view.mail.firsthand.co Open in urlscan Pro
13.110.222.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442...
Submission: On April 25 via api (April 25th 2022, 3:11:47 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 13.110.222.105, located in United States and belongs to SALESFORCE, US. The main domain is view.mail.firsthand.co.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 27th 2022. Valid for: a year.

This is the only time view.mail.firsthand.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.110.222.105 13.110.222.105	14340 (SALESFORCE) (SALESFORCE)
8	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	143.204.98.95 143.204.98.95	16509 (AMAZON-02) (AMAZON-02)
1	13.110.220.119 13.110.220.119	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
14	5

1 13.110.222.105 (United States)

ASN14340 (SALESFORCE, US)
PTR: view.mail.firsthand.co

view.mail.firsthand.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net

d15k2d11r6t6rl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.220.119 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.mail.firsthand.co

click.mail.firsthand.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	5 KB
3	cloudfront.net d15k2d11r6t6rl.cloudfront.net	95 KB
2	firsthand.co view.mail.firsthand.co click.mail.firsthand.co — Cisco Umbrella Rank: 577071	29 KB
1	gstatic.com fonts.gstatic.com	13 KB
14	4

	Domain	Requested by
8	fonts.googleapis.com	view.mail.firsthand.co
3	d15k2d11r6t6rl.cloudfront.net	view.mail.firsthand.co
1	fonts.gstatic.com	fonts.googleapis.com
1	click.mail.firsthand.co	view.mail.firsthand.co
1	view.mail.firsthand.co
14	5

This site contains links to these domains. Also see Links.

Domain
click.mail.firsthand.co

Subject Issuer	Validity	Valid
view.mail.firsthand.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
click.mail.firsthand.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c
Frame ID: 889C9FCEEE68038520DF94EBE96E1A3A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

142 kB
Transfer

146 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a0413ed9fe9105aa93b0d0f82d8c8f3f3d9ea02bbd8dda6e3cf172b30ac584f61490fcdd088c4cf90bcdbaad30a4c5cdfc5ab61a1dcdc751fb7

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a04135a1225e5affd03f8a022140f7032142cac71e13d7518e7d129c4a20bc2cdf99f0b23bbc5c499618e63b9abab7597c630642146396edfea

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a04af8f089e5c04943e694c259e64b2882227f27121d3cc5bc68546882878d4aca95484eb94461a7c459720f3ba4afc4321767c84d860ebd689
Title: here

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a0474a6cdf539aee8d1688c8e5ea873d0fe0d49d94aef0f87b9c26aa7307a3a6d9baea2b85abf4340189dc5cff40cec24c63b303d42857fa63c

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a046ca0f6eb4aa866aa857b66402830e7cf7a026edb2e0896c6587ae829bceef20c4d28858ce813f39d31906b7eb46bc79f9c772c6180f935c7

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a0454d8ca517bfce292fdc1959fe49ea7574e606f665972694dcc3ed76fb8792718d3f6d1dc529fe1271c3d56be22fdf444cd2a475e312073d3

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a0436225b9e3c874a164e339cbba4ba5bc484d44688992719b00ffa16032d5b425c98abc6fd3081e9a170c96282c4ef799924316851f1b10b34

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a048094f2bdb6bbce40e27d148dd9e8f6a86653529ad8c758b1fc4471b02303a2eb69a93dd5825063fe12153b19b4c44dfcc11c640e50cc59d6
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://click.mail.firsthand.co/?qs=5fe92d787fec8a0465fff24d9ea710d762f0496fd22b0a97f1ac9dd855f6f9db18bd298d8723c2f9f9db6b31474f1f1343414e6756c7d7b436c42ab2126f86e2
Title: Update your communication preferences

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
view.mail.firsthand.co/ 29 KB
29 KB 448ms
143ms Document
text/html 13.110.222.105
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.110.222.105 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: view.mail.firsthand.co
Software: /
Resource Hash: ad553a04ae07bbe57a40c15f958e0ac83b156afa908471d87736da851f81ff64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: close
Content-Length: 29189
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
446 B 104ms
37ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abril+Fatface

Requested by

Host: view.mail.firsthand.co
URL: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 14:59:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
957 B 103ms
36ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df90ce8fad4083e3702a114b32f0f59a76da21f1b34b0af1a8ece9d62f3b15e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 664 B
429 B 104ms
37ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 14:02:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
552 B 104ms
38ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3350710587506a65f3db35e947ab7780c9302e1f3a79adbf2c1be5dc242cf79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 14:23:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 105ms
38ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:56:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
598 B 105ms
38ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0d3e95d9ae6d861a6735dba876fe73ff082293d8663233cc19f54776f2912e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 13:15:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
593 B 105ms
39ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78f8c73a1d43cf071b7b2f77248806d07e6781cd3fce1d451511e9d86c5ba0a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 14:34:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
586 B 119ms
53ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d17a44e8eaba2d0f0022bfaea1878f911e00d508b7cd4ca36b5458006da47b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 14:14:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 15:11:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 15:11:42 GMT

GET
H2 200 Vault-color-logo-tag.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/549102_530258/Vault/ 5 KB
5 KB 80ms
16ms Image
image/png 143.204.98.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/549102_530258/Vault/Vault-color-logo-tag.png
Requested by: Host: view.mail.firsthand.co
URL: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c152a411a9294569f3f8c25bfa9f267c34ef3519178c73f8cc474a98f55fe686

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 15:03:37 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 20:50:00 GMT
server: AmazonS3
age: 486
etag: "dac79f0dc8523c580a9c1aaefc2a54ed"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 5167
x-amz-cf-id: _SqINp_TXdF7ZH4DV7BoPE0wwe7t4s-WMAiZR6EcgS3ME4Sn1tonUA==

GET
H2 200 R_Vault_AcctrankingsQ222_2_042722.jpg
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/549102_530258/Vault/ 85 KB
85 KB 82ms
19ms Image
image/jpeg 143.204.98.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/549102_530258/Vault/R_Vault_AcctrankingsQ222_2_042722.jpg
Requested by: Host: view.mail.firsthand.co
URL: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66151d1b58f8b3b1767a878029cca17b73404ecd61bac699bdfbe89611008984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 15:11:42 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 17:45:13 GMT
server: AmazonS3
age: 486
etag: "ced3f5cc904dd7db0876c8deca8be1b8"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 87029
x-amz-cf-id: 319ZgHw4YDx97l3o1ES9nXNzYWBjTvv00bkx2Xv_rl8tyBcxVOcKZg==

GET
H2 200 social-2.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/549102_530258/ 4 KB
4 KB 41ms
41ms Image
image/png 143.204.98.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/549102_530258/social-2.png
Requested by: Host: view.mail.firsthand.co
URL: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 018cb16647b33407cf81198b2eb5c0a85f01656a60addbbcad69898b18b414a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 15:03:37 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Mon, 04 Oct 2021 13:11:20 GMT
server: AmazonS3
age: 486
etag: "0e1ff99846e18d7663c2f20c3f98f285"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4061
x-amz-cf-id: knMfEoFsS9b99mhjkxv6Oz6Bktx2jUoPcT8jVrRu3QRTgFOvi3aCtQ==

GET
H/1.1 200
OK open.aspx
click.mail.firsthand.co/ 43 B
199 B 402ms
106ms Image
image/gif 13.110.220.119
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.mail.firsthand.co/open.aspx?ffcb10-fecb1572756c0d7d-fe27157671620178711372-fe3011737164047c701d74-ff3117767666-fe2c10727663077c731372-ff62157871&d=120003&bmt=0
Requested by: Host: view.mail.firsthand.co
URL: https://view.mail.firsthand.co/?qs=03a133780b9ed896a8ccd08b085acab3dcb3f853a40e37584025d0ed56343392dc90e762ddf9044a24a2a3007442d843a057e50e2cb4a6d41dbd45c605c9e32780a3a230d0a384450bab17aafe659d3c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.110.220.119 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: click.mail.firsthand.co
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 15:11:42 GMT
Cache-Control: no-cache; max-age=0
Connection: close
Content-Length: 43
Content-Type: image/gif

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 12 KB
13 KB 65ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://view.mail.firsthand.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 06:04:00 GMT
x-content-type-options: nosniff
age: 551262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 06:04:00 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.mail.firsthand.co
d15k2d11r6t6rl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
view.mail.firsthand.co
13.110.220.119
13.110.222.105
143.204.98.95
2a00:1450:4001:802::200a
2a00:1450:4001:828::2003
018cb16647b33407cf81198b2eb5c0a85f01656a60addbbcad69898b18b414a2
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
66151d1b58f8b3b1767a878029cca17b73404ecd61bac699bdfbe89611008984
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78f8c73a1d43cf071b7b2f77248806d07e6781cd3fce1d451511e9d86c5ba0a7
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
ad553a04ae07bbe57a40c15f958e0ac83b156afa908471d87736da851f81ff64
b0d3e95d9ae6d861a6735dba876fe73ff082293d8663233cc19f54776f2912e4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c152a411a9294569f3f8c25bfa9f267c34ef3519178c73f8cc474a98f55fe686
c3350710587506a65f3db35e947ab7780c9302e1f3a79adbf2c1be5dc242cf79
d17a44e8eaba2d0f0022bfaea1878f911e00d508b7cd4ca36b5458006da47b5a
df90ce8fad4083e3702a114b32f0f59a76da21f1b34b0af1a8ece9d62f3b15e3
ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

view.mail.firsthand.co Open in urlscan Pro 13.110.222.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

142 kBTransfer

146 kBSize

0 Cookies

9 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

view.mail.firsthand.co Open in urlscan Pro
13.110.222.105 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

142 kB
Transfer

146 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions