urlscan.io logo urlscan.io
SecurityTrails logo

click1.email.fremonttribune.com Open in urlscan Pro
96.46.128.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure-web.cisco.com/1osMF6jO3TZ6Yua4-vG8cREyQSm1Pd3XpSvvXM3diOp3snbUzAA2fa-et9p1ZAS1XIQxlW2DzyO0XXN4dRBWafdHTMSfROuj...
Effective URL: http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Submission: On December 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 96.46.128.252, located in United States and belongs to CYBER-GENERATION - Cyber Generation Inc, CA. The main domain is click1.email.fremonttribune.com.
This is the only time click1.email.fremonttribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:101:2005... 16417 (IRONPORT-...)
2 96.46.128.252 18499 (CYBER-GEN...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 69.56.15.50 30145 (PCUC-AS)
2 107.180.70.73 26496 (AS-26496-...)
9 4
1    2620:101:2005:11f0::1001 (United States)

ASN16417 (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division, US)
secure-web.cisco.com
2    96.46.128.252 (United States)

ASN18499 (CYBER-GENERATION - Cyber Generation Inc, CA)
PTR: www.efeedbacktrk.com
click1.email.fremonttribune.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    69.56.15.50 (United States)

ASN30145 (PCUC-AS - PCUC Acquisition LLC, US)
PTR: www.efeedbacktrk.com
0e4593.efeedbacktrk.com
2    107.180.70.73 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-70-73.ip.secureserver.net
ljssupport.com
Domain Requested by
4 connect.facebook.net click1.email.fremonttribune.com
connect.facebook.net
2 ljssupport.com click1.email.fremonttribune.com
2 click1.email.fremonttribune.com click1.email.fremonttribune.com
1 0e4593.efeedbacktrk.com click1.email.fremonttribune.com
1 secure-web.cisco.com 1 redirects
9 5

This site contains no links.

Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.efeedbacktrk.com
Sectigo RSA Organization Validation Secure Server CA		 2019-04-24 -
2021-04-23		 2 years crt.sh
ljssupport.com
cPanel, Inc. Certification Authority		 2019-11-30 -
2020-02-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Frame ID: 79DB10702ECEB9B5492D3AEE2A9DEB8E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://secure-web.cisco.com/1osMF6jO3TZ6Yua4-vG8cREyQSm1Pd3XpSvvXM3diOp3snbUzAA2fa-et9p1ZAS1XIQxlW2DzyO0... HTTP 302
    http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthd... Page URL
  2. http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

9
Requests

67 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

281 kB
Transfer

544 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure-web.cisco.com/1osMF6jO3TZ6Yua4-vG8cREyQSm1Pd3XpSvvXM3diOp3snbUzAA2fa-et9p1ZAS1XIQxlW2DzyO0XXN4dRBWafdHTMSfROujfS5s9hb8PuZ-J7QRstaXi4LD5P7VKtXCCIGbIkGDJHuMFrpFvSYY7TNcceirfyx2nxNYbBcOyXS-oukR_K4zjNxXvxu-QDUke1Y5Fw1Ly9UEeU2uDwrz4AmecYG4RE9vkt6Kf551sK2LoNagAWdvDgmEfdT7v_P8lw2LCynbzEhstmLuE0Z2BY9YV5CNSZyPJLs-hNKEcqWJr8HyMg8Z3Acuwe9q46aPNxFcuBb29ObrdUd_oodFmNe-gMWqYdgPR2_1j3hSnsiQSGefme0mcWmqkWtZQvW5NIIig6c_qqZVKa2YbFRZZOK1a2gzqYnMWiJ8yMC0UJTO-yfP3cMz3Jp1Rss1e-0AMN5Qgv9a5Cg4R97JlF7xKwwArgjt0Xw16BEbAm7sg3iWruAdKeFqlpUWF_pu6WOPVawKWY8KQWRNb0yGSD0StRA/http%3A%2F%2Fclick1.email.fremonttribune.com%2FViewMessage.do%3Fm%3Dlnjmkhghg%26r%3Dojlztlwzkk%26s%3Dphywfjllclrvhmfyqjjvcsvkswvcvfdthdl%26q%3D1575475200%26a%3Dview HTTP 302
    http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view Page URL
  2. http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://secure-web.cisco.com/1osMF6jO3TZ6Yua4-vG8cREyQSm1Pd3XpSvvXM3diOp3snbUzAA2fa-et9p1ZAS1XIQxlW2DzyO0XXN4dRBWafdHTMSfROujfS5s9hb8PuZ-J7QRstaXi4LD5P7VKtXCCIGbIkGDJHuMFrpFvSYY7TNcceirfyx2nxNYbBcOyXS-oukR_K4zjNxXvxu-QDUke1Y5Fw1Ly9UEeU2uDwrz4AmecYG4RE9vkt6Kf551sK2LoNagAWdvDgmEfdT7v_P8lw2LCynbzEhstmLuE0Z2BY9YV5CNSZyPJLs-hNKEcqWJr8HyMg8Z3Acuwe9q46aPNxFcuBb29ObrdUd_oodFmNe-gMWqYdgPR2_1j3hSnsiQSGefme0mcWmqkWtZQvW5NIIig6c_qqZVKa2YbFRZZOK1a2gzqYnMWiJ8yMC0UJTO-yfP3cMz3Jp1Rss1e-0AMN5Qgv9a5Cg4R97JlF7xKwwArgjt0Xw16BEbAm7sg3iWruAdKeFqlpUWF_pu6WOPVawKWY8KQWRNb0yGSD0StRA/http%3A%2F%2Fclick1.email.fremonttribune.com%2FViewMessage.do%3Fm%3Dlnjmkhghg%26r%3Dojlztlwzkk%26s%3Dphywfjllclrvhmfyqjjvcsvkswvcvfdthdl%26q%3D1575475200%26a%3Dview HTTP 302
  • http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
Request Chain 1
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 3
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set ViewMessage.do
click1.email.fremonttribune.com/
Redirect Chain
  • http://secure-web.cisco.com/1osMF6jO3TZ6Yua4-vG8cREyQSm1Pd3XpSvvXM3diOp3snbUzAA2fa-et9p1ZAS1XIQxlW2DzyO0XXN4dRBWafdHTMSfROujfS5s9hb8PuZ-J7QRstaXi4LD5P7VKtXCCIGbIkGDJHuMFrpFvSYY7TNcceirfyx2nxNYbBcOy...
  • http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
Protocol
HTTP/1.1
Server
96.46.128.252 , United States, ASN18499 (CYBER-GENERATION - Cyber Generation Inc, CA),
Reverse DNS
www.efeedbacktrk.com
Software
/
Resource Hash

Request headers

Host
click1.email.fremonttribune.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Keep-Alive
timeout=60
Set-Cookie
JSESSIONID=9957F1FA3AF153675F403AEEAB1EAB33; Path=/; HttpOnly
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Date
Wed, 04 Dec 2019 17:58:01 GMT
Server

Redirect headers

Server
nginx/1.16.1
Date
Wed, 04 Dec 2019 17:51:51 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Harpe-Token
Location
http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
X-Harpe-Verdict
harpe_allow
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: click1.email.fremonttribune.com
URL: http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iJih74c4bPkGf1QB4q/vVw==
status
200
date
Wed, 04 Dec 2019 17:51:51 GMT
expires
Wed, 04 Dec 2019 18:00:34 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1781
x-fb-debug
o5bm8Avk2vqRKQO2+5fWnI3KM9EPiCkr9ulrCzVgzr2pHBwIh5qFoPRTN0vfVpM2Uy18NwQizu2DYIaz0eZMrg==
x-fb-trip-id
420120009
x-fb-content-md5
4b1774ccd6abf7fdb7b7d0689175cf8c
etag
"e97e4455a950b5b7edbe6d1932b21133"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
Primary Request ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
click1.email.fremonttribune.com/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Requested by
Host: click1.email.fremonttribune.com
URL: http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
Protocol
HTTP/1.1
Server
96.46.128.252 , United States, ASN18499 (CYBER-GENERATION - Cyber Generation Inc, CA),
Reverse DNS
www.efeedbacktrk.com
Software
/
Resource Hash
2ba82d9a2eff999ed9e6feb21ee8c3a23324bb2544cd5e7911ec5665dc348998

Request headers

Host
click1.email.fremonttribune.com
Connection
keep-alive
Content-Length
272
Pragma
no-cache
Cache-Control
no-cache
Origin
http://click1.email.fremonttribune.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
Accept-Encoding
gzip, deflate
Cookie
JSESSIONID=9957F1FA3AF153675F403AEEAB1EAB33
Origin
http://click1.email.fremonttribune.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view

Response headers

Keep-Alive
timeout=60
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Date
Wed, 04 Dec 2019 17:58:02 GMT
Server
all.js
connect.facebook.net/en_US/ 		187 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=ff8b64f3d491a3655e143809d97ea38f&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://click1.email.fremonttribune.com/ViewMessage.do?m=lnjmkhghg&r=ojlztlwzkk&s=phywfjllclrvhmfyqjjvcsvkswvcvfdthdl&q=1575475200&a=view
Origin
http://click1.email.fremonttribune.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
53/TP3rXyuQRv30qsiqVBg==
status
200
date
Wed, 04 Dec 2019 17:51:51 GMT
expires
Thu, 03 Dec 2020 14:02:20 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
56819
x-fb-debug
tupv3fCQ3gSJU0rzrguAdFNyDxcpN6HEM82lYOKsBu8qsC/0mRanChalxmr6hkTNr0+Aw9ngYb9uZ25pKikJYw==
x-fb-trip-id
420120009
x-fb-content-md5
9f4afa2ea253940f22493c6364c5f9a1
etag
"88258b025ee3e4acf0840608e5c5aa9f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: click1.email.fremonttribune.com
URL: http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0527ae100b7d8a10ccea94ab292453a89b0a89451179bccd770fb0378c300de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iJih74c4bPkGf1QB4q/vVw==
status
200
date
Wed, 04 Dec 2019 17:51:52 GMT
expires
Wed, 04 Dec 2019 18:00:34 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
1781
x-fb-debug
o5bm8Avk2vqRKQO2+5fWnI3KM9EPiCkr9ulrCzVgzr2pHBwIh5qFoPRTN0vfVpM2Uy18NwQizu2DYIaz0eZMrg==
x-fb-trip-id
420120009
x-fb-content-md5
4b1774ccd6abf7fdb7b7d0689175cf8c
etag
"e97e4455a950b5b7edbe6d1932b21133"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
scjwjvkkskztpbmjtcrvvtpsdpthdwpspjlfblkvlbsskl_zdpmrlsmbbkrswsbwsmzz.gif
0e4593.efeedbacktrk.com/ 		68 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0e4593.efeedbacktrk.com/scjwjvkkskztpbmjtcrvvtpsdpthdwpspjlfblkvlbsskl_zdpmrlsmbbkrswsbwsmzz.gif
Requested by
Host: click1.email.fremonttribune.com
URL: http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.56.15.50 , United States, ASN30145 (PCUC-AS - PCUC Acquisition LLC, US),
Reverse DNS
www.efeedbacktrk.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Dec 2019 17:58:45 GMT
Server
Content-Type
image/png;charset=utf-8
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
imagetoolbar
no
Keep-Alive
timeout=60
Content-Length
68
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fremont_dark.png
ljssupport.com/app/newsletters/_root/dist/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ljssupport.com/app/newsletters/_root/dist/img/logos/fremont_dark.png
Requested by
Host: click1.email.fremonttribune.com
URL: http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.180.70.73 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-70-73.ip.secureserver.net
Software
Apache /
Resource Hash
0f801dad337416bff28fe8f543b8bb735cbe2699ec283ace29429aba06bc6dcd

Request headers

Referer
http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 17:51:52 GMT
Last-Modified
Tue, 04 Dec 2018 21:49:02 GMT
Server
Apache
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Content-Length
4825
Keep-Alive
timeout=5, max=100
all.js
connect.facebook.net/en_US/ 		187 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=ff8b64f3d491a3655e143809d97ea38f&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
352c3c2540c4fc246ce55422115ad4837703a0eb79ffcfb27bd4a55888d5a269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Origin
http://click1.email.fremonttribune.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
53/TP3rXyuQRv30qsiqVBg==
status
200
date
Wed, 04 Dec 2019 17:51:52 GMT
expires
Thu, 03 Dec 2020 14:02:20 GMT
alt-svc
h3-23=":443"; ma=3600
content-length
56819
x-fb-debug
tupv3fCQ3gSJU0rzrguAdFNyDxcpN6HEM82lYOKsBu8qsC/0mRanChalxmr6hkTNr0+Aw9ngYb9uZ25pKikJYw==
x-fb-trip-id
420120009
x-fb-content-md5
9f4afa2ea253940f22493c6364c5f9a1
etag
"88258b025ee3e4acf0840608e5c5aa9f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
Fre.jpg
ljssupport.com/creative/TodaysMail/2019/2019_Thanksgiveaway/images/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ljssupport.com/creative/TodaysMail/2019/2019_Thanksgiveaway/images/Fre.jpg
Requested by
Host: click1.email.fremonttribune.com
URL: http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
Protocol
HTTP/1.1
Server
107.180.70.73 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-70-73.ip.secureserver.net
Software
Apache /
Resource Hash
756c45249544fc0cfccca420c2fc25d7a558e3dd0168114a76bc605b80439edb

Request headers

Referer
http://click1.email.fremonttribune.com/ViewMessage.do;jsessionid=9957F1FA3AF153675F403AEEAB1EAB33
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 04 Dec 2019 17:51:52 GMT
Last-Modified
Fri, 22 Nov 2019 20:40:16 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
146629

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| FB

1 Cookies

Domain/Path Name / Value
click1.email.fremonttribune.com/ Name: JSESSIONID
Value: 9957F1FA3AF153675F403AEEAB1EAB33