ministryforprimaryindustries.cmail19.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 18.185.212.165, located in Cambridge, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is ministryforprimaryindustries.cmail19.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 29th 2018. Valid for: 2 years.

This is the only time ministryforprimaryindustries.cmail19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	18.185.212.165 18.185.212.165	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.12.89 151.101.12.89	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	4

2 18.185.212.165 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-212-165.eu-central-1.compute.amazonaws.com

ministryforprimaryindustries.cmail19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.89 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

i1.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	createsend1.com i1.createsend1.com i2.createsend1.com	137 KB
2	cmail19.com 1 redirects ministryforprimaryindustries.cmail19.com	6 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com	859 B
5	4

	Domain	Requested by
2	ministryforprimaryindustries.cmail19.com	1 redirects
1	fonts.gstatic.com	ministryforprimaryindustries.cmail19.com
1	i2.createsend1.com	ministryforprimaryindustries.cmail19.com
1	i1.createsend1.com	ministryforprimaryindustries.cmail19.com
1	fonts.googleapis.com	ministryforprimaryindustries.cmail19.com
5	5

This site contains links to these domains. Also see Links.

Domain
ministryforprimaryindustries.createsend1.com

Subject Issuer	Validity	Valid
*.createsend1.com DigiCert SHA2 Secure Server CA	`2018-06-29` - `2020-07-08`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.google.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh

This page contains 1 frames:

Primary Page: https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B
Frame ID: 4460F1405DC55FC5207987E26BEE0D3F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ministryforprimaryindustries.cmail19.com/t/d-e-bhytin-yupidlytt-t/ HTTP 302
https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

5
Requests

60 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

156 kB
Transfer

180 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ministryforprimaryindustries.createsend1.com/t/d-e-bhytin-yupidlytt-y/
Title: Click here

Search URL Search Domain Scan URL

URL: https://ministryforprimaryindustries.createsend1.com/t/d-l-bhytin-yupidlytt-r/
Title: www.mpi.govt.nz/goodemployerawards

Search URL Search Domain Scan URL

URL: https://ministryforprimaryindustries.createsend1.com/t/d-u-bhytin-yupidlytt-j/
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ministryforprimaryindustries.cmail19.com/t/d-e-bhytin-yupidlytt-t/ HTTP 302
https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 0B08DAEEBF14C7506CBD507C784BD83B Show response
ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/
Redirect Chain

https://ministryforprimaryindustries.cmail19.com/t/d-e-bhytin-yupidlytt-t/
https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B

24 KB
5 KB

294ms
293ms

Document
text/html

18.185.212.165
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.212.165 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-18-185-212-165.eu-central-1.compute.amazonaws.com

Software

_waflopenresty/1.11.2.2 /

Resource Hash

5f4370402f13123573b7a536faf1c5bc71aa2b058d221d747f7905dab2a15242

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;

Request headers

Host: ministryforprimaryindustries.cmail19.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 4460F1405DC55FC5207987E26BEE0D3F

Response headers

Date: Thu, 16 Aug 2018 03:38:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: _waflopenresty/1.11.2.2
Vary: Accept-Encoding
Cache-Control: private
Content-Encoding: gzip
Content-Security-Policy: script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"

Redirect headers

Date: Thu, 16 Aug 2018 03:38:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 197
Connection: keep-alive
Server: _waflopenresty/1.11.2.2
Cache-Control: private
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Location: /t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B
X-Frame-Options: SAMEORIGIN

GET
S 200 css
fonts.googleapis.com/ 8 KB
859 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700,400italic,700italic

Requested by

Host: ministryforprimaryindustries.cmail19.com
URL: https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d01049f505808a8837313385cdc18641859aa30e685ffb41ad5f0ba14c249d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=3600
content-encoding: gzip
last-modified: Thu, 16 Aug 2018 03:38:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 16 Aug 2018 03:38:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 16 Aug 2018 03:38:31 GMT

GET
H/1.1 200
OK 7c49d64d-767f-422c-bfac-7ebe725ad5f9.png
i1.createsend1.com/ei/d/87/341/EEF/093240/csfinal/ 70 KB
70 KB 294ms
253ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i1.createsend1.com/ei/d/87/341/EEF/093240/csfinal/7c49d64d-767f-422c-bfac-7ebe725ad5f9.png

Requested by

Host: ministryforprimaryindustries.cmail19.com
URL: https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

a9f6cde2738faf58181efb9c9c5606220468602d01864bee01d3a6313d2f8d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 Aug 2018 03:38:31 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 7585
X-Cache: HIT, MISS
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 71491
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3125-SJC, cache-fra19124-FRA
Referrer-Policy: no-referrer-when-downgrade
Server: csw
X-Timer: S1534390711.081448,VS0,VE247
Content-Type: image/png
Fastly-Debug-Digest: 87662105aed3e01efa0f257502f3fe51024291fb33fa047b6ba36d402f168ae9
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

GET
H/1.1 200
OK AGMARDTMPIlogopic2.png
i2.createsend1.com/ei/d/87/341/EEF/093240/csfinal/ 65 KB
66 KB 197ms
171ms Image
image/png 151.101.12.89
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://i2.createsend1.com/ei/d/87/341/EEF/093240/csfinal/AGMARDTMPIlogopic2.png

Requested by

Host: ministryforprimaryindustries.cmail19.com
URL: https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B

Protocol

HTTP/1.1

Server

151.101.12.89 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

csw /

Resource Hash

c1243917941c97e77af18fe843e494007717caec8ab9d171f824d56a573f6da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 16 Aug 2018 03:38:31 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 7585
X-Cache: HIT, MISS
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: keep-alive
Content-Length: 67035
X-XSS-Protection: 1;mode=block
X-Served-By: cache-sjc3137-SJC, cache-fra19124-FRA
Referrer-Policy: no-referrer-when-downgrade
Server: csw
X-Timer: S1534390711.083641,VS0,VE165
Content-Type: image/png
Fastly-Debug-Digest: 3da5e1a90541efa7334b79a0dabc7b51e1b2199d699d3ba79914d1c065c20208
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

GET
S 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v12/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v12/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: ministryforprimaryindustries.cmail19.com
URL: https://ministryforprimaryindustries.cmail19.com/t/ViewEmail/d/215192F52754C1502540EF23F30FEDED/0B08DAEEBF14C7506CBD507C784BD83B

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ubuntu:400,700,400italic,700italic
Origin: https://ministryforprimaryindustries.cmail19.com

Response headers

date: Wed, 01 Aug 2018 18:57:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Aug 2018 17:29:07 GMT
server: sffe
age: 1240845
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13720
x-xss-protection: 1; mode=block
expires: Thu, 01 Aug 2019 18:57:46 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' js.createsend1.com https://connect.facebook.net www.google-analytics.com; base-uri 'none'; report-uri https://createsend1.report-uri.com/r/t/csp/enforce;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
i1.createsend1.com
i2.createsend1.com
ministryforprimaryindustries.cmail19.com
151.101.12.89
18.185.212.165
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
5f4370402f13123573b7a536faf1c5bc71aa2b058d221d747f7905dab2a15242
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
a9f6cde2738faf58181efb9c9c5606220468602d01864bee01d3a6313d2f8d3a
c1243917941c97e77af18fe843e494007717caec8ab9d171f824d56a573f6da4
d01049f505808a8837313385cdc18641859aa30e685ffb41ad5f0ba14c249d45

ministryforprimaryindustries.cmail19.com Open in urlscan Pro 18.185.212.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

156 kBTransfer

180 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

ministryforprimaryindustries.cmail19.com Open in urlscan Pro
18.185.212.165 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

156 kB
Transfer

180 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions