email-verify.xend.finance Open in urlscan Pro
2606:4700:3031::6815:3fd3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email-verify.xend.finance/
Effective URL:
https://email-verify.xend.finance/
Submission: On January 06 via api (January 6th 2023, 9:22:47 am UTC) from US — Scanned from US

Summary HTTP 16 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3031::6815:3fd3, located in United States and belongs to CLOUDFLARENET, US. The main domain is email-verify.xend.finance.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2022. Valid for: a year.

This is the only time email-verify.xend.finance was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3031::6815:3fd3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
8 8	2606:4700:303... 2606:4700:3037::ac43:9531	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::ac43:4aaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:965f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	8

3 2606:4700:3031::6815:3fd3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

email-verify.xend.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3037::ac43:9531 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

gallery.mailbuild.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4aaa (United States)

ASN13335 (CLOUDFLARENET, US)

mailbuild.rookiewebstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:965f (United States)

ASN13335 (CLOUDFLARENET, US)

mobilelab.xend.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	rookiewebstudio.com mailbuild.rookiewebstudio.com	27 KB
8	mailbuild.app 8 redirects gallery.mailbuild.app — Cisco Umbrella Rank: 781491	3 KB
4	xend.finance 1 redirects email-verify.xend.finance mobilelab.xend.finance	11 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	icons8.com img.icons8.com — Cisco Umbrella Rank: 52298	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 943	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	1 KB
16	8

	Domain	Requested by
8	mailbuild.rookiewebstudio.com	email-verify.xend.finance
8	gallery.mailbuild.app	8 redirects
3	email-verify.xend.finance	1 redirects email-verify.xend.finance
1	mobilelab.xend.finance	code.jquery.com
1	fonts.gstatic.com	fonts.googleapis.com
1	img.icons8.com	email-verify.xend.finance
1	cdn.jsdelivr.net	email-verify.xend.finance
1	code.jquery.com	email-verify.xend.finance
1	fonts.googleapis.com	email-verify.xend.finance
16	9

This site contains links to these domains. Also see Links.

Domain
xend.finance
web.facebook.com
twitter.com
www.linkedin.com
t.me
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-25` - `2023-06-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
1004834818.rsc.cdn77.org R3	`2022-12-10` - `2023-03-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://email-verify.xend.finance/
Frame ID: 8A2442E490CC53DFD9528A2A9207B6A9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email confirmation: Xend Finance

Page URL History Show full URLs

http://email-verify.xend.finance/ HTTP 301
https://email-verify.xend.finance/ Page URL

Detected technologies

Microsoft Word (Editors) Expand

Overall confidence: 100%
Detected patterns

(?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

16
Requests

50 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

119 kB
Transfer

229 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://xend.finance/mobileapp.html

Search URL Search Domain Scan URL

URL: https://xend.finance/
Title: www.xend.finance

Search URL Search Domain Scan URL

URL: https://xend.finance/#features
Title: Features

Search URL Search Domain Scan URL

URL: https://xend.finance/token.html
Title: $XEND Token

Search URL Search Domain Scan URL

URL: https://web.facebook.com/XendFinance

Search URL Search Domain Scan URL

URL: https://twitter.com/xendfinance

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/xend-finance

Search URL Search Domain Scan URL

URL: https://t.me/xendFinance

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcR2lTpYwCws-axra4AAO8Q/featured

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email-verify.xend.finance/ HTTP 301
https://email-verify.xend.finance/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209133002_xf-logo.png HTTP 301
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133002_xf-logo.png

Request Chain 4

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209133033_xf-logo.png HTTP 301
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133033_xf-logo.png

Request Chain 5

https://gallery.mailbuild.app/item/64lm4Q4e/images/set6-social-facebook.png HTTP 301
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-facebook.png

Request Chain 6

https://gallery.mailbuild.app/item/64lm4Q4e/images/set6-social-twitter.png HTTP 301
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-twitter.png

Request Chain 7

https://gallery.mailbuild.app/item/64lm4Q4e/images/set3-icon2_circle-linkedin.png HTTP 301
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set3-icon2_circle-linkedin.png

Request Chain 9

https://gallery.mailbuild.app/item/64lm4Q4e/images/set6-social-youtube.png HTTP 301
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-youtube.png

Request Chain 11

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209163533_istockphoto-1138782666-612x612.jpeg HTTP 301
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209163533_istockphoto-1138782666-612x612.jpeg

Request Chain 12

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png HTTP 301
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
email-verify.xend.finance/
Redirect Chain

http://email-verify.xend.finance/
https://email-verify.xend.finance/

52 KB
8 KB

471ms
393ms

Document
text/html

2606:4700:3031::6815:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://email-verify.xend.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb939e11672e795ac6a8b58e1911bd24686997d3517096402a0ac08aab36f0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 785364041f501287-MIA
content-encoding: br
content-type: text/html
date: Fri, 06 Jan 2023 09:22:42 GMT
last-modified: Fri, 04 Nov 2022 05:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FMnLd9ZiClQY%2BLImEYrdF%2BK%2BA%2Fu7zdprS2Ju8toTWL0JDwHwCXzk1hVLxFEX6vhqe02zkSWCj0Q7a5ACn11HCR634yGy9JokmqDXIBj1i%2BoX9k1%2B1na3%2Bs6cMBfZvOvnmXiWTcWoNfbqJI60ZzK0aJAqIs3%2F1ys"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78536401e8c5dac1-MIA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 06 Jan 2023 09:22:41 GMT
Location: https://email-verify.xend.finance/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j%2BepBw1RhgpOdcpd%2FtmTxAbhRJ0JIoDXncpIBSiZh9uOyaJkNmZHuGYqtO452peey0RGbrqRCABP3ux2LzPAPkckIZ2DnmkjhgncVtMhabpgzuNryh6ZZAQzg2iP7Eju7lO4k4cgctK%2Fb8pvTCEJnOdGjEJzZAQ"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 290ms
81ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,300&subset=latin,cyrillic,greek

Requested by

Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Jan 2023 09:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Jan 2023 09:22:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Jan 2023 09:22:42 GMT

GET
H2

200

20220209133002_xf-logo.png
mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/
Redirect Chain

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209133002_xf-logo.png
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133002_xf-logo.png

2 KB
3 KB

214ms
74ms

Image
image/webp

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133002_xf-logo.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa956ec8dc0396b0f6d5942313704fbfc60506024fa698865d22d86024ee1589

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=3733
content-disposition: inline; filename="20220209133002_xf-logo.webp"
content-length: 2530
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Feb 2022 06:30:02 GMT
server: cloudflare
etag: "e95-5d78ff6ab6fe2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nu%2Fv9WQE%2BQcDGLhR29JSpCjELv7bAfmqW%2Bf8m%2FsTejxQ8hiLYFCJVzk%2FDVhBtVfzh4YVtxCewZdHbOaJ9B4GbX9Ltixt8g3p0fFVOtSPR91vOW5xRYy3yKIvdn4lfcCWWIuTjfESze8IC%2BjnHv65ukzWNxWkgy%2BKvuN5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785364090d786dce-MIA

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qLPfWXML4qmAzNNv7CIgSFjVESxYquDiPvnZ5Tw2oxwVzCJV3OrQup1zzIWg%2FduS0Xkr2CcYvQWfMqvuDNzlqXuyBlKuzAzOD7Hq66I%2Bgu5CIZEwwYQvHHVV38PlGWO9lmeIVK8kLqVenSK4XPSJwTsOQM%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133002_xf-logo.png
cache-control: max-age=3600
cf-ray: 78536407edff02ae-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 165ms
60ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://email-verify.xend.finance/
Origin: https://email-verify.xend.finance
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPLs350GEo0BCiRiNWIzNDk0MC1hMWYzLTRlN2YtOWVkNi0zMmFiZGU1ZTcwYzEQ+OiCoKvU+wIaBgji0N+dBiISMjAwMTo1NTA6MWQwNToxOjo2KKqeAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTZjYWI1NzUtNmZmNy00M2Y1LTkzYWItNTViYmQ1MDYzMWNiGJvxASIYCAISFGNkczIyMy5taTEuaHdjZG4ubmV0.qp3n4hfyKtGn+4Gio+soPVNGUSvpzP4kKN+lN/3KVac=
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1672996962.dop228.mi1.t,1672996962.cds243.mi1.hn,1672996962.cds223.mi1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 loadingoverlay.min.js Show response
cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/ 12 KB
4 KB 158ms
53ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.7/dist/loadingoverlay.min.js

Requested by

Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cb16ff6222b21ba8a50b1e9aa9fe399e3c3aa2f7cf6929739c3a1b77ce045cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Jan 2023 09:22:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 2693784
x-jsd-version: 2.1.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3559
x-served-by: cache-fra-eddf8230088-FRA, cache-mia11383-MIA
x-jsd-version-type: version
etag: W/"2f04-Hu5g/Uf/2vVT6ffvtwqdpzgYBkw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

20220209133033_xf-logo.png
mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/
Redirect Chain

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209133033_xf-logo.png
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133033_xf-logo.png

2 KB
3 KB

196ms
80ms

Image
image/webp

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133033_xf-logo.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa956ec8dc0396b0f6d5942313704fbfc60506024fa698865d22d86024ee1589

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=3733
content-disposition: inline; filename="20220209133033_xf-logo.webp"
content-length: 2530
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Feb 2022 06:30:33 GMT
server: cloudflare
etag: "e95-5d78ff88b2d6b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slvCErRDyPXQKmTnGOioZLCX6tpdzUn04Rnfv%2F4pKqjIoO2d5RRqN8nsntc88uXMk93Yl4BBAaz82xbZVcwyFr1%2F18oLMroo8f8L4v1UsWBJztrN%2BWl8cHlXA1VlETyrg8DBff9g9vchfZsObSDVGkrxR%2FDlAYzn%2FlZx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785364090d7e6dce-MIA

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boNF74tLQyXkBUMsU3BQkaoIhLPABR%2Fe2cqj8%2FmsmzCb%2FQIBvjS9vtkWZIYtdVyUxrt84pMWiv%2BWC7m8U1YqIU3kn7OgLCHAeiTVO3DvH9A57hJT3usFfo2d7%2Fcw2FS4CAE2G0rO%2BZU0A3xUGsY5hAQ9TMk%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209133033_xf-logo.png
cache-control: max-age=3600
cf-ray: 785364080e0b02ae-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2

200

set6-social-facebook.png
mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/
Redirect Chain

https://gallery.mailbuild.app/item/64lm4Q4e/images/set6-social-facebook.png
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-facebook.png

112 B
484 B

200ms
76ms

Image
image/webp

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-facebook.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b798c9d1705f08747b5d5fae95321fe62aee77839b7ac7f640de39b58e0762af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1130
content-disposition: inline; filename="set6-social-facebook.webp"
content-length: 112
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Jul 2021 03:51:35 GMT
server: cloudflare
etag: "46a-5c6e509b0a6f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twH8DMzu1nID963AR8Uv8aFX%2F8vNS%2FBhH%2FkPkwLy6dL%2BYDjUy9sRaPzLc9Twa2xN614CgkiWiq8B34KSIpjDh9C7C1ReTHgxl2Zgu3AnFJMzTYreX2fcK0Mz3o96r8VssZiruuHTcJ%2FQnOEORmuh9HdtjvZTkOrBFHty"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785364090d796dce-MIA

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeuEIsFjPxF3uWwCuodWvAVUTpFDzjrjwrvFLwsFmDrAl3c1bQGm3QznSeiYiWROZEldYm65JFkcEFodv0m4TyrLQn4v%2BpG2hYr0y45%2B6wFJeVZsKzVsuzh7PcNkogM5KjUUs3lIEBS4lxC92qdavekNYRI%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-facebook.png
cache-control: max-age=3600
cf-ray: 785364080e0d02ae-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2

200

set6-social-twitter.png
mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/
Redirect Chain

https://gallery.mailbuild.app/item/64lm4Q4e/images/set6-social-twitter.png
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-twitter.png

