info.sendio.com Open in urlscan Pro
54.93.101.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sav.sendio.net/Isletapueblo.com/sav?ua=tcpresident&sa=Tod.Caflisch%40centurylink.com&id=1596055331.12690.1.2.b0...
Effective URL:
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Submission: On July 30 via manual (July 30th 2020, 3:49:52 pm UTC) from US

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 21 domains to perform 57 HTTP transactions. The main IP is 54.93.101.66, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is info.sendio.com.

This is the only time info.sendio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.225.136.52 54.225.136.52	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.93.101.66 54.93.101.66	16509 (AMAZON-02) (AMAZON-02)
3	13.35.254.91 13.35.254.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
7	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
4	143.204.208.218 143.204.208.218	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.131 151.101.113.131	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	23.210.250.97 23.210.250.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:214... 2600:9000:214f:be00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	107.22.214.169 107.22.214.169	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.210.55 143.204.210.55	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:205... 2600:9000:2057:1a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c01::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.201.8 143.204.201.8	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
3	54.172.233.255 54.172.233.255	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
57	27

1 54.225.136.52 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-136-52.compute-1.amazonaws.com

sav.sendio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.101.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com

info.sendio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.254.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-91.fra6.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.208.218 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-218.fra53.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
610df60283ce46159d7012c382c77621.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.97 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:be00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.214.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-214-169.compute-1.amazonaws.com

i.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.210.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-210-55.fra53.r.cloudfront.net

scripts.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:1a00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-8.fra53.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.172.233.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-233-255.compute-1.amazonaws.com

trk.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9376d29ba5db353df50a4786d622e503.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	googlesyndication.com 9376d29ba5db353df50a4786d622e503.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	159 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	113 KB
5	kissmetrics.com i.kissmetrics.com scripts.kissmetrics.com trk.kissmetrics.com	14 KB
4	ampproject.org cdn.ampproject.org	171 KB
4	cloudfront.net d9hhrg4mnvzow.cloudfront.net	27 KB
3	google.com 1 redirects www.google.com adservice.google.com	2 KB
3	ubembed.com f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com 610df60283ce46159d7012c382c77621.js.ubembed.com assets.ubembed.com	47 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	148 KB
3	unbounce.com builder-assets.unbounce.com	39 KB
2	quantcount.com 1 redirects rules.quantcount.com	783 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com	40 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	25 KB
2	sendio.com 1 redirects info.sendio.com	6 KB
1	google.de www.google.de	107 B
1	google.nl adservice.google.nl	830 B
1	consensu.org quantcast.mgr.consensu.org
1	media.net contextual.media.net	40 KB
1	quantserve.com secure.quantserve.com	8 KB
1	jquery.com code.jquery.com	30 KB
1	sendio.net 1 redirects sav.sendio.net	394 B
57	21

	Domain	Requested by
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net info.sendio.com tpc.googlesyndication.com cdn.ampproject.org
7	securepubads.g.doubleclick.net	info.sendio.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn.ampproject.org	securepubads.g.doubleclick.net
4	d9hhrg4mnvzow.cloudfront.net	info.sendio.com
3	trk.kissmetrics.com	scripts.kissmetrics.com
3	builder-assets.unbounce.com	info.sendio.com
2	rules.quantcount.com	1 redirects info.sendio.com
2	www.google.com	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com info.sendio.com
2	fonts.gstatic.com	info.sendio.com
2	www.googletagmanager.com	1 redirects info.sendio.com
2	info.sendio.com	1 redirects
1	9376d29ba5db353df50a4786d622e503.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	assets.ubembed.com	f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
1	www.google.de	info.sendio.com
1	stats.g.doubleclick.net	1 redirects
1	scripts.kissmetrics.com	info.sendio.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	i.kissmetrics.com	info.sendio.com
1	quantcast.mgr.consensu.org	info.sendio.com
1	610df60283ce46159d7012c382c77621.js.ubembed.com	www.googletagmanager.com
1	contextual.media.net	www.googletagmanager.com
1	f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	code.jquery.com	info.sendio.com
1	ajax.googleapis.com	info.sendio.com
1	sav.sendio.net	1 redirects
57	31

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
z.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-22` - `2021-04-23`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.google.nl GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
assets.ubembed.com Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Frame ID: 70951748E76071650D73F42D1FDC0044
Requests: 43 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js
Frame ID: F6F7123F536AC1C0576BEC8958C2E213
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js
Frame ID: 97D36F0FBB8842FDD848004079F8D519
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A8895DD85993693D190F8AAEEB7B62F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sav.sendio.net/Isletapueblo.com/sav?ua=tcpresident&sa=Tod.Caflisch%40centurylink.com&id=159... HTTP 302
http://info.sendio.com/trusted-sender?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV HTTP 301
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV Page URL

Page Statistics

57
Requests

70 %
HTTPS

61 %
IPv6

21
Domains

31
Subdomains

27
IPs

4
Countries

890 kB
Transfer

2275 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sav.sendio.net/Isletapueblo.com/sav?ua=tcpresident&sa=Tod.Caflisch%40centurylink.com&id=1596055331.12690.1.2.b01df027.d058 HTTP 302
http://info.sendio.com/trusted-sender?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV HTTP 301
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5 HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

Request Chain 28

http://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js HTTP 301
https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js

Request Chain 30

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&gjid=1481917537&_gid=1115741258.1596124176&_u=YGBAgAAB~&z=1706492368 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&_v=j83&z=1706492368 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&_v=j83&z=1706492368&slf_rd=1&random=4032053918

57 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
info.sendio.com/trusted-sender/
Redirect Chain

https://sav.sendio.net/Isletapueblo.com/sav?ua=tcpresident&sa=Tod.Caflisch%40centurylink.com&id=1596055331.12690.1.2.b01df027.d058
http://info.sendio.com/trusted-sender?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

18 KB
6 KB

46ms
34ms

Document
text/html

54.93.101.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 54.93.101.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 14b4f1a133b65bb88587ee57b0bfd7312998899e398e7fd8f68052fffec6a6d0

Request headers

Host: info.sendio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 2d55fb81-72ec-48e3-acac-5b3d5644158e
etag: e7989f65012c09aebcd29df62d248905
content-location: http://info.sendio.com/trusted-sender/
x-unbounce-visitorid: 185.217.171.121596193431812472
last-modified: Wed, 17 Jun 2020 20:55:26 GMT
x-unbounce-variant: b
link: <http://info.sendio.com/trusted-sender/>; rel="canonical"
set-cookie: ubpv=b%2C2d55fb81-72ec-48e3-acac-5b3d5644158e; Max-Age=15897600; Expires=Sat, 30 Jan 2021 15:49:35 GMT; Path=/trusted-sender/ ubrs=weighted; Path=/trusted-sender/ ubvs=185.217.171.121596193431812472; Max-Age=15552000; Expires=Tue, 26 Jan 2021 15:49:35 GMT; Path=/ ubvt=185.217.171.121596193431812472; Max-Age=259200; Expires=Sun, 02 Aug 2020 15:49:35 GMT; Path=/; Domain=sendio.com
content-encoding: gzip
x-proxy-backend: page-server
connection: close

Redirect headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-length: 0
p3p: CP="This is not a privacy policy."
location: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
x-proxy-backend: page-server
connection: close

GET
H/1.1 200
OK main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 41ms
28ms Stylesheet
text/css 13.35.254.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 13.35.254.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-91.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 23:39:45 GMT
Content-Encoding: gzip
Age: 12758991
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2902
Last-Modified: Wed, 04 Mar 2020 22:45:14 GMT
Server: AmazonS3
ETag: "c840c3d549f745d3142417845de68270"
x-amz-version-id: gJqOFtzKpY5_MpSOYwBhAXEJLqR0Gl7t
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: 39X6dLqVa5sQ1N30RWOYfZaOmAUv-YiMQwSbxOsxfqFaYZ3OuIH8Rg==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 20:10:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Age: 1280325
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 24715
X-XSS-Protection: 0
Expires: Thu, 15 Jul 2021 20:10:50 GMT

GET
H/1.1 200
OK jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
3 KB 38ms
26ms Script
application/javascript 13.35.254.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 13.35.254.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-91.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 23:40:02 GMT
Content-Encoding: gzip
Age: 12758974
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1993
Last-Modified: Wed, 04 Mar 2020 22:45:08 GMT
Server: AmazonS3
ETag: "4799104a329f26092bfa477b9521781f"
x-amz-version-id: 3Wy5lixRUznAloAhbUaFfF1Y5iDM_h0A
Via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: Hm69QGyLGcwIvPKLWaned_wwUsW_P22ReXFpKeO-EvCquxnc9LCEww==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 48 KB
17 KB 99ms
60ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

5fcaf5af843a341089b5a2d25a91672a9ed53a2c45b2f68493412232841a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "586 / 905 of 1000 / last-modified: 1596118281"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16578
x-xss-protection: 0
expires: Thu, 30 Jul 2020 15:49:35 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 26ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Origin: http://info.sendio.com

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
status: 200
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1596124175.dop243.fr8.t,1596124175.cds246.fr8.hc,1596124175.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H/1.1 200
OK main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 20ms
19ms Script
application/javascript 13.35.254.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 13.35.254.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-91.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 29 Apr 2020 21:04:18 GMT
Content-Encoding: gzip
Age: 7929918
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 33645
Last-Modified: Wed, 29 Apr 2020 19:49:39 GMT
Server: AmazonS3
ETag: "e3cd90068d75377439e6202b33a169c9"
x-amz-version-id: JBFUS0AkE5K2tQgjpSYJVwZCr8Y4Yfgg
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: t6w7xqG1ao2QHAe5aPGpEOlurtnzWrBmpUezb0o09Z9VZBRQu_4KgA==

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

110 KB
39 KB

23ms
23ms

Script
application/javascript

2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44b4c934ddfd6112bc77443e17caa39d856e17d705c4eaf0614ff557046fca82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40286
x-xss-protection: 0
last-modified: Thu, 30 Jul 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jul 2020 15:49:35 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Date: Thu, 30 Jul 2020 15:49:35 GMT
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK 25691690-79ac-49c3-98e0-17f2a3e1c9f1
http://info.sendio.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://info.sendio.com/25691690-79ac-49c3-98e0-17f2a3e1c9f1
Requested by: Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
780 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular,700

Requested by

Host: builder-assets.unbounce.com
URL: http://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jul 2020 15:49:35 GMT
server: ESF
date: Thu, 30 Jul 2020 15:49:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jul 2020 15:49:35 GMT

GET
H/1.1 200
OK c68cd79a-ransomware-rising-2017-2x-100_10f00800e605400f01g01o.jpg
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 9 KB
9 KB 450ms
436ms Image
image/jpeg 143.204.208.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/c68cd79a-ransomware-rising-2017-2x-100_10f00800e605400f01g01o.jpg
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 143.204.208.218 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-218.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d91949af99fcd9998523f414f760d5cac73532d3d9f5c796f8b22b646dd178f6

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jun 2020 20:55:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "e941e5560790e13caf7d9787e770ec82"
X-Cache: Miss from cloudfront
x-amz-version-id: mlsx4ZZ.nS0EysPwUZXiFP2NXTX4fcXi
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8861
X-Amz-Cf-Id: xD1d9atlGPUJDzFwqz9vVivMtrKA19zDC9mBJvDqZQK0Ihv7VeJwNw==

GET
H/1.1 200
OK be394274-opt-inbox-process-2x-100_10f00800e606b00f00x01o.jpg
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 7 KB
8 KB 467ms
453ms Image
image/jpeg 143.204.208.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/be394274-opt-inbox-process-2x-100_10f00800e606b00f00x01o.jpg
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 143.204.208.218 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-218.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 364c300e5f07d59556bfa81c934e4418ceac51360a75edeb369a4d909d1879b3

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jun 2020 20:55:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "c0f843c77b614e04636945a70c02901e"
X-Cache: Miss from cloudfront
x-amz-version-id: ffkTDNrYUGyfrd2OshOZ5VrR8P_jPSPB
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 7495
X-Amz-Cf-Id: lTK-rLwOeqAjzgdkOD082y4OX1oGO0JnFs5IlvSgeSfZVmrNh98FxQ==

GET
H/1.1 200
OK 6b908d56-sendio-logo-transparent-white_102i014000000000000028.png
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 1 KB
2 KB 420ms
406ms Image
image/png 143.204.208.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/6b908d56-sendio-logo-transparent-white_102i014000000000000028.png
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 143.204.208.218 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-218.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46b892a13b7fd3da59852ea941f619f1131cb3830e5e17ed1d5f82b5c6cebf7f

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jun 2020 20:55:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "4d38649edf994ebd256300e63b308bdd"
X-Cache: Miss from cloudfront
x-amz-version-id: 64kFVxjoJ_CipptvC2abzILAWa7NQDyk
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1036
X-Amz-Cf-Id: -ri0EhyIO2MJZRjQMI29xRhteAFFqx5t9YEw6ZoX0ztHKVuP8chp3Q==

GET
H/1.1 200
OK 4234500b-sendio-eblast-ransomware-header-100_10fs05l0f004t00f00f01o.jpg
d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/ 8 KB
9 KB 449ms
435ms Image
image/jpeg 143.204.208.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d9hhrg4mnvzow.cloudfront.net/info.sendio.com/trusted-sender/4234500b-sendio-eblast-ransomware-header-100_10fs05l0f004t00f00f01o.jpg
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 143.204.208.218 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-218.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c821f6ccf608fb19f6026dd54d411ccd349fa6db3b2c1ade4e3cc6eb72a5a0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jun 2020 20:55:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "80f77cd5a884966d5c85967e5c0b505d"
X-Cache: Miss from cloudfront
x-amz-version-id: aNesFfg_.XA1j8N.6yUFd0V6cvuHp6tc
Cache-Control: max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8444
X-Amz-Cf-Id: 8jGeeqwuOan1cl_Wrn-YPccITFlH5_XI5ELb_V6AOTim86x14SNPHQ==

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Origin: http://info.sendio.com

Response headers

date: Tue, 14 Jul 2020 15:32:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1383400
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:32:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:regular,700
Origin: http://info.sendio.com

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 274380
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H/1.1 200
OK analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Jun 2020 23:38:14 GMT
Server: Golfe2
Age: 1713
Date: Thu, 30 Jul 2020 15:21:02 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=7200
Content-Length: 18469
Expires: Thu, 30 Jul 2020 17:21:02 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 26ms
8ms Script
application/x-javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
last-modified: Thu, 30-Jul-2020 15:49:35 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Thu, 06 Aug 2020 15:49:35 GMT

GET
H2 200 / Show response
f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com/ 479 B
612 B 84ms
21ms Script
application/json 151.101.113.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 25fccf00dec5e4d9d9964a2072e0da07347eb51cb87058d9a15d1720ead16fee

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 5701
x-amz-apigw-id: QefZrFaTjoEFWWg=
etag: 86c0636c9f0613423971c3d77587aa7e-v0.178.1
vary: Accept-Encoding
x-cache: Miss from cloudfront, HIT
content-type: application/json
status: 200
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: none
access-control-allow-origin: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 733 B
572 B 17ms
17ms Script
text/javascript 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95ad396ae5b9ff7b1e334d6be2a60d2a2a21b4a5b3ba085f6d6b9bbf0b8b5794

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 468
x-xss-protection: 1; mode=block
expires: Thu, 30 Jul 2020 15:49:35 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 115 KB
40 KB 77ms
38ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU1XQQDB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

619a5c78580d41539903229fa8b07507262d873f68a3e3298fa295a1a3eeb22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h: 8-12
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "b85e5ee5b03c502cc33d4eb7243e703b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=2400
date: Thu, 30 Jul 2020 15:49:35 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-31
expires: Thu, 30 Jul 2020 16:29:35 GMT

GET
H2 200 / Show response
610df60283ce46159d7012c382c77621.js.ubembed.com/ 479 B
612 B 84ms
20ms Script
application/json 151.101.113.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://610df60283ce46159d7012c382c77621.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4WWZ5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 47d65809bd5517186bdc9d2adff824bfed59fed915db4e27a861ba5ab1dc9af3

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 5700
x-amz-apigw-id: QUk5wFyXDoEFcNw=
etag: b20d8593f284c2b04157c7eff194e165-v0.178.1
vary: Accept-Encoding
x-cache: Miss from cloudfront, HIT
content-type: application/json
status: 200
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: none
access-control-allow-origin: *

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/1ZtptYybLEE7k/info.sendio.com/ 0
0 134ms
118ms Script
text/html 2600:9000:214f:be00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/1ZtptYybLEE7k/info.sendio.com/choice.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:be00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 30 Jul 2020 15:48:59 GMT
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 37
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/html
status: 403
cache-control: public, max-age=7200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: yZPeDpLWNiv-TUkm_9fuYAUAinjmp3qYSL6kdcBTjcEb7e7L_O0AIQ==

GET
H/1.1 200
OK i.js Show response
i.kissmetrics.com/ 39 B
321 B 196ms
181ms Script
application/x-javascript 107.22.214.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://i.kissmetrics.com/i.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 107.22.214.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-214-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 15:49:32 GMT
Server: nginx
P3P: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 39
Expires: Sat, 29 Aug 2020 15:49:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
830 B 34ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=info.sendio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
830 B 26ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=info.sendio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072301.js Show response
securepubads.g.doubleclick.net/gpt/ 253 KB
89 KB 63ms
63ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

be31d790c31b5492e47a666b767d66be19e5b03bf9d37754ca793ba38feb0210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 13:07:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91416
x-xss-protection: 0
expires: Thu, 30 Jul 2020 15:49:35 GMT

GET
H/1.1 200
OK 30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js Show response
scripts.kissmetrics.com/ 27 KB
12 KB 262ms
226ms Script
application/x-javascript 143.204.210.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: HTTP/1.1
Server: 143.204.210.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-55.fra53.r.cloudfront.net
Software: nginx/1.6.2 /
Resource Hash: 59d9d5aba2ed62ed84361fca07b6624b77a5b624110fb240523a9f31c7a96eb0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 30 Jul 2020 15:50:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Oct 2018 21:08:04 GMT
Server: nginx/1.6.2
X-Amz-Cf-Pop: FRA53-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
P3P: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
Cache-Control: max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
X-Amz-Cf-Id: MrTzLkafnLacDPK5p0OtOHPktR1WBQ_9YOG6rGDzjHKB2twap2bexA==

GET
H2

200

rules-p-1ZtptYybLEE7k.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js

3 B
357 B

375ms
364ms

Script
application/x-javascript

2600:9000:2057:1a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
Requested by: Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:45:25 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 251
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: jXxfIGZrMHq0_gZRzIv5-GPYPcNVQMTBSFgbHdPA2LbHnZRLKV80og==

Redirect headers

Date: Thu, 30 Jul 2020 15:49:35 GMT
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-1ZtptYybLEE7k.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: QPh7G9nA4Qky_cH7jhffbcKMXg-yrPlKILEW76EKNenWl4OTzYhQHg==

GET
H/1.1 200
OK collect
www.google-analytics.com/ 35 B
387 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google-analytics.com/collect?v=1&_v=j83&a=1030186354&t=pageview&_s=1&dl=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&ul=en-us&de=UTF-8&dt=Email%20is%20Confirmed%20%7C%20Sender%20Address%20Verification&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1438971716&gjid=1481917537&cid=1183914774.1596124176&tid=UA-384915-1&_gid=1115741258.1596124176&gtm=2wg7m1P4WWZ5&z=1466471615

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 21:55:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Age: 1274062
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 35
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&gjid=1481917537&_gid=1115741258.1596124176&_u=YGBAgAAB~&z=1706492368
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&_v=j83&z=1706492368
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&_v=j83&z=1706492368&slf_rd=1&random=4032053918

42 B
107 B

17ms
17ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&_v=j83&z=1706492368&slf_rd=1&random=4032053918

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 15:49:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Jul 2020 15:49:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-384915-1&cid=1183914774.1596124176&jid=1438971716&_v=j83&z=1706492368&slf_rd=1&random=4032053918
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.178.1/ 162 KB
46 KB 101ms
25ms Script
application/javascript 143.204.201.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.178.1/bundle.js
Requested by: Host: f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
URL: https://f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-8.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 May 2020 23:46:50 GMT
content-encoding: gzip
last-modified: Wed, 11 Dec 2019 22:14:50 GMT
server: AmazonS3
age: 7660966
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: YQ0H-zYNa8gmIe0ivGzjS4N24NMXeewZFPIj6L2EugeGLeGJzkoPmg==
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/ 329 KB
130 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19d89cdbffedb9bd8a76d2423a06280ddd513070445f2c11a1a5f6af8834f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 16:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 04:05:59 GMT
server: sffe
age: 256904
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133012
x-xss-protection: 0
expires: Tue, 27 Jul 2021 16:27:51 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.com/ 43 B
376 B 397ms
377ms Other
image/gif 54.172.233.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://trk.kissmetrics.com/e
Requested by: Host: scripts.kissmetrics.com
URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Protocol: HTTP/1.1
Server: 54.172.233.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-233-255.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 30 Jul 2020 15:49:35 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.com/ 43 B
376 B 400ms
381ms Other
image/gif 54.172.233.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://trk.kissmetrics.com/e
Requested by: Host: scripts.kissmetrics.com
URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Protocol: HTTP/1.1
Server: 54.172.233.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-233-255.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 30 Jul 2020 15:49:35 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.com/ 43 B
376 B 403ms
384ms Other
image/gif 54.172.233.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://trk.kissmetrics.com/e
Requested by: Host: scripts.kissmetrics.com
URL: http://scripts.kissmetrics.com/30556cc5548074a42cf08ef45c9c02d2eeda7986.2.js
Protocol: HTTP/1.1
Server: 54.172.233.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-233-255.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Jul 2020 15:49:36 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 30 Jul 2020 15:49:35 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
7 KB 52ms
52ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2464937744464430&correlator=2143385069137386&output=ldjh&impl=fifs&adsid=NT&eid=21066724&vrg=2020072301&gdpr_consent=tcunavailable&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200730&iu_parts=277638779%2CLP_SAV_300x250_Top_TargetBlank%2CLP_SAV_MAR2017_300x250_TargetBlank&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C300x250&bc=23&abxe=1&lmt=1592427326&dt=1596124176310&dlt=1596124175437&idt=352&frm=20&biw=1600&bih=1200&oid=3&adxs=938%2C938&adys=319%2C589&adks=2105499697%2C1283621901&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Finfo.sendio.com%2Ftrusted-sender%2F%3Futm_source%3Dchallenge%2520email%26utm_medium%3Demail%26utm_campaign%3DSAV&dssz=36&icsg=42631168&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1%7C300x-1&msz=300x-1%7C300x-1&ga_vid=1183914774.1596124176&ga_sid=1596124176&ga_hid=1030186354&fws=4%2C4&ohw=300%2C300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c4589bdef64c2eb7a5712c57d73905e93d231cd16062b6f24886c5c73563f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6092
x-xss-protection: 0
google-lineitem-id: 5197590702,159435619
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138290853135,108346023619
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://info.sendio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9376d29ba5db353df50a4786d622e503.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 43ms
18ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9376d29ba5db353df50a4786d622e503.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 18ms
6ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007210634000/ Frame F6F7 206 KB
56 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7121
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57364
x-xss-protection: 0
server: sffe
date: Thu, 30 Jul 2020 13:50:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da4645546e0fb9cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 13:50:55 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame F6F7 96 KB
30 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7129
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Thu, 30 Jul 2020 13:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 13:50:47 GMT

GET
DATA 200
OK truncated
/ Frame F6F7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f47511ea0e0717f18462661a5555612754f5efd57cb51bb571057ae86125fbd

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007210634000/ Frame 97D3 206 KB
56 KB 41ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7121
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57364
x-xss-protection: 0
server: sffe
date: Thu, 30 Jul 2020 13:50:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da4645546e0fb9cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 13:50:55 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 97D3 96 KB
29 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7129
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Thu, 30 Jul 2020 13:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 13:50:47 GMT

GET
DATA 200
OK truncated
/ Frame 97D3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b3c55a2bd5858046b6d6966b977e3f3ebbf1045eabf02b83e52b00627ba4be1

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11998061179317164195
tpc.googlesyndication.com/simgad/ Frame F6F7 50 KB
50 KB 12ms
10ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11998061179317164195

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0d0aeb62ec5a730ec6d52904aa340b7963d269dc8ba60be5ad00f0c0882f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:06:40 GMT
x-content-type-options: nosniff
age: 268976
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51053
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 15:56:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jul 2021 13:06:40 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6F7 0
316 B 56ms
54ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX8qwe3GpzkROMwTgLqFanZiy0QyMkd0j4dMp7GgETaSCfCoypWAG0dW9zeZbZJygdxru4Bi0ydCwDo9g8BUnss5yAzQlx_Yp-siLMvC4WEMWbsJeN6Ws0JdU4Lylp6pTvBmwZB4xtLNkv3dtV7qTxjDa96hhBEaJNwOoRo6P6WpTBBnt3Lk9D9Id3reoOqwLHtL7gQPj1SdwA0dvkOhyg3ZPE14QSbJlOLKDc1hit0wuOI6ljpjCWbp4qa-hcwAaXmwRD82H7TFauzYwEdjrs6YVsbFtB41Y&sig=Cg0ArKJSzNDxgxRROtbBEAE&adurl=

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Jul 2020 15:49:36 GMT

GET
H2 200 12938613454478336496
tpc.googlesyndication.com/simgad/ Frame 97D3 23 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12938613454478336496

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b776378d4076ba65400e79c1974d12a4b6861a6d7ea69a908afbc92e78f8a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:06:40 GMT
x-content-type-options: nosniff
age: 268976
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23952
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 19:02:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jul 2021 13:06:40 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 97D3 0
275 B 55ms
55ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7Zj-5_7gFXlCHDUdc_GokHrCfISHizoICf0R1cLy4pxZ9QvVhqTZiNVE6VFHB_W-CnsX6_RW7nzP0Ia7-Q46HWQoJ9CLcgf7qeQUMx3sXHguJgDfmmZC38D5JAKjMUdxURc3Y7YYaUvrZlxPelc67FqzE0d8SqoXlFtyIlP-8uhNcS3HTvOJhFDFGqruiKNIx5QimmTtyZxxWtl8oUeuK29UoBwcOADvrBiPNlJFeJxdEZ0FlOnhcUzpIOG0Jyb5EpQh2m5_hEfiEzqkFKPnFL9J0wgGBVe7vwnU&sig=Cg0ArKJSzB-v6pvK1BdLEAE&adurl=

Requested by

Host: info.sendio.com
URL: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Jul 2020 15:49:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 29ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e4efba658a58bb5ac93c3c2f8cef172fb2e338dca15b721e1dba008a7b9dbf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5730
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 30 Jul 2020 15:49:36 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A889 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 30 Jul 2020 15:31:48 GMT
expires: Fri, 30 Jul 2021 15:31:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1068
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 12938613454478336496
tpc.googlesyndication.com/simgad/ Frame 97D3 23 KB
23 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12938613454478336496

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b776378d4076ba65400e79c1974d12a4b6861a6d7ea69a908afbc92e78f8a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:06:40 GMT
x-content-type-options: nosniff
age: 268976
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23952
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 19:02:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jul 2021 13:06:40 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 97D3 0
55 B 56ms
56ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy5rHktLhCAYNMXuAVMd-3NZiiMeQmqXUemtRlizVMXR0nIAR9pk7plfHmwz-2vhQIM-dLBqlhqvfSIjBIpIaW57ZkI62BosXSrTjVlAsa5oyfbEZAuV8MG4lFyHaEnYCm7XieBcVpM7ZcKL6Wd0FYl6GjdcA2gX7TG4Owo7FHeeyBNtBmL9mDKeL6fEnNXk2vI-o3391M-4YObzuuW4i-q7_ud6jGxIaJyKxrveGmOm6AK18AUOw81yAHevajKypd8lygXC_PeZVPWgxEB4nWvjNfuB95n7Oixgbt8Q&sig=Cg0ArKJSzG2RzPaCHw6tEAE&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 11998061179317164195
tpc.googlesyndication.com/simgad/ Frame F6F7 50 KB
50 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11998061179317164195

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0d0aeb62ec5a730ec6d52904aa340b7963d269dc8ba60be5ad00f0c0882f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:06:40 GMT
x-content-type-options: nosniff
age: 268976
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51053
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 15:56:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jul 2021 13:06:40 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6F7 0
55 B 58ms
57ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5GDMXZxAeq_7CtFuOgaLJuAGr0aKpuFit18vbCTV-16f03mubbnJqMpZqQYDYUxPGZ5YlB7hGOYwBzGhvuqxWNpXhDQP-IfB-HLV9P2KSG_V3f1wXpA2OT_SzYCBgi-vyCOyhcCCdQ_2XPzmodVHAOZlhj5_3qB27hiqziGlL_gxRmVgJZcBqsHwHudXZXYcbGOEfJM2UANqZW_72VH65TTQGfSJq8ngt6j8i-zAmlEkluTU3eGIicl8oeNGC6wgx74_RnVC5XXZPKAAkkdYBl2H4mUtiS3r_8w&sig=Cg0ArKJSzO-et-26cbU7EAE&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jul 2020 15:49:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
234 B 39ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072301&jk=2464937744464430&bg=!z8ylzNRYTRV_NsEdrn4CAAAAZ1IAAAANmQGF-Q9oWZocB39LadFv4psuMVGQlsZbnBWel2tn_IqNp-ikcj4ypM7VHJaAI99pnhHNMOrzs-6DUy_nCQeiQBvtmWwUQ1As7RNkvagm8qKskeIfQlM0WjNc3TZOr4-dP8WoU_zpGJ1o5AAuMHDv6Abo4BzNiz7Zfpr_Kyi7wRdIvF_59WgOIxo5GY4DF3CwfR-HXDJogU4qTRvkj-WmCRr9xBMFyMYDohxj6zrfojqIUvXypW27LvM5JsIk21FBHKN7FV3KaXORN66a923Ti9bw2Fff0u4-spkRwN2OLS9Xlr1NPMNublwojjr83dwgzqbTcLr1G-6lYdxLxvsdqW28YO3B9XY7rlsdcdx8gm81TVRuONKk7p2RWXXSCg4h4xHbjkT2tbas-CwU-vZaR3wg2igzYIF_X13Bp0xPKjJlcKrnslWZOXsbvL7hozFn5lFQVJ3i9eli8NpKEp0jO2P7_XnA7oBAHd1WCOIMj8RUv79wlaqaeC0OYgEqNNWJrsQpDa5eTqg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 15:49:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 97D3 42 B
113 B 39ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOrxtlQgvzGFdfCLSBGVeeNUio1BFys7RfDJdAVL32vm8Ak_HWlskYB2Pf2XUpNcCDEB5JRldBe2uQKlz8K1BeAchKGb8Pxu-eRgNDrlM&sig=Cg0ArKJSzNfp_4_VgPV6EAE&id=ampim&o=938,589&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=105&tls=1105&g=100&h=100&tt=1105&r=v&avms=ampa&adk=1283621901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 15:49:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F6F7 42 B
108 B 39ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpzYBo5an1v6ZMLHSY7FaCHqka6QrFSbENFclyIAKxheZcQtPctircGsgSK4H41ZpTaNAdRFYBCHWKSh36U7xLltU2SWvqBWFY10ZevBk&sig=Cg0ArKJSzFAPy7xvgC0xEAE&id=ampim&o=938,319&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=91&tls=1091&g=100&h=100&tt=1091&r=v&avms=ampa&adk=2105499697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jul 2020 15:49:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sendio.com/	1970-01-21 07:10:04	Name: km_lv Value: 1596124176
.sendio.com/	1969-12-31 23:59:59	Name: kvcd Value: 1596124176005
.info.sendio.com/	1970-01-20 04:53:16	Name: _ga Value: GA1.3.1183914774.1596124176
.sendio.com/	1970-01-19 11:26:23	Name: ubvt Value: 185.217.171.121596193431812472
.sendio.com/	1970-01-19 11:22:05	Name: km_vs Value: 1
.sendio.com/	1970-01-19 13:31:40	Name: _gcl_au Value: 1.1.1552153798.1596124176
.info.sendio.com/	1970-01-19 11:22:04	Name: _dc_gtm_UA-384915-1 Value: 1
.info.sendio.com/	1970-01-19 11:23:30	Name: _gid Value: GA1.3.1115741258.1596124176
info.sendio.com/	1970-01-19 15:41:16	Name: ubvs Value: 185.217.171.121596193431812472
info.sendio.com/trusted-sender/	1969-12-31 23:59:59	Name: ubrs Value: weighted
.sendio.com/	1970-01-21 07:10:04	Name: km_ai Value: ODkPFjtViu1UFG2S8SbQhAUEeuk%3D
info.sendio.com/trusted-sender/	1970-01-19 15:47:01	Name: ubpv Value: b%2C2d55fb81-72ec-48e3-acac-5b3d5644158e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js(Line 64) Message: reCAPTCHA couldn't find user-provided function: onloadCallback
console-api	info	URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
console-api	info	URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 http://info.sendio.com/trusted-sender/?utm_source=challenge%20email&utm_medium=email&utm_campaign=SAV
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuy5rHktLhCAYNMXuAVMd-3NZiiMeQmqXUemtRlizVMXR0nIAR9pk7plfHmwz-2vhQIM-dLBqlhqvfSIjBIpIaW57ZkI62BosXSrTjVlAsa5oyfbEZAuV8MG4lFyHaEnYCm7XieBcVpM7ZcKL6Wd0FYl6GjdcA2gX7TG4Owo7FHeeyBNtBmL9mDKeL6fEnNXk2vI-o3391M-4YObzuuW4i-q7_ud6jGxIaJyKxrveGmOm6AK18AUOw81yAHevajKypd8lygXC_PeZVPWgxEB4nWvjNfuB95n7Oixgbt8Q&sig=Cg0ArKJSzG2RzPaCHw6tEAE&adurl=
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5GDMXZxAeq_7CtFuOgaLJuAGr0aKpuFit18vbCTV-16f03mubbnJqMpZqQYDYUxPGZ5YlB7hGOYwBzGhvuqxWNpXhDQP-IfB-HLV9P2KSG_V3f1wXpA2OT_SzYCBgi-vyCOyhcCCdQ_2XPzmodVHAOZlhj5_3qB27hiqziGlL_gxRmVgJZcBqsHwHudXZXYcbGOEfJM2UANqZW_72VH65TTQGfSJq8ngt6j8i-zAmlEkluTU3eGIicl8oeNGC6wgx74_RnVC5XXZPKAAkkdYBl2H4mUtiS3r_8w&sig=Cg0ArKJSzO-et-26cbU7EAE&adurl=
console-api	warning	(Line 4) Message: USP is not accessible

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

610df60283ce46159d7012c382c77621.js.ubembed.com
9376d29ba5db353df50a4786d622e503.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
assets.ubembed.com
builder-assets.unbounce.com
cdn.ampproject.org
code.jquery.com
contextual.media.net
d9hhrg4mnvzow.cloudfront.net
f850957a53904ad8ad941ef1c2ba38a3.js.ubembed.com
fonts.googleapis.com
fonts.gstatic.com
i.kissmetrics.com
info.sendio.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rules.quantcount.com
sav.sendio.net
scripts.kissmetrics.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
trk.kissmetrics.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
107.22.214.169
13.35.254.91
143.204.201.8
143.204.208.218
143.204.210.55
151.101.113.131
2001:4de0:ac19::1:b:1a
216.58.212.162
23.210.250.97
2600:9000:2057:1a00:6:44e3:f8c0:93a1
2600:9000:214f:be00:9:46dc:4700:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:819::2001
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::200a
2a00:1450:4001:821::200a
2a00:1450:4001:824::2003
2a00:1450:400c:c01::9a
54.172.233.255
54.225.136.52
54.93.101.66
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
14b4f1a133b65bb88587ee57b0bfd7312998899e398e7fd8f68052fffec6a6d0
1f47511ea0e0717f18462661a5555612754f5efd57cb51bb571057ae86125fbd
25fccf00dec5e4d9d9964a2072e0da07347eb51cb87058d9a15d1720ead16fee
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
364c300e5f07d59556bfa81c934e4418ceac51360a75edeb369a4d909d1879b3
44b4c934ddfd6112bc77443e17caa39d856e17d705c4eaf0614ff557046fca82
46b892a13b7fd3da59852ea941f619f1131cb3830e5e17ed1d5f82b5c6cebf7f
47d65809bd5517186bdc9d2adff824bfed59fed915db4e27a861ba5ab1dc9af3
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
59d9d5aba2ed62ed84361fca07b6624b77a5b624110fb240523a9f31c7a96eb0
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5e4efba658a58bb5ac93c3c2f8cef172fb2e338dca15b721e1dba008a7b9dbf8
5fcaf5af843a341089b5a2d25a91672a9ed53a2c45b2f68493412232841a9091
619a5c78580d41539903229fa8b07507262d873f68a3e3298fa295a1a3eeb22b
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
72c821f6ccf608fb19f6026dd54d411ccd349fa6db3b2c1ade4e3cc6eb72a5a0
7b0d0aeb62ec5a730ec6d52904aa340b7963d269dc8ba60be5ad00f0c0882f1a
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95ad396ae5b9ff7b1e334d6be2a60d2a2a21b4a5b3ba085f6d6b9bbf0b8b5794
9b3c55a2bd5858046b6d6966b977e3f3ebbf1045eabf02b83e52b00627ba4be1
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b776378d4076ba65400e79c1974d12a4b6861a6d7ea69a908afbc92e78f8a336
be31d790c31b5492e47a666b767d66be19e5b03bf9d37754ca793ba38feb0210
c4589bdef64c2eb7a5712c57d73905e93d231cd16062b6f24886c5c73563f8f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d91949af99fcd9998523f414f760d5cac73532d3d9f5c796f8b22b646dd178f6
df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19d89cdbffedb9bd8a76d2423a06280ddd513070445f2c11a1a5f6af8834f65
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

info.sendio.com Open in urlscan Pro 54.93.101.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

57 Requests

70 %HTTPS

61 %IPv6

21 Domains

31 Subdomains

27 IPs

4 Countries

890 kBTransfer

2275 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

info.sendio.com Open in urlscan Pro
54.93.101.66 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

70 %
HTTPS

61 %
IPv6

21
Domains

31
Subdomains

27
IPs

4
Countries

890 kB
Transfer

2275 kB
Size

12
Cookies

57 HTTP transactions
3 data transactions