mail.sofresh.email Open in urlscan Pro
185.184.112.65  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/	223 KB 76 KB	555ms 211ms	Document text/html	185.184.112.65 FRESHMAIL-
General Check archive.org Show headers Download Go to Full URL https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.184.112.65 , United Kingdom, ASN206417 (FRESHMAIL-, PL), Reverse DNS Software openresty / Resource Hash 8530afbce29c4bc65f14c99306b069998373c7e63d92bb45d96ed6fdf3877a61 Request headers Host mail.sofresh.email Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers Server openresty Date Sat, 12 Oct 2019 12:09:01 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Cache-Control no-store, no-cache, must-revalidate Set-Cookie freshssion=9ac694b36330f06ad403066c780c02fc; path=/; domain=mail.sofresh.email; secure; HttpOnly Content-Encoding gzip
GET H/1.1	200 OK	system_msg.css d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/	13 KB 4 KB	102ms 25ms	Stylesheet text/css	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/system_msg.css?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 9b151b631d320cb30415d4f2d1f61c24a483e5e9056efd92f13f548c2c003240 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 11:19:55 GMT Content-Encoding gzip Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty Age 2946 ETag W/"3434-5790990a506d7" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id UBNGmFcNyE4vxkMjiNsE0kwa-Ue0tSVrK_gfdacSWwLkzTVxd4IVUQ==
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response d2651x052v6uoq.cloudfront.net/media/vendor/jquery/	85 KB 30 KB	102ms 26ms	Script application/javascript	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/vendor/jquery/jquery-3.3.1.min.js?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 11:19:56 GMT Content-Encoding gzip Last-Modified Thu, 25 Oct 2018 08:41:12 GMT Server openresty Age 2945 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id HpaxBHt1fm7QtSHz39TWPxI_lX5n1HPTfzAXpETWQeBON29lVjnmjQ==
GET H/1.1	200 OK	bootstrap.2.3.2.min.js Show response d2651x052v6uoq.cloudfront.net/media/vendor/bootstrap/	28 KB 8 KB	102ms 26ms	Script application/javascript	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/vendor/bootstrap/bootstrap.2.3.2.min.js?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 72c823657e4d2bd2385f6c8cd4704b19844c8e867b70948ca8c19edad99a7cd1 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 11:19:56 GMT Content-Encoding gzip Last-Modified Thu, 25 Oct 2018 08:41:12 GMT Server openresty Age 2945 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id Ois3F0QWKsamFXRjAG2Md9MbcElT74I6MeUbwtZTLuQdDapBPNEKsw==
GET H/1.1	200 OK	uniform.min.js Show response d2651x052v6uoq.cloudfront.net/media/freshmail/vendor/uniform/	9 KB 3 KB	108ms 28ms	Script application/javascript	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/freshmail/vendor/uniform/uniform.min.js?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 4951d1cc1330c9e8bcfba1cc492b108587932e95b73be35399487975a0757322 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 11:19:56 GMT Content-Encoding gzip Last-Modified Thu, 25 Oct 2018 08:41:12 GMT Server openresty Age 2945 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id Tb0B719syUkyLuQ2GfbthDNoRywUSabiVgJUCVM2IIWZmVz_DBGmgA==
GET H/1.1	200 OK	systemMsg.js Show response d2651x052v6uoq.cloudfront.net/media/freshmail/	2 KB 1011 B	129ms 26ms	Script application/javascript	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/freshmail/systemMsg.js?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 2401ef43a3d5d873f310f59632cf6f3b487903793ee739339362330851fe628b Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 11:14:36 GMT Content-Encoding gzip Last-Modified Tue, 20 Nov 2018 10:52:45 GMT Server openresty Age 2557 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id qB4-zZdxEZGi2zraLZZ2BUxOFq5Jn_jY9KuKgIwTU6sqetq5gbVuqQ==
GET H/1.1	200 OK	uniform.css d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/	6 KB 2 KB	101ms 26ms	Stylesheet text/css	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/uniform.css?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 1f18538d2d2e95aa6e3e0246d6b410e1abe03828c310254898aa944f4c20702f Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 11:19:56 GMT Content-Encoding gzip Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty Age 2945 ETag W/"1984-5790990a506d7" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id 5MF0DuTXne0f3XUwAQn-WuufER_Yg_64nPnsfMtrlfxlB4toHb17oQ==
GET H2	200	api.js Show response www.google.com/recaptcha/	729 B 559 B	17ms 16ms	Script text/javascript	2a00:1450:4001:81c::2004 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software GSE / Resource Hash ac2feca4963ef256b5de3dc7f92cd215fe0c5aeb9b77c9326470fdbb52b66579 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 12 Oct 2019 12:09:01 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 465 x-xss-protection 1; mode=block expires Sat, 12 Oct 2019 12:09:01 GMT
GET H/1.1	200 OK	doklejka_fm.png d2651x052v6uoq.cloudfront.net/media/assets/img/doklejki/en/	6 KB 6 KB	30ms 29ms	Image image/png	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2651x052v6uoq.cloudfront.net/media/assets/img/doklejki/en/doklejka_fm.png?v=9.21.0 Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 8390100a9864bec97cbac1cbdf74829064450b8fb69d8d94ed4119118fefd719 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 11 Oct 2019 11:14:39 GMT Via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty X-Amz-Cf-Pop FRA50-C1 ETag "1745-5790990981655" X-Cache Hit from cloudfront Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 5957 X-Amz-Cf-Id CH9IfrkcFDULo-Ayr6AAD_TWX7tnBZbk-KnbuIZ53HiL-gxAF22S9w==
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/	253 KB 90 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:817::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 09 Oct 2019 09:53:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 07 Oct 2019 21:23:03 GMT server sffe age 267334 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 92207 x-xss-protection 0 expires Thu, 08 Oct 2020 09:53:27 GMT
GET H/1.1	200 OK	content_background.png d2651x052v6uoq.cloudfront.net/media/assets/img/	2 KB 2 KB	26ms 25ms	Image image/png	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2651x052v6uoq.cloudfront.net/media/assets/img/content_background.png Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 4abdefa316b4e20df7236e92b1a1125b151ba7eb6197a9298136db5a7c6c5f0e Request headers Sec-Fetch-Mode no-cors Referer https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/system_msg.css?v=9.21.0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 08:11:48 GMT Via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty Age 14233 ETag "7a7-5790990980a9d" X-Cache Hit from cloudfront Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Length 1959 X-Amz-Cf-Id BcGms9-bCbi-onuq3rqtRU32rd-oLZHKsSxW-4eRszIZd1RTFy8abw==
GET H/1.1	200 OK	arrow-btn-xl.png d2651x052v6uoq.cloudfront.net/media/assets/img/	1 KB 2 KB	31ms 31ms	Image image/png	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2651x052v6uoq.cloudfront.net/media/assets/img/arrow-btn-xl.png Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 42318cf3d54d5ed204c716b0cfe3c861eba7c2314277dc04590078a6d9f0b4c7 Request headers Sec-Fetch-Mode no-cors Referer https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/system_msg.css?v=9.21.0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 09:23:53 GMT Via 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront) Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty Age 9908 ETag "45d-579099097b0c5" X-Cache Hit from cloudfront Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Length 1117 X-Amz-Cf-Id -VUpVrOVyFMluf97x3NFzo6km_r7FT8sKGNhn5PpMfEIMWLkAhPFiA==
GET H/1.1	200 OK	kozgopr6n-regular.woff d2651x052v6uoq.cloudfront.net/media/assets/fonts/KozGoPr6N/	66 KB 66 KB	91ms 37ms	Font application/font-woff	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/assets/fonts/KozGoPr6N/kozgopr6n-regular.woff Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash b8ee8fe58bcefead4637b213afd4880a198d84e93a07b31bd239b954950bbd23 Request headers Sec-Fetch-Mode cors Referer https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/system_msg.css?v=9.21.0 Origin https://mail.sofresh.email User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 07:03:47 GMT Via 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront) Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty X-Amz-Cf-Pop FRA50-C1 ETag "10650-5790990976a75" X-Cache Hit from cloudfront Content-Type application/font-woff Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 67152 X-Amz-Cf-Id hb88w5YVkf05rsRHX_0LcAQNYL4R0kf4Iu6fPcPPslCvusEe-k8w1Q==
GET H/1.1	200 OK	dosis-medium.ttf d2651x052v6uoq.cloudfront.net/media/assets/fonts/Dosis/	133 KB 65 KB	99ms 44ms	Font application/font-sfnt	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2651x052v6uoq.cloudfront.net/media/assets/fonts/Dosis/dosis-medium.ttf Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash b59e299b4a25d4b8d64226e232917dc38ca29e071c7b3f8e6e29a80481171fe8 Request headers Sec-Fetch-Mode cors Referer https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/system_msg.css?v=9.21.0 Origin https://mail.sofresh.email User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 10 Oct 2019 06:22:59 GMT Content-Encoding gzip Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty X-Amz-Cf-Pop FRA50-C1 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/font-sfnt Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id xR7TSGPzi6yj3cPYJSH5zTlRr9v-Rz0grCRyrOcBgURM1UOaBegk6A== Via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
GET H/1.1	200 OK	sprite.png d2651x052v6uoq.cloudfront.net/media/assets/img/uniform/	34 KB 35 KB	26ms 26ms	Image image/png	143.204.98.35 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d2651x052v6uoq.cloudfront.net/media/assets/img/uniform/sprite.png Requested by Host: d2651x052v6uoq.cloudfront.net URL: https://d2651x052v6uoq.cloudfront.net/media/vendor/jquery/jquery-3.3.1.min.js?v=9.21.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.35 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-35.fra50.r.cloudfront.net Software openresty / Resource Hash 9b943ace547699f9900b7d19afaa1ae94775a7ca183c1ad77e54c1554e3442e3 Request headers Sec-Fetch-Mode no-cors Referer https://d2651x052v6uoq.cloudfront.net/media/freshmail/styles/css/uniform.css?v=9.21.0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 12 Oct 2019 09:23:53 GMT Via 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront) Last-Modified Thu, 25 Oct 2018 08:41:11 GMT Server openresty Age 9908 ETag "8872-57909909d07f6" X-Cache Hit from cloudfront Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Length 34930 X-Amz-Cf-Id MRQ2RC4ZXYonFbjXkSS7ArpPdWio8l-7CkFrhNdeXs5sPXrnA2QHJQ==
GET H2	200	nr-1130.min.js Show response js-agent.newrelic.com/	24 KB 9 KB	21ms 21ms	Script application/javascript	151.101.114.110 Fastly
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1130.min.js Requested by Host: mail.sofresh.email URL: https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 12 Oct 2019 12:09:01 GMT content-encoding gzip x-amz-request-id FC2E5E9385FF35C9 x-cache HIT status 200 content-length 9407 x-amz-id-2 3XNtuktyD4wqrPKGubF2M/YqUHo1gnfCUg2ZcA6WpCpRhqESM5LEOkXHaOHxrPCQ1vUCnpmkB8M= x-served-by cache-hhn4056-HHN last-modified Tue, 09 Jul 2019 23:52:06 GMT server AmazonS3 x-timer S1570882142.842649,VS0,VE0 etag "73f8857196b9ef7fd3b302cbc557b8ac" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 23225
GET H/1.1	200 OK	3575ffbad0 Show response bam.nr-data.net/1/	57 B 261 B	111ms 111ms	Script text/javascript	162.247.242.20 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/3575ffbad0?a=200972523&v=1130.54e767a&to=bwEDYhADW0QAUk1ZC1ZLIkMRFlpaTldUBFQXAgxpFQdZVA5cXA%3D%3D&rst=888&ref=https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/&ap=141&be=562&fe=860&dc=711&perf=%7B%22timing%22:%7B%22of%22:1570882140971,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:262,%22c%22:262,%22s%22:276,%22ce%22:344,%22rq%22:344,%22rp%22:555,%22rpe%22:642,%22dl%22:557,%22di%22:711,%22ds%22:711,%22de%22:711,%22dc%22:859,%22l%22:859,%22le%22:861%7D,%22navigation%22:%7B%7D%7D&fp=720&fcp=720&at=Q0YAFFgZSEo%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1130.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-8.nr-data.net Software / Resource Hash f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23 Request headers Sec-Fetch-Mode no-cors Referer https://mail.sofresh.email/r/pk3ron206d/9uht7t9v1t/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Length 57 Content-Type text/javascript;charset=ISO-8859-1

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
d2651x052v6uoq.cloudfront.net
js-agent.newrelic.com
mail.sofresh.email
www.google.com
www.gstatic.com
143.204.98.35
151.101.114.110
162.247.242.20
185.184.112.65
2a00:1450:4001:817::2003
2a00:1450:4001:81c::2004
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
1f18538d2d2e95aa6e3e0246d6b410e1abe03828c310254898aa944f4c20702f
2401ef43a3d5d873f310f59632cf6f3b487903793ee739339362330851fe628b
42318cf3d54d5ed204c716b0cfe3c861eba7c2314277dc04590078a6d9f0b4c7
4951d1cc1330c9e8bcfba1cc492b108587932e95b73be35399487975a0757322
4abdefa316b4e20df7236e92b1a1125b151ba7eb6197a9298136db5a7c6c5f0e
6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda
72c823657e4d2bd2385f6c8cd4704b19844c8e867b70948ca8c19edad99a7cd1
8390100a9864bec97cbac1cbdf74829064450b8fb69d8d94ed4119118fefd719
8530afbce29c4bc65f14c99306b069998373c7e63d92bb45d96ed6fdf3877a61
9b151b631d320cb30415d4f2d1f61c24a483e5e9056efd92f13f548c2c003240
9b943ace547699f9900b7d19afaa1ae94775a7ca183c1ad77e54c1554e3442e3
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
ac2feca4963ef256b5de3dc7f92cd215fe0c5aeb9b77c9326470fdbb52b66579
b59e299b4a25d4b8d64226e232917dc38ca29e071c7b3f8e6e29a80481171fe8
b8ee8fe58bcefead4637b213afd4880a198d84e93a07b31bd239b954950bbd23
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23