182 B
556 B

199ms
75ms

Image
image/webp

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-twitter.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed9cc54cb85992d91594b39be5d22d24a27b22d6c7646d7b011972107691356

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1285
content-disposition: inline; filename="set6-social-twitter.webp"
content-length: 182
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Jul 2021 03:51:35 GMT
server: cloudflare
etag: "505-5c6e509afcc33"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNC1TF%2FMGw%2FDEvvMVGZStZTlEZW5PAe%2F4SMuRica1g2n7EQHQ2cpcIhVY7nT%2BVDa2uJkTw%2FbaKx6Tr1wsF%2FscYv3Wyeve30fjbAWtkbuJhEclS0EzWjI7IMqJQXpac1RbHegbKAE7qPfUzQ%2Fy7eodzDx9samBOj7V9Dr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785364090d7b6dce-MIA

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upzL6tqDXPqHtSSMNFf8gx27c78%2Blu%2Fxww2BSTyJnWM5Hk1yrsDVga3kK2pU4PEKo%2B7ubm98ICl5vYdG%2F4ds38eJ8qjzc0r2G5gWVAD%2Bg4iMDiaxuf7PPUfebWGXmYwaqjiR6%2FBJxxtCuoUJVql4S4nDMOA%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-twitter.png
cache-control: max-age=3600
cf-ray: 785364080e0e02ae-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2

200

set3-icon2_circle-linkedin.png
mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/
Redirect Chain

https://gallery.mailbuild.app/item/64lm4Q4e/images/set3-icon2_circle-linkedin.png
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set3-icon2_circle-linkedin.png

318 B
889 B

197ms
73ms

Image
image/webp

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set3-icon2_circle-linkedin.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70df861afa37951e13c21e3a8046cbb5159efdb171b67b333e7013d0627eb4de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1382
content-disposition: inline; filename="set3-icon2_circle-linkedin.webp"
content-length: 318
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Jul 2021 03:51:35 GMT
server: cloudflare
etag: "566-5c6e509b029f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3QZq7OSfoDiDopZSWiLC7TbR%2BWyuNrbhZIYutdo7Tm9skihcFS8a9kzljaG5mDsAUQ2%2FVGNWUjPcdQ3tpvRZS016IwJyyru97OW5NIl%2FyQVD50sKEGSRVfIq97hQpET73ght5S507hetoOrtk6kxvPM%2FmdPqkp%2Bynfx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785364090d7c6dce-MIA

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm638lbZptq3s8ACIeQQ16NriX1Zp0kt19TW3dMsHIhZuKoB4ghe6tLcMj4isVUWuE3Qk9%2BenqGhEMS7oB%2FMcjJAJc8QKb1QjcUTo6rp6h7fyuKKXM%2F5zn4dUQ3F1RxS2vYIL1iFMLmQsSvUiodBfkfUbao%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set3-icon2_circle-linkedin.png
cache-control: max-age=3600
cf-ray: 785364080e0f02ae-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2 200 telegram-app--v5.png
img.icons8.com/color/48/000000/ 1 KB
2 KB 253ms
67ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/color/48/000000/telegram-app--v5.png

Requested by

Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

bce49ed5ed8b5347193c7ef24a7561238bf90fd93cbd38438e89f23027572214

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Fri, 06 Jan 2023 09:22:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
version: 0.0.29
icon-format: png
x-cache: HIT
x-77-cache: HIT
x-age: 5220
content-length: 1171
x-77-nzt: AVm7sQ9Y/mvvZBQAAA
x-accel-expires: @1673294142
not-found-platform: false
icon-size: 48
last-modified: Wed, 21 Dec 2022 09:55:02
from-mongo-cache: true
server: CDN77-Turbo
x-77-nzt-ray: 49be1408726a95ac62e8b76343188f2d
vary: Origin
from-redis-cache: false
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
accept-ranges: bytes
icon-id: 25n4hOEoY7ss

GET
H2

200

set6-social-youtube.png
mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/
Redirect Chain

https://gallery.mailbuild.app/item/64lm4Q4e/images/set6-social-youtube.png
https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-youtube.png

