sendy.drusupport.com Open in urlscan Pro
64.227.187.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sendy.drusupport.com/
Effective URL:
https://sendy.drusupport.com/_install.php
Submission: On June 28 via automatic, source certstream-suspicious (June 28th 2022, 5:14:26 am UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 14 HTTP transactions. The main IP is 64.227.187.60, located in Bengaluru, India and belongs to DIGITALOCEAN-ASN, US. The main domain is sendy.drusupport.com.
TLS certificate: Issued by R3 on June 28th 2022. Valid for: 3 months.

This is the only time sendy.drusupport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 2	64.227.187.60 64.227.187.60		14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:813::200a		15169 (GOOGLE) (GOOGLE)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902		2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2		2635 (AUTOMATTIC) (AUTOMATTIC)
14	4

2 64.227.187.60 (Bengaluru, India) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sendy.drusupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
2	drusupport.com 1 redirects sendy.drusupport.com	7 KB
1	wp.com i1.wp.com — Cisco Umbrella Rank: 6742	1 KB
1	gravatar.com 1 redirects www.gravatar.com — Cisco Umbrella Rank: 3533	297 B
14	4

	Domain	Requested by
2	fonts.googleapis.com	sendy.drusupport.com
2	sendy.drusupport.com	1 redirects sendy.drusupport.com
1	i1.wp.com	sendy.drusupport.com
1	www.gravatar.com	1 redirects
14	4

This site contains links to these domains. Also see Links.

Domain
sendy.co

Subject Issuer	Validity	Valid
sendy.drusupport.com R3	`2022-06-28` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sendy.drusupport.com/_install.php
Frame ID: 7AA6A92F069EF04F18BC156DDE42B0AD
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sendy

Page URL History Show full URLs

https://sendy.drusupport.com/ HTTP 302
http://sendy.drusupport.com/_install.php HTTP 307
https://sendy.drusupport.com/_install.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

Page Statistics

14
Requests

21 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

10 kB
Transfer

43 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://sendy.co/forum/discussion/5/404-error-after-install/p1
Title: check this thread

Search URL Search Domain Scan URL

URL: https://sendy.co/get-started
Title: Get Started Guide

Search URL Search Domain Scan URL

URL: https://sendy.co/
Title: Sendy

Search URL Search Domain Scan URL

URL: https://sendy.co/troubleshooting
Title: Troubleshooting

Search URL Search Domain Scan URL

URL: https://sendy.co/forum/
Title: Support forum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sendy.drusupport.com/ HTTP 302
http://sendy.drusupport.com/_install.php HTTP 307
https://sendy.drusupport.com/_install.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://www.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?s=36&d=http://sendy.drusupport.com/img/sendy-avatar.png HTTP 302
https://i1.wp.com/sendy.drusupport.com/img/sendy-avatar.png

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request _install.php Show response
sendy.drusupport.com/
Redirect Chain

https://sendy.drusupport.com/
http://sendy.drusupport.com/_install.php
https://sendy.drusupport.com/_install.php

33 KB
7 KB

703ms
702ms

Document
text/html

64.227.187.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://sendy.drusupport.com/_install.php

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

64.227.187.60 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

3e20244c60b90c36fbbe733d1e2f150612592b9d593f426018d015d1fbc16548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 05:14:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx-rc
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://sendy.drusupport.com/_install.php
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic

Requested by

Host: sendy.drusupport.com
URL: https://sendy.drusupport.com/_install.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4480cf4143094a283f0f8410158bba81ea7a95d60a8e5f9753ff29d36d1ad11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendy.drusupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:07:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 05:14:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 05:14:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 1020 B
489 B 79ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: sendy.drusupport.com
URL: https://sendy.drusupport.com/_install.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendy.drusupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 04:09:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 05:14:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 05:14:22 GMT

GET
H2

200

sendy-avatar.png
i1.wp.com/sendy.drusupport.com/img/
Redirect Chain

https://www.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?s=36&d=http://sendy.drusupport.com/img/sendy-avatar.png
https://i1.wp.com/sendy.drusupport.com/img/sendy-avatar.png

1 KB
1 KB

1765ms
1715ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sendy.drusupport.com/img/sendy-avatar.png

Requested by

Host: sendy.drusupport.com
URL: https://sendy.drusupport.com/_install.php

Protocol

H2

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d08a5cc0e71dc9d57e1c32603c2c6ae784c12378f0f217ed840bc4e45942e3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendy.drusupport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: MISS hhn 4
date: Tue, 28 Jun 2022 05:14:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jun 2022 05:14:24 GMT
server: nginx
etag: "39d7da29bdfb4e4d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://sendy.drusupport.com/img/sendy-avatar.png>; rel="canonical"
content-length: 1214
expires: Thu, 27 Jun 2024 17:14:24 GMT

Redirect headers

x-nc: MISS hhn 2
date: Tue, 28 Jun 2022 05:14:22 GMT
last-modified: Tue, 23 Mar 2010 23:51:21 GMT
server: nginx
content-type: text/html; charset=utf-8
location: http://i1.wp.com/sendy.drusupport.com/img/sendy-avatar.png
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?s=36&d=http://sendy.drusupport.com/img/sendy-avatar.png>; rel="canonical"
content-length: 0
expires: Tue, 28 Jun 2022 05:19:22 GMT

GET bootstrap.css
sendy.drusupport.com/css/ 0
0

GET bootstrap-responsive.css
sendy.drusupport.com/css/ 0
0

GET responsive-tables.css
sendy.drusupport.com/css/ 0
0

GET font-awesome.min.css
sendy.drusupport.com/css/ 0
0

GET all.css
sendy.drusupport.com/css/ 0
0

GET jquery-3.5.1.min.js
sendy.drusupport.com/js/ 0
0

GET jquery-ui-1.8.21.custom.min.js
sendy.drusupport.com/js/ 0
0

GET bootstrap.js
sendy.drusupport.com/js/ 0
0

GET responsive-tables.js
sendy.drusupport.com/js/ 0
0

GET main.js
sendy.drusupport.com/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/css/bootstrap.css?31

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/css/bootstrap-responsive.css?30

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/css/responsive-tables.css?30

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/css/font-awesome.min.css

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/css/all.css?41

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/js/jquery-3.5.1.min.js

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/js/jquery-ui-1.8.21.custom.min.js

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/js/bootstrap.js

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/js/responsive-tables.js

Domain: sendy.drusupport.com
URL: http://sendy.drusupport.com/js/main.js?3

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sendy.drusupport.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: joqk19s4bhlddnmjkqa5aqdpg5

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sendy.drusupport.com/_install.php(Line 11) Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://sendy.drusupport.com/css/bootstrap.css?31'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php(Line 12) Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://sendy.drusupport.com/css/bootstrap-responsive.css?30'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php(Line 13) Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://sendy.drusupport.com/css/responsive-tables.css?30'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php(Line 14) Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://sendy.drusupport.com/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php(Line 16) Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://sendy.drusupport.com/css/all.css?41'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure script 'http://sendy.drusupport.com/js/jquery-3.5.1.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure script 'http://sendy.drusupport.com/js/jquery-ui-1.8.21.custom.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure script 'http://sendy.drusupport.com/js/bootstrap.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure script 'http://sendy.drusupport.com/js/responsive-tables.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://sendy.drusupport.com/_install.php Message: Mixed Content: The page at 'https://sendy.drusupport.com/_install.php' was loaded over HTTPS, but requested an insecure script 'http://sendy.drusupport.com/js/main.js?3'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
i1.wp.com
sendy.drusupport.com
www.gravatar.com
sendy.drusupport.com
192.0.77.2
2a00:1450:4001:813::200a
2a04:fa87:fffe::c000:4902
64.227.187.60
3e20244c60b90c36fbbe733d1e2f150612592b9d593f426018d015d1fbc16548
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
a4480cf4143094a283f0f8410158bba81ea7a95d60a8e5f9753ff29d36d1ad11
d08a5cc0e71dc9d57e1c32603c2c6ae784c12378f0f217ed840bc4e45942e3c1