urlscan.io logo urlscan.io
SecurityTrails logo

mailchi.mp Open in urlscan Pro
23.201.139.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Submission: On June 03 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 23.201.139.56, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is mailchi.mp. The Cisco Umbrella rank of the primary domain is 58167.
TLS certificate: Issued by R3 on March 14th 2024. Valid for: 3 months.
This is the only time mailchi.mp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23.201.139.56 16625 (AKAMAI-AS)
1 142.251.221.74 15169 (GOOGLE)
1 23.33.131.144 16625 (AKAMAI-AS)
1 172.217.167.123 15169 (GOOGLE)
2 34.96.122.219 396982 (GOOGLE-CL...)
3 18.67.93.102 16509 (AMAZON-02)
1 142.250.71.74 15169 (GOOGLE)
1 104.68.10.128 16625 (AKAMAI-AS)
2 142.251.221.67 15169 (GOOGLE)
1 23.204.64.135 16625 (AKAMAI-AS)
15 10
2    23.201.139.56 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-139-56.deploy.static.akamaitechnologies.com
mailchi.mp
1    142.251.221.74 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
fonts.googleapis.com
1    23.33.131.144 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-131-144.deploy.static.akamaitechnologies.com
us21.campaign-archive.com
1    172.217.167.123 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f27.1e100.net
sawa-dev-2-storage-bucket.storage.googleapis.com
2    34.96.122.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.122.96.34.bc.googleusercontent.com
mcusercontent.com
3    18.67.93.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-102.syd62.r.cloudfront.net
cdn-images.mailchimp.com
1    142.250.71.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net
ajax.googleapis.com
1    104.68.10.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-10-128.deploy.static.akamaitechnologies.com
s2.go-mpulse.net
2    142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
fonts.gstatic.com
1    23.204.64.135 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-135.deploy.static.akamaitechnologies.com
c.go-mpulse.net
Apex Domain
Subdomains		 Transfer
3 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 6052
5 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
sawa-dev-2-storage-bucket.storage.googleapis.com — Cisco Umbrella Rank: 156460
ajax.googleapis.com — Cisco Umbrella Rank: 380
33 KB
2 gstatic.com
fonts.gstatic.com
97 KB
2 go-mpulse.net
s2.go-mpulse.net — Cisco Umbrella Rank: 5899
c.go-mpulse.net — Cisco Umbrella Rank: 647
51 KB
2 mcusercontent.com
mcusercontent.com — Cisco Umbrella Rank: 5233
87 KB
2 mailchi.mp
mailchi.mp — Cisco Umbrella Rank: 58167
19 KB
1 campaign-archive.com
us21.campaign-archive.com — Cisco Umbrella Rank: 650842
2 KB
15 7
Domain Requested by
3 cdn-images.mailchimp.com mailchi.mp
us21.campaign-archive.com
2 fonts.gstatic.com fonts.googleapis.com
2 mcusercontent.com mailchi.mp
2 mailchi.mp
1 c.go-mpulse.net s2.go-mpulse.net
1 s2.go-mpulse.net mailchi.mp
1 ajax.googleapis.com mailchi.mp
1 sawa-dev-2-storage-bucket.storage.googleapis.com mailchi.mp
1 us21.campaign-archive.com mailchi.mp
1 fonts.googleapis.com mailchi.mp
15 10
Subject Issuer Validity Valid
mailchi.mp
R3		 2024-03-14 -
2024-06-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
wildcardsan2.mailchimp.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-06-19		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
mcusercontent.com
WR3		 2024-05-27 -
2024-08-25		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-17		 a year crt.sh
s2.go-mpulse.net
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Frame ID: 10DEC4DDAC1824E37BCA82C302D3961F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Urgent Notice: Phishing Attempt - Verify Aquion Banking Details

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

294 kB
Transfer

553 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request urgent-notice-phishing-attempt-verify-aquion-banking-details
mailchi.mp/aquion/ 		45 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.139.56 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-139-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
021f8d1af1ab1169e5d9d5f2f87b2b53013be6c30f36bf9075b8305784bd8777

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
9720
Content-Location
https://us21.campaign-archive.com/?u=3920d1266a9b9c3b83f7aa722&id=3ec07048bf&e=12ade28aff
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Jun 2024 00:19:41 GMT
Server-Timing
cdn-cache; desc=MISS edge; dur=106 origin; dur=349
Vary
Accept-Encoding
X-Akamai-Transformed
9 7248 0 pmb=mRUM,2
X-UA-Compatible
IE=edge,chrome=1
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Jun 2024 00:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 00:01:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jun 2024 00:19:42 GMT
archivebar-desktop.css
us21.campaign-archive.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://us21.campaign-archive.com/css/archivebar-desktop.css
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.131.144 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-33-131-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5757a2fa0f0ae8f63c1c38afe86ff1987e183801a8059d65c450c220d0422bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 00:19:42 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 19:16:53 GMT
etag
"1829-59d746a8dd340"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=19534
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1717373982001_386003020_401965764_38_10155_1_5_255";dur=1
accept-ranges
bytes
content-length
1741
5nzhxguuu23d2uwy-68da0.png
sawa-dev-2-storage-bucket.storage.googleapis.com/profiles/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sawa-dev-2-storage-bucket.storage.googleapis.com/profiles/5nzhxguuu23d2uwy-68da0.png
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f27.1e100.net
Software
UploadServer /
Resource Hash
d7fd9cedac8925d7e8756c9cd001ee44c405d27e5801cdab94f81699e495ad87

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 23:53:18 GMT
age
1584
x-guploader-uploadid
ABPtcPrfvAnxmtK4MVskakol7EUHgM8yG8OLLLox_4nV670rcqeyWfMRiQKutcrJUN7vp4qg6bs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6147
last-modified
Thu, 22 Feb 2024 05:29:49 GMT
server
UploadServer
etag
"cfd671df11afe79c0f562ffd8523113e"
x-goog-generation
1708579789174752
x-goog-hash
crc32c=q6yXrg==, md5=z9Zx3xGv55wPVi/9hSMRPg==
access-control-allow-origin
*
access-control-expose-headers
Content-*, Host
cache-control
public, max-age=3600
x-goog-stored-content-length
6147
accept-ranges
bytes
content-type
image/png
expires
Mon, 03 Jun 2024 00:53:18 GMT
fe92caf3-962a-d5cb-a618-e22d4ab39a57.jpeg
mcusercontent.com/3920d1266a9b9c3b83f7aa722/images/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/3920d1266a9b9c3b83f7aa722/images/fe92caf3-962a-d5cb-a618-e22d4ab39a57.jpeg
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ccd3f3aee86f0f8f57a15f5271fa8375b8ee3325e957110a79b643353c7666aa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 23:53:49 GMT
age
1553
x-guploader-uploadid
ABPtcPqw3qwe_aweL_kcFe2FF8kQra-tbnEBQa6Dzv5Yp6gCpZ0oNyOaOjf-JM3O6wEj3_TxOS0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77813
last-modified
Tue, 27 Feb 2024 22:45:27 GMT
server
UploadServer
etag
"9193779fc9a1a5ebe422df25c412d5ae"
x-goog-generation
1709073927928906
x-goog-hash
crc32c=t368zw==, md5=kZN3n8mhpevkIt8lxBLVrg==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
77813
accept-ranges
bytes
expires
Mon, 03 Jun 2024 00:53:49 GMT
linkedin-filled-gray-40.png
cdn-images.mailchimp.com/icons/social-block-v3/block-icons-v3/ 		742 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/icons/social-block-v3/block-icons-v3/linkedin-filled-gray-40.png
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58c4476f5e8a361178203d312e9017b3d910b097ecf24bf7f41699216bd321db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 15:10:44 GMT
x-amz-version-id
null
via
1.1 4279a60193243ca3cf62feedc7fe581e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 16:33:36 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
32939
etag
"16b8749f61fa8daff977960b9297c41d"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
742
x-amz-cf-id
4zxtszVVb30HdfllRIplIDbU8aeEQaHCeVKDzBbIW1HafPxzRrjofg==
website-filled-gray-40.png
cdn-images.mailchimp.com/icons/social-block-v3/block-icons-v3/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/icons/social-block-v3/block-icons-v3/website-filled-gray-40.png
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dff18c75d8391ac4bf790eb4c3304b29b41e824bee48262e1de04064236c188c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 00:45:02 GMT
x-amz-version-id
null
via
1.1 4279a60193243ca3cf62feedc7fe581e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 16:32:27 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
84881
etag
"c09e4a146aa0ac803fb98ff506e26494"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1167
x-amz-cf-id
-xi_Z7uS3Ntbnxf-Kue77qpgAgK3o6G4A3igJDL3_817JNMUeqKsvQ==
997a60b7-2fbc-5f2e-e5ae-10f93df1ce2f.png
mcusercontent.com/3920d1266a9b9c3b83f7aa722/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/3920d1266a9b9c3b83f7aa722/images/997a60b7-2fbc-5f2e-e5ae-10f93df1ce2f.png
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1f35ba4acc2b7e25793f8b9150215cf61ecca8ee62f9e5ce3c05b05712c2246b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 23:53:49 GMT
age
1553
x-guploader-uploadid
ABPtcPpz_0xFqKoLePuuelLjn323WMhDid1OybEQnGmQ5WynDURoVQDz60_hdejyGvmLO1shIOu_DFbfng
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10437
last-modified
Tue, 27 Feb 2024 22:35:38 GMT
server
UploadServer
etag
"7f4ad3c424eacfe9f18e2648dc5bef51"
x-goog-generation
1709073338890596
x-goog-hash
crc32c=ipfVtA==, md5=f0rTxCTqz+nxjiZI3FvvUQ==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
10437
accept-ranges
bytes
expires
Mon, 03 Jun 2024 00:53:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 01:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 May 2025 01:44:43 GMT
QAT5G-9HZLF-7EDMX-YMVCJ-QZJDA
s2.go-mpulse.net/boomerang/ 		209 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.go-mpulse.net/boomerang/QAT5G-9HZLF-7EDMX-YMVCJ-QZJDA
Requested by
Host: mailchi.mp
URL: https://mailchi.mp/aquion/urgent-notice-phishing-attempt-verify-aquion-banking-details?e=12ade28aff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.68.10.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-68-10-128.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 00:19:42 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Mon, 13 May 2024 03:23:44 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
52061
awesomebar-sprite.png
cdn-images.mailchimp.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-images.mailchimp.com/awesomebar-sprite.png
Requested by
Host: us21.campaign-archive.com
URL: https://us21.campaign-archive.com/css/archivebar-desktop.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7df3ca83c43e7c1602a5df22ce6f44135e6b06de295fd045b00a4996f745d5e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://us21.campaign-archive.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 14:50:43 GMT
x-amz-version-id
null
via
1.1 4bfeb1eae9544366893e37b97eee8e6e.cloudfront.net (CloudFront)
age
34139
x-amz-cf-pop
SYD62-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1835
last-modified
Fri, 22 Jun 2012 19:56:07 GMT
server
AmazonS3
etag
"22313a9b5ebfee32f60cfca56e01ff9f"
content-type
image/png
x-amz-meta-s3fox-filesize
1835
x-amz-meta-s3fox-modifiedtime
1340394950000
accept-ranges
bytes
x-amz-cf-id
F1Q7WsZtX9cWp3C2oQUSbdffoRdGPPp__wJZZkLBjFLqyfvNGLxpUg==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://mailchi.mp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 17:39:39 GMT
x-content-type-options
nosniff
age
283203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 May 2025 17:39:39 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://mailchi.mp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 03:14:42 GMT
x-content-type-options
nosniff
age
248700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 May 2025 03:14:42 GMT
config.json
c.go-mpulse.net/api/ 		105 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=QAT5G-9HZLF-7EDMX-YMVCJ-QZJDA&d=mailchi.mp&t=5724580&v=1.766.0&sl=0&si=ab059fce-21d3-4577-90df-d9b2894913f1-seha8t&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=761902
Requested by
Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/QAT5G-9HZLF-7EDMX-YMVCJ-QZJDA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.135 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74b053f795684720d39ebc606c3d69932f96f4a7f1bdd5a5ee3055da8d40abce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 03 Jun 2024 00:19:42 GMT
cache-control
public, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
105
content-type
application/json
favicon.ico
mailchi.mp/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mailchi.mp/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.139.56 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-139-56.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1e9840287decb8799f6da96f04ed4393a7380d5236f4dfc42947174550b25c92

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mailchi.mp/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 03 Jun 2024 00:19:42 GMT
Last-Modified
Fri, 28 Sep 2018 20:58:22 GMT
Server
AkamaiNetStorage
ETag
"8969a0a66f67fb12242f39ad1ad79d1f:1538168302"
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8348

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| BOOMR_config string| BOOMR_API_key object| BOOMR function| $ function| jQuery function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq number| BOOMR_onload

1 Cookies

Domain/Path Name / Value
mailchi.mp/ Name: _mcid
Value: 1.846a9a42cb75b5a294d5122ebea149a9.966d552fbf9944e6203346568862ca1481dc1096ca6853cdfce56f6f79622bc4

1 Console Messages

Source Level URL
Text
network error URL: https://c.go-mpulse.net/api/config.json?key=QAT5G-9HZLF-7EDMX-YMVCJ-QZJDA&d=mailchi.mp&t=5724580&v=1.766.0&sl=0&si=ab059fce-21d3-4577-90df-d9b2894913f1-seha8t&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=761902
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.go-mpulse.net
cdn-images.mailchimp.com
fonts.googleapis.com
fonts.gstatic.com
mailchi.mp
mcusercontent.com
s2.go-mpulse.net
sawa-dev-2-storage-bucket.storage.googleapis.com
us21.campaign-archive.com
104.68.10.128
142.250.71.74
142.251.221.67
142.251.221.74
172.217.167.123
18.67.93.102
23.201.139.56
23.204.64.135
23.33.131.144
34.96.122.219
021f8d1af1ab1169e5d9d5f2f87b2b53013be6c30f36bf9075b8305784bd8777
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1e9840287decb8799f6da96f04ed4393a7380d5236f4dfc42947174550b25c92
1f35ba4acc2b7e25793f8b9150215cf61ecca8ee62f9e5ce3c05b05712c2246b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4e973e1b8e6b798931086cf372b83e40c417e33c0922087dad0eb2f89fa891ac
58c4476f5e8a361178203d312e9017b3d910b097ecf24bf7f41699216bd321db
74b053f795684720d39ebc606c3d69932f96f4a7f1bdd5a5ee3055da8d40abce
ccd3f3aee86f0f8f57a15f5271fa8375b8ee3325e957110a79b643353c7666aa
d7fd9cedac8925d7e8756c9cd001ee44c405d27e5801cdab94f81699e495ad87
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9
dff18c75d8391ac4bf790eb4c3304b29b41e824bee48262e1de04064236c188c
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e7df3ca83c43e7c1602a5df22ce6f44135e6b06de295fd045b00a4996f745d5e
f5757a2fa0f0ae8f63c1c38afe86ff1987e183801a8059d65c450c220d0422bf