174 B
542 B

201ms
79ms

Image
image/webp

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-youtube.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0d5e5ad97f5996700064278caf835be8275a5b1a1874609691b78c91acea1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1271
content-disposition: inline; filename="set6-social-youtube.webp"
content-length: 174
cf-bgj: imgq:85,h2pri
last-modified: Mon, 12 Jul 2021 03:51:35 GMT
server: cloudflare
etag: "4f7-5c6e509b00ab3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seRio2DToMIAKcQaFyeVcbIbA2DUsjCCeqHITxN%2FHgWndNFKUC%2BdjF%2BiO7VbIia8fM7E9xpgoSOLNsv43vd6oV3RucYr85bHLJzM5erZi5kGNpD1RTGX9fSpR4wu59MYYNFdCycZpvDSZXoHpOculBK8c5gka7t0ypds"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785364090d7d6dce-MIA

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQJd8uk4Gno2IBL%2FLdlP2Vrw2pWIv3aWUkkLfRwxObxs4jWFJwHtduzi%2BrVtvngcY7sy29jwY7agEMj%2FWU3NpSoX6D7UeTuR%2FeWKS5N9U8nnoxXtZAH2MeBdA5aAsB%2FRZs2lKP2O%2FJR11lKcugVzpbruh0Y%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/item/64lm4Q4e/images/set6-social-youtube.png
cache-control: max-age=3600
cf-ray: 785364080e1002ae-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2 200 email-decode.min.js Show response
email-verify.xend.finance/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 37ms
35ms Script
application/javascript 2606:4700:3031::6815:3fd3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://email-verify.xend.finance/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:3fd3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a1e484-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTq9DbNrLInmww58Dofhix25SQdP%2BI2p2IySmu0morJHWvVgg3pm7N1UiwFxttKlOfg2e3gIPlRzbJZ%2F25Pu%2BXs%2BTpBgBuYDwnHcjPFX%2Fwa6Cdhr5VT4%2BDuypgx%2BVk5AYj2N3qnowOGflV4sS7EYDHM3A0%2FpNXeY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7853640809231287-MIA
expires: Sun, 08 Jan 2023 09:22:42 GMT

GET
H2

200

20220209163533_istockphoto-1138782666-612x612.jpeg
mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/
Redirect Chain

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209163533_istockphoto-1138782666-612x612.jpeg
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209163533_istockphoto-1138782666-612x612.jpeg

18 KB
19 KB

72ms
71ms

Image
image/jpeg

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209163533_istockphoto-1138782666-612x612.jpeg
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fb364a5dfea786d70bb66f23e1acc93e349e3afd58b33202f42869a0e175a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:22:42 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Feb 2022 09:35:33 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=20876, status=webp_bigger
etag: "518c-5d7928e2857f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxp4bFCzgXjbayeVraybB7f9F%2FNZXmMgnygstPxakdUrQ1aX8Oq5CJqzGYMC7kaBt4MPoxPQmNMApvSbDOGXIApUWcVbwdwSfHiq%2Ff0gUOfWaWlF0UZoEfzipmDfTWbzX%2FOyOMuSNr14v%2FzYn5UUGrxiJ8%2Fmlz3ar%2F9Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 78536409ce3f6dce-MIA
content-length: 18614

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abJDcB86UbFHB%2BI3K7tiQjk8GQPG6orOR798J52PSEczG7l8CUKYug9SfquM0%2B5EmKNnmzFRNZTtEbRclgS1ip4B7arYRPntK7%2BOIvDfzcr%2B%2BIIklUQVgcy0Jg%2BUZafanDbYH7eo9vbc39W1RQtYFjBR5zo%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209163533_istockphoto-1138782666-612x612.jpeg
cache-control: max-age=3600
cf-ray: 785364098a160a1e-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2

404

20220209165522_backgroung-image.png
mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/
Redirect Chain

https://gallery.mailbuild.app/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png
https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png

0
0

79ms
79ms

Image
text/html

2606:4700:20::ac43:4aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png
Requested by: Host: email-verify.xend.finance
URL: https://email-verify.xend.finance/
Protocol: H2
Server: 2606:4700:20::ac43:4aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://email-verify.xend.finance/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Fri, 06 Jan 2023 09:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1oq%2FVNitG2INy0pBvHG8bCtOu%2FTEVZ8%2Fmw00rxw%2FCq5bIR49gYUMoNIMKGrkBWFpXaVi%2F2N65a0%2FiIUYd%2FnUiNNQMxB6nFsxs9CdGRGnHyr4ePWu1BzXMUSWEmxZL4%2BxpDHfbrXJTIxlKMgKm5SkA7KvB4%3D"}],"group":"cf-nel","max_age":604800}
location: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png
cache-control: max-age=3600
cf-ray: 785364098a170a1e-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 06 Jan 2023 10:22:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 235ms
66ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,300&subset=latin,cyrillic,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://email-verify.xend.finance
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:29:25 GMT
x-content-type-options: nosniff
age: 118397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 00:29:25 GMT

POST
H2 400 email Show response
mobilelab.xend.finance/api/auth/confirm/ 364 B
1 KB 762ms
429ms XHR
application/json 2606:4700:3032::ac43:965f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mobilelab.xend.finance/api/auth/confirm/email

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:965f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d8efda255882645ab861f6121765592b9f164ae77f42ad5f343d2482575eab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://email-verify.xend.finance/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 Jan 2023 09:22:43 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 364
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"16c-MP05sqL8AzrSa3vEvu0Iwkva+D0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYi6mU9Gp0IuEFrdYGNQrxtNq8G7rlGJqhhvrc3H5yCvy1JaRyEe31%2FkqwfqRIFLxw%2FCwjpm9yeZXnijsNLuQ1IWSOArIw18vr5DISstnuf%2BggZgOxtoAnd1Un9PTLfbtafhAQvcJpJ5%2Fs7hR1frU3YVnCij"}],"group":"cf-nel","max_age":604800}
cf-ray: 7853640baf43b3d1-MIA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mailbuild.rookiewebstudio.com/customers/fCyW4Utu/user_upload/20220209165522_backgroung-image.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mobilelab.xend.finance/api/auth/confirm/email Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
email-verify.xend.finance
fonts.googleapis.com
fonts.gstatic.com
gallery.mailbuild.app
img.icons8.com
mailbuild.rookiewebstudio.com
mobilelab.xend.finance
2001:4de0:ac18::1:a:3a
2606:4700:20::ac43:4aaa
2606:4700:3031::6815:3fd3
2606:4700:3032::ac43:965f
2606:4700:3037::ac43:9531
2607:f8b0:4006:80d::2003
2607:f8b0:4006:823::200a
2a02:6ea0:c400::12
2a04:4e42:600::485
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3cb939e11672e795ac6a8b58e1911bd24686997d3517096402a0ac08aab36f0b
70df861afa37951e13c21e3a8046cbb5159efdb171b67b333e7013d0627eb4de
74d8efda255882645ab861f6121765592b9f164ae77f42ad5f343d2482575eab
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7ed9cc54cb85992d91594b39be5d22d24a27b22d6c7646d7b011972107691356
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8c0d5e5ad97f5996700064278caf835be8275a5b1a1874609691b78c91acea1a
8cb16ff6222b21ba8a50b1e9aa9fe399e3c3aa2f7cf6929739c3a1b77ce045cc
aa956ec8dc0396b0f6d5942313704fbfc60506024fa698865d22d86024ee1589
b798c9d1705f08747b5d5fae95321fe62aee77839b7ac7f640de39b58e0762af
bce49ed5ed8b5347193c7ef24a7561238bf90fd93cbd38438e89f23027572214
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0fb364a5dfea786d70bb66f23e1acc93e349e3afd58b33202f42869a0e175a2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

email-verify.xend.finance Open in urlscan Pro 2606:4700:3031::6815:3fd3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

50 %HTTPS

100 %IPv6

8 Domains

9 Subdomains

8 IPs

2 Countries

119 kBTransfer

229 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

email-verify.xend.finance Open in urlscan Pro
2606:4700:3031::6815:3fd3 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

50 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

119 kB
Transfer

229 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions