb 2023 17:42:17 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
all.js
connect.facebook.net/en_US/ 		308 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=98d68ad03f21ada159719c288e5d13ee
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://click1.em.investingchannel.com/
Origin
http://click1.em.investingchannel.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 17:42:01 GMT
content-md5
tuyld72ww/Q9yb0E7NyEzw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88343
x-fb-rlafr
0
x-fb-debug
2YYylConyV29x5ACaOTxJGP4fECVKCXur7j+bQuiz7zCuYsjcu5Tat00qj5vyIJj/yfEj/HZY4qzwTfzR8aOPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7133d44a682c1fe212fbce69dc7549f4
cross-origin-opener-policy
same-origin-allow-popups
etag
"2463d2f8ce4934b340b1f1c2ca245495"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Feb 2024 15:39:50 GMT
Primary Request ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
click1.em.investingchannel.com/ 		31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
HTTP/1.1
Server
74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
97f4591cda393c73251e6cba6adc44a3c9ad80cf9f371fcfe2410fd55d1c2bb5

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://click1.em.investingchannel.com
Referer
http://click1.em.investingchannel.com/ViewMessage.do?m=mcccwytnw&r=nwytdtpktw&s=pvvkgwhtvsjqdccydffwdltsvmjmyjrjwdj&q=1677510000&a=view
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html;charset=utf-8
Date
Mon, 27 Feb 2023 17:42:01 GMT
Keep-Alive
timeout=60
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cc9f65d4176e771518f954571d73eba4480f26489b098ffc1945416d43da842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 17:42:02 GMT
content-md5
3/VxYBpfFPJ35Oz8xlPczg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
4aSIwGwpDVZH670pk/gAiX2v1xqB37ASwz+YXRfMy5cwPXhs88X4BdvYg7CjsvM+K/6EhKyu0OzVpY5o0wuBlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
x-fb-content-md5
f60c1b093bfecdef1d0c9f067b13cd6c
cross-origin-opener-policy
same-origin-allow-popups
etag
"477a2cb9e98b3cd586c6337d3d7d2656"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=1,i
expires
Mon, 27 Feb 2023 17:42:17 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
css2
fonts.googleapis.com/ 		3 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2ac45e05f5188999247bc9287fc7b21b6e501c0fc286073074abb1e38eac743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 17:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 17:42:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 17:42:02 GMT
all.js
connect.facebook.net/en_US/ 		308 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=98d68ad03f21ada159719c288e5d13ee
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c5f35a8fa640ecee07bc007c0f64afd6f03ca98c372440c3efbcb1bd0662f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://click1.em.investingchannel.com/
Origin
http://click1.em.investingchannel.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 17:42:02 GMT
content-md5
tuyld72ww/Q9yb0E7NyEzw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88343
x-fb-rlafr
0
x-fb-debug
2YYylConyV29x5ACaOTxJGP4fECVKCXur7j+bQuiz7zCuYsjcu5Tat00qj5vyIJj/yfEj/HZY4qzwTfzR8aOPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7133d44a682c1fe212fbce69dc7549f4
cross-origin-opener-policy
same-origin-allow-popups
etag
"2463d2f8ce4934b340b1f1c2ca245495"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Feb 2024 15:39:50 GMT
TheCleanseSponsored.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/ICTheCleanse/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://iclnd.investingchannel.com/nl_forms/src/public/assets/images/ICTheCleanse/TheCleanseSponsored.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
HTTP/1.1
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2b8a1e1ea8d72eac3893851626b7caf2a61e57a189b3dfad7015fc7c9c0e830b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 17:42:02 GMT
Last-Modified
Wed, 01 Feb 2023 14:47:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"42ee-5f3a486a7b851"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17134
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://click1.em.investingchannel.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 18:42:05 GMT
x-content-type-options
nosniff
age
82797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Feb 2024 18:42:05 GMT
datalign.png
i.ibb.co/17gqF11/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/17gqF11/datalign.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.161.50 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
58c53185a365d218059f0e977d8e902c9dd076a3978a6c6a3fdae68cf5aa3c79

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:03 GMT
last-modified
Mon, 27 Feb 2023 12:52:53 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
22482
expires
Thu, 31 Dec 2037 23:55:55 GMT
shutterstock-175886915-copy.jpg
i.ibb.co/0Q4DPvQ/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/0Q4DPvQ/shutterstock-175886915-copy.jpg
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.161.50 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
3bd867e4cc8119efb83a6ec11bd98fe1c6975e521220fef4fe000e11dc4f8637

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:03 GMT
last-modified
Mon, 06 Feb 2023 18:51:07 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84929
expires
Thu, 31 Dec 2037 23:55:55 GMT
cqczsvtrmnpfdqjjfgqhhfvqlrfnmcpcgpkpvqpddddlmt_upqgngfcgyshfppnhyyyy.gif
688815.efeedbacktrk.com/ 		68 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://688815.efeedbacktrk.com/cqczsvtrmnpfdqjjfgqhhfvqlrfnmcpcgpkpvqpddddlmt_upqgngfcgyshfppnhyyyy.gif
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.46.128.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.efeedbacktrk.com
Software
sp /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 17:42:03 GMT
Server
sp
Content-Type
image/png;charset=utf-8
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
imagetoolbar
no
Connection
Keep-Alive
Keep-Alive
timeout=60
Content-Length
68
Expires
Thu, 01 Jan 1970 00:00:00 GMT
white_logo.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/white_logo.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6aac9a03b221c5b7e85901f346e5042f9fc58246ff265becc994af6e492a1458

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:02 GMT
last-modified
Tue, 16 Mar 2021 16:45:38 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"96ca-5bdaa189632b6"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
38602
facebook.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/facebook.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
06b0025ce038759318767d059c0b4dd4847d6c9400b8542b79b12946ba73d22c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:02 GMT
last-modified
Tue, 16 Mar 2021 16:45:38 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"c246-5bdaa18a0d176"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
49734
linkedin.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/linkedin.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b43556e274d6525065afb0bd5f064ec1a75c63017c688df4ccb94cb4bcc342cd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:02 GMT
last-modified
Tue, 16 Mar 2021 16:45:36 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"1086c-5bdaa1884bdf6"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
67692
twitter.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/twitter.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5d7852fd3aa231f08521874e11537416bec49d893828db09e4d3934737024037

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:02 GMT
last-modified
Tue, 16 Mar 2021 16:45:35 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"178c9-5bdaa18689ad6"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
96457
instagramic.png
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/instagramic.png
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a0ca23c14e4d9fb51efca9a14496f94b3bbd8d2d4ed3a787da474df5865955c5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 17:42:02 GMT
last-modified
Mon, 14 Mar 2022 09:30:45 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"115f-5da2a55b8a31c"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
4447
newsletter_banner.jpeg
iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://iclnd.investingchannel.com/nl_forms/src/public/assets/images/WSC_NL/newsletter_banner.jpeg
Requested by
Host: click1.em.investingchannel.com
URL: http://click1.em.investingchannel.com/ViewMessage.do;jsessionid=C35D082AB8DEF4EA2D7E38F0589B68D9
Protocol
HTTP/1.1
Server
52.7.51.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-51-238.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
23048adf1825b709bc667dcd435299718fb76f24c44590c001f82d332179086f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://click1.em.investingchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 17:42:02 GMT
Last-Modified
Tue, 16 Mar 2021 16:45:36 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a22-5bdaa1878c776"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6690

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| FB object| __buffer

1 Cookies

Domain/Path Name / Value
click1.em.investingchannel.com/ Name: JSESSIONID
Value: 6211D8B4E3CA84B002BEE681B718CC6C

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

688815.efeedbacktrk.com
click1.em.investingchannel.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
iclnd.investingchannel.com
172.96.161.50
2404:6800:4003:c03::5f
2404:6800:4003:c11::5e
2a03:2880:f00c:300:face:b00c:0:3
52.7.51.238
74.214.203.11
96.46.128.252
06b0025ce038759318767d059c0b4dd4847d6c9400b8542b79b12946ba73d22c
0f6cbe45d300489f0febd766be344c2888a70b90697d5463ee4963f35502f6fe
23048adf1825b709bc667dcd435299718fb76f24c44590c001f82d332179086f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b8a1e1ea8d72eac3893851626b7caf2a61e57a189b3dfad7015fc7c9c0e830b
3bd867e4cc8119efb83a6ec11bd98fe1c6975e521220fef4fe000e11dc4f8637
58c53185a365d218059f0e977d8e902c9dd076a3978a6c6a3fdae68cf5aa3c79
5d7852fd3aa231f08521874e11537416bec49d893828db09e4d3934737024037
6aac9a03b221c5b7e85901f346e5042f9fc58246ff265becc994af6e492a1458
7c5f35a8fa640ecee07bc007c0f64afd6f03ca98c372440c3efbcb1bd0662f23
7cc9f65d4176e771518f954571d73eba4480f26489b098ffc1945416d43da842
97f4591cda393c73251e6cba6adc44a3c9ad80cf9f371fcfe2410fd55d1c2bb5
a0ca23c14e4d9fb51efca9a14496f94b3bbd8d2d4ed3a787da474df5865955c5
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b43556e274d6525065afb0bd5f064ec1a75c63017c688df4ccb94cb4bcc342cd
d2ac45e05f5188999247bc9287fc7b21b6e501c0fc286073074abb1e38eac743