www.newsletter2.hbo.com Open in urlscan Pro
96.46.128.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view
Effective URL:
http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Submission: On August 04 via api (August 4th 2019, 7:25:37 pm UTC) from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 96.46.128.252, located in United States and belongs to CYBER-GENERATION - Cyber Generation Inc, CA. The main domain is www.newsletter2.hbo.com.

This is the only time www.newsletter2.hbo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	96.46.128.252 96.46.128.252	18499 (CYBER-GEN...) (CYBER-GENERATION - Cyber Generation Inc)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	13.32.158.198 13.32.158.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	207.123.55.252 207.123.55.252	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
30	5

2 96.46.128.252 (United States)

ASN18499 (CYBER-GENERATION - Cyber Generation Inc, CA)
PTR: www.efeedbacktrk.com

www.newsletter2.hbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.158.198 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-198.fra56.r.cloudfront.net

newsletter.assets.hbonow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 207.123.55.252 (United States)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)

i.max.lv3.maxgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	maxgo.com i.max.lv3.maxgo.com
4	facebook.net connect.facebook.net	117 KB
3	hbonow.com newsletter.assets.hbonow.com	44 KB
2	hbo.com www.newsletter2.hbo.com newsletter.assets.hbo.com Failed	20 KB
0	efeedbacktrk.com Failed 555249.efeedbacktrk.com Failed
30	5

	Domain	Requested by
7	i.max.lv3.maxgo.com	www.newsletter2.hbo.com
4	connect.facebook.net	www.newsletter2.hbo.com connect.facebook.net
3	newsletter.assets.hbonow.com	www.newsletter2.hbo.com
2	www.newsletter2.hbo.com	www.newsletter2.hbo.com
0	newsletter.assets.hbo.com Failed	www.newsletter2.hbo.com
0	555249.efeedbacktrk.com Failed	www.newsletter2.hbo.com
30	6

This site contains no links.

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
newsletter.assets.hbonow.com Amazon	`2019-05-23` - `2020-06-23`	a year	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 1 frames:

Primary Page: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Frame ID: 5C03035CD8D102DC706E05831FBD3C03
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcw... Page URL
http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

30
Requests

23 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

180 kB
Transfer

467 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view Page URL
http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set ViewMessage.do Show response
www.newsletter2.hbo.com/ 3 KB
3 KB 797ms
796ms Document
text/html 96.46.128.252
Cyber Generation Inc

General

Check archive.org

Show headers Download Go to

Full URL: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view
Protocol: HTTP/1.1
Server: 96.46.128.252 , United States, ASN18499 (CYBER-GENERATION - Cyber Generation Inc, CA),
Reverse DNS: www.efeedbacktrk.com
Software: /
Resource Hash: 6f09d5d710ab81ad39a64fc46e24555db9f67feea67946a6576022c661ee6fb6

Request headers

Host: www.newsletter2.hbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Keep-Alive: timeout=60
Set-Cookie: JSESSIONID=1857D61D787D0A166936BF261F63006E; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Date: Sun, 04 Aug 2019 19:24:16 GMT
Server

GET
H2

200

all.js
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: j3ozzE2vGYwv1rDIbim4iw==
status: 200
content-length: 1781
etag: "e88f737b0ffeefcd14bc8be65ce619ce"
x-fb-debug: 6YYq7dCeMap2zpp2HNeEa+7VmEgBlDKyDAhPuVgPKgfl2lX0w6DDEk7pd99f24Nh64jInkX0oqrxbR8dAgCCew==
x-fb-trip-id: 568062040
x-fb-content-md5: c750b99af35c859b74f57faa4574c1e2
x-frame-options: DENY
date: Sun, 04 Aug 2019 19:25:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Aug 2019 19:41:33 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK Primary Request Cookie set ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E Show response
www.newsletter2.hbo.com/ 17 KB
17 KB 340ms
340ms Document
text/html 96.46.128.252
Cyber Generation Inc

General

Check archive.org

Show headers Download Go to

Full URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view
Protocol: HTTP/1.1
Server: 96.46.128.252 , United States, ASN18499 (CYBER-GENERATION - Cyber Generation Inc, CA),
Reverse DNS: www.efeedbacktrk.com
Software: /
Resource Hash: fc2a3d659170aba03d4651937cac46dc6ffb49cd905b886bf270e9485c3aa6fd

Request headers

Host: www.newsletter2.hbo.com
Connection: keep-alive
Content-Length: 268
Pragma: no-cache
Cache-Control: no-cache
Origin: http://www.newsletter2.hbo.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view
Accept-Encoding: gzip, deflate
Cookie: JSESSIONID=1857D61D787D0A166936BF261F63006E
Origin: http://www.newsletter2.hbo.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view

Response headers

Keep-Alive: timeout=60
Set-Cookie: JSESSIONID=B9D10AB6E04F2D3ECD61B0A7FAFF102C; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Date: Sun, 04 Aug 2019 19:24:11 GMT
Server

GET
H2 200 all.js
connect.facebook.net/en_US/ 192 KB
57 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=5bf26b77442d1aa017477657c501869c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://www.newsletter2.hbo.com/ViewMessage.do?m=sbrrlkmjv&r=xddrsjjchhhp&s=tmzgrlpcrphcrdcbvghpbwmmdbgwbmcwptr&q=1564703819&a=view
Origin: http://www.newsletter2.hbo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +Y4LGPa1L1Ggp//2ycH64A==
status: 200
content-length: 57721
etag: "db417b4856946cf2273f07e09c4bc2c5"
x-fb-debug: tQBXtrHCQuYQiTn+bgBXiOUEXtxwzGlf6vBZ8J25YB9f/V9nKvGRpXOpzcpeDsWWqolqYjDI/GfCED1EGMUwRQ==
x-fb-trip-id: 568062040
x-fb-content-md5: 169a3400ba1e2328778feaa9f3c1cf26
x-frame-options: DENY
date: Sun, 04 Aug 2019 19:25:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 03 Aug 2020 12:13:32 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1f6888a2a3b0164efe9257c3915b79095f3555d2c4104adf3d71146455bdaef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: j3ozzE2vGYwv1rDIbim4iw==
status: 200
content-length: 1781
etag: "e88f737b0ffeefcd14bc8be65ce619ce"
x-fb-debug: 6YYq7dCeMap2zpp2HNeEa+7VmEgBlDKyDAhPuVgPKgfl2lX0w6DDEk7pd99f24Nh64jInkX0oqrxbR8dAgCCew==
x-fb-trip-id: 568062040
x-fb-content-md5: c750b99af35c859b74f57faa4574c1e2
x-frame-options: DENY
date: Sun, 04 Aug 2019 19:25:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Aug 2019 19:41:33 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK proximanova.css
newsletter.assets.hbonow.com/fonts/proximanova/ 16 KB
1 KB 116ms
28ms Stylesheet
text/css 13.32.158.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova.css
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-198.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25c08e8ad70bd29d2170e76f445b4a5b36cbeb6291ad1dc290db0378d500b5c4

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 May 2019 04:28:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jun 2015 23:11:13 GMT
Server: AmazonS3
Age: 42601
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 a853d87afe2972a208a9cd92a357386b.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: CRAr49LltdELBj1mtOPzU6IJrYVvnY4JI-vKKrXLV-4lw0gUnu2RZQ==

GET kdsgqlpsqpmjsqbsjrvgmjprtdjdbrgtrdstpzqrddshtt_qphghppdsssvtmgfvpnshmd.gif
555249.efeedbacktrk.com/ 0
0

GET
H/1.1 401
Unauthorized MGO_Logo.jpg
i.max.lv3.maxgo.com/images/MAXGO/TEST/New_Design_NL/ 0
0 3282ms
100ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/TEST/New_Design_NL/MGO_Logo.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 401
Unauthorized DIRECTV_header.jpg
i.max.lv3.maxgo.com/images/MAXGO/Headers_Taglines_Updated/ 0
0 3362ms
94ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/Headers_Taglines_Updated/DIRECTV_header.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET 04Wel_01.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_03.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_04.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_05.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_06.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 192 KB
57 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=5bf26b77442d1aa017477657c501869c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

73d3de1367c59782934e7df8536fe6ab267ccd8e86d5820d08a53618b348e564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Origin: http://www.newsletter2.hbo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +Y4LGPa1L1Ggp//2ycH64A==
status: 200
content-length: 57721
etag: "db417b4856946cf2273f07e09c4bc2c5"
x-fb-debug: tQBXtrHCQuYQiTn+bgBXiOUEXtxwzGlf6vBZ8J25YB9f/V9nKvGRpXOpzcpeDsWWqolqYjDI/GfCED1EGMUwRQ==
x-fb-trip-id: 568062040
x-fb-content-md5: 169a3400ba1e2328778feaa9f3c1cf26
x-frame-options: DENY
date: Sun, 04 Aug 2019 19:25:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 03 Aug 2020 12:13:32 GMT

GET proximanova-medium-webfont.woff
newsletter.assets.hbonow.com/fonts/proximanova/proximanova_medium_macroman/ 0
0

GET proximanova-light-webfont.woff
newsletter.assets.hbonow.com/fonts/proximanova/proximanova_light_macroman/ 0
0

GET 04Wel_07.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_08.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_09.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_10.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_11.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET 04Wel_12.png
newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/ 0
0

GET
H/1.1 401
Unauthorized MGO_Footer.jpg
i.max.lv3.maxgo.com/images/MAXGO/TEST/New_Design_NL/ 0
0 3411ms
96ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/TEST/New_Design_NL/MGO_Footer.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 401
Unauthorized fb_btn.jpg
i.max.lv3.maxgo.com/images/MAXGO/MOBILEBAR/new_Jan2014/ 0
0 3509ms
95ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/MOBILEBAR/new_Jan2014/fb_btn.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 401
Unauthorized twitter_btn.jpg
i.max.lv3.maxgo.com/images/MAXGO/MOBILEBAR/new_Jan2014/ 0
0 3604ms
95ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/MOBILEBAR/new_Jan2014/twitter_btn.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 401
Unauthorized youtube_btn.jpg
i.max.lv3.maxgo.com/images/MAXGO/MOBILEBAR/new_Jan2014/ 0
0 3700ms
95ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/MOBILEBAR/new_Jan2014/youtube_btn.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 401
Unauthorized MGO_tagline.jpg
i.max.lv3.maxgo.com/images/MAXGO/Headers_Taglines_Updated/ 0
0 724ms
97ms Image
text/html 207.123.55.252
Level 3 Parent

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.max.lv3.maxgo.com/images/MAXGO/Headers_Taglines_Updated/MGO_tagline.jpg
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: , ,
Server: 207.123.55.252 , United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, Keep-Alive, User-Agent, If-Modified-Since, X-Gost
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK proximanova-medium-webfont.woff2
newsletter.assets.hbonow.com/fonts/proximanova/proximanova_medium_macroman/ 21 KB
22 KB 4220ms
594ms Font
application/octet-stream 13.32.158.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova_medium_macroman/proximanova-medium-webfont.woff2
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-198.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27b70d7e7c425cc11fecf933ef28792d9fde33fec7bdd215ba5861fb279bd8fb

Request headers

Sec-Fetch-Mode: cors
Referer: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova.css
Origin: http://www.newsletter2.hbo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 04 Aug 2019 19:25:11 GMT
Via: 1.1 89934ce37ea0d70a19ace48a847ae306.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jun 2015 14:20:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56
ETag: "0edb4e1dd857d6cc909f5433d46fc63c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21620
X-Amz-Cf-Id: puIB2IqNoxOR-HvyjwKuxejgT9MiBnHhwQaTy_Fn_c5tcCD05R0H3A==

GET
H/1.1 200
OK proximanova-light-webfont.woff2
newsletter.assets.hbonow.com/fonts/proximanova/proximanova_light_macroman/ 20 KB
21 KB 1485ms
545ms Font
application/octet-stream 13.32.158.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova_light_macroman/proximanova-light-webfont.woff2
Requested by: Host: www.newsletter2.hbo.com
URL: http://www.newsletter2.hbo.com/ViewMessage.do;jsessionid=1857D61D787D0A166936BF261F63006E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.198 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-198.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ef81c046db96bbf114e57a62698f5728e4fc3ca1cb1dfa87135182fad6483b5

Request headers

Sec-Fetch-Mode: cors
Referer: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova.css
Origin: http://www.newsletter2.hbo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 04 Aug 2019 19:25:12 GMT
Via: 1.1 89934ce37ea0d70a19ace48a847ae306.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jun 2015 14:19:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56
ETag: "f5e79d6d667c3a35fe712952fba175b7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20816
X-Amz-Cf-Id: YFuunjHI_ZxuX69bdZH_hHLxNaj-AdRTqUYTTM_PKKM_aWIbK4eRmQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 555249.efeedbacktrk.com
URL: https://555249.efeedbacktrk.com/kdsgqlpsqpmjsqbsjrvgmjprtdjdbrgtrdstpzqrddshtt_qphghppdsssvtmgfvpnshmd.gif

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_01.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_03.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_04.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_05.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_06.png

Domain: newsletter.assets.hbonow.com
URL: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova_medium_macroman/proximanova-medium-webfont.woff

Domain: newsletter.assets.hbonow.com
URL: https://newsletter.assets.hbonow.com/fonts/proximanova/proximanova_light_macroman/proximanova-light-webfont.woff

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_07.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_08.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_09.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_10.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_11.png

Domain: newsletter.assets.hbo.com
URL: http://newsletter.assets.hbo.com/maxgo/2019/04-19/04WEL/04Wel_12.png

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| FB

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

555249.efeedbacktrk.com
connect.facebook.net
i.max.lv3.maxgo.com
newsletter.assets.hbo.com
newsletter.assets.hbonow.com
www.newsletter2.hbo.com
555249.efeedbacktrk.com
newsletter.assets.hbo.com
newsletter.assets.hbonow.com
13.32.158.198
207.123.55.252
2a03:2880:f01c:8012:face:b00c:0:3
96.46.128.252
1f6888a2a3b0164efe9257c3915b79095f3555d2c4104adf3d71146455bdaef0
25c08e8ad70bd29d2170e76f445b4a5b36cbeb6291ad1dc290db0378d500b5c4
27b70d7e7c425cc11fecf933ef28792d9fde33fec7bdd215ba5861fb279bd8fb
6f09d5d710ab81ad39a64fc46e24555db9f67feea67946a6576022c661ee6fb6
73d3de1367c59782934e7df8536fe6ab267ccd8e86d5820d08a53618b348e564
9ef81c046db96bbf114e57a62698f5728e4fc3ca1cb1dfa87135182fad6483b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc2a3d659170aba03d4651937cac46dc6ffb49cd905b886bf270e9485c3aa6fd

www.newsletter2.hbo.com Open in urlscan Pro 96.46.128.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

23 %HTTPS

25 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

180 kBTransfer

467 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

www.newsletter2.hbo.com Open in urlscan Pro
96.46.128.252 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

23 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

180 kB
Transfer

467 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions