urlscan.io logo urlscan.io
SecurityTrails logo

newsletter.mi6-hq.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsletter.mi6-hq.com/lists/?p=confirm&uid=795f46988208b2652e75608c3d631cff
Submission: On March 14 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsletter.mi6-hq.com.
TLS certificate: Issued by E1 on February 15th 2024. Valid for: 3 months.
This is the only time newsletter.mi6-hq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 18.66.137.95 16509 (AMAZON-02)
6 2
Domain Requested by
4 newsletter.mi6-hq.com 1 redirects newsletter.mi6-hq.com
1 assets.mi6-hq.com newsletter.mi6-hq.com
1 d3u7tsw7cvar0t.cloudfront.net newsletter.mi6-hq.com
1 www.mi6-hq.com newsletter.mi6-hq.com
6 4

This site contains links to these domains. Also see Links.

Domain
www.phplist.com
Subject Issuer Validity Valid
mi6-hq.com
E1		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://newsletter.mi6-hq.com/lists/?p=confirm&uid=795f46988208b2652e75608c3d631cff
Frame ID: 15D3EDF949DA89DC518E69013A28B0E7
Requests: 4 HTTP requests in this frame

Frame: https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 1ECAAC21ADA04C38ED9530114BCA3906
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

phpList membership confirmation page

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

2
IPs

1
Countries

48 kB
Transfer

50 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsletter.mi6-hq.com/lists/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.mi6-hq.com/lists/?p=confirm&uid=795f46988208b2652e75608c3d631cff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db44f7b0ed895e4cd41c6725a98e2ff93bb7a137a125e48ed1a1858074b868aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.mi6-hq.com mi6hq.substack.com www.mi6confidential.com newsletter.mi6-hq.com www.mi6community.com assets.mi6-hq.com;
Strict-Transport-Security max-age=5184000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin
https://newsletter.mi6-hq.com https://www.mi6confidential.com
access-control-max-age
1000
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8645a3270d21b8a8-AMS
content-encoding
br
content-security-policy
frame-ancestors 'self' www.mi6-hq.com mi6hq.substack.com www.mi6confidential.com newsletter.mi6-hq.com www.mi6community.com assets.mi6-hq.com;
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 16:28:31 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBJDQ6e9nByX6dgLiM1020FcbZDw6XsJ1A2QCuuI97ACI%2BsRdMpUjljiBCSpM7CNEdRY%2BDl140x1hTNpIKDXkCpo%2BKFu8X1%2FL5A%2BUscTtfZXF7mndZ2329xAxIxHjr8f%2FrQFdN6nL%2BVg9yW3PJOxMWTKHMg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
mi6.css
www.mi6-hq.com/newsletter/styles/ 		348 B
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mi6-hq.com/newsletter/styles/mi6.css
Requested by
Host: newsletter.mi6-hq.com
URL: https://newsletter.mi6-hq.com/lists/?p=confirm&uid=795f46988208b2652e75608c3d631cff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c51135d9fbff33243b8415ad6eec1f6a0ac4733df0d879a3f8fc4c3b8403889
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.mi6confidential.com mi6hq.substack.com newsletter.mi6-hq.com www.mi6confidential.com assets.mi6-hq.com;
Strict-Transport-Security max-age=5184000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newsletter.mi6-hq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:28:31 GMT
strict-transport-security
max-age=5184000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' www.mi6confidential.com mi6hq.substack.com newsletter.mi6-hq.com www.mi6confidential.com assets.mi6-hq.com;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
11287
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 03 Apr 2016 06:32:26 GMT
server
cloudflare
etag
W/"15c-52f8ec684b280-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mq%2BUiEq%2BdA6flJ9DKD6iTdks7M8YWVMe0RTYgwg1oTS2rgDcB6qMTyymTAxslcbSkpVbuli8BWP%2BeFqXGvzeyJAJSaZGDlkSM%2Fvc0okvfsx6Z5ahIboamgvcEZ%2FyYcxutsae82rzRK03%2FQ2q6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
mi6-hq.com, assets.mi6-hq.com, newsletter.mi6-hq.com, mi6confidential.com, mi6community.com, mi6hq.substack.com
cache-control
max-age=2592000
cf-ray
8645a3285e65b8a8-AMS
expires
Wed, 03 Apr 2024 20:26:11 GMT
power-phplist.png
d3u7tsw7cvar0t.cloudfront.net/images/3.6.14/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3u7tsw7cvar0t.cloudfront.net/images/3.6.14/power-phplist.png
Requested by
Host: newsletter.mi6-hq.com
URL: https://newsletter.mi6-hq.com/lists/?p=confirm&uid=795f46988208b2652e75608c3d631cff
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e97007e78654d70bea69fd7e51047c1f4949b35d7ce26d49eb66c5ba42097f12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newsletter.mi6-hq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 03:27:10 GMT
Via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 Oct 2023 18:43:24 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1696444971/ctime:1696444948/gid:127/gname:docker/md5:5021a64cdd02552a3eb08de5a9254fd6/mode:33188/mtime:1696444782/uid:1001/uname:runner
X-Amz-Cf-Pop
FRA60-P4
Age
46882
x-amz-server-side-encryption
AES256
ETag
"5021a64cdd02552a3eb08de5a9254fd6"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2135
X-Amz-Cf-Id
0tqP5ohFg8r5CYo5WIzzS1zE618oMc3npJ84EvqDYxP7YsVHenrtiA==
mi6_header.jpg
assets.mi6-hq.com/themes/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.mi6-hq.com/themes/mi6_header.jpg
Requested by
Host: newsletter.mi6-hq.com
URL: https://newsletter.mi6-hq.com/lists/?p=confirm&uid=795f46988208b2652e75608c3d631cff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3b5c493746aa106f9989fc102a0022d5b16918e3a77a54c64ab82f7571c878
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newsletter.mi6-hq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:28:31 GMT
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=5184000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P1
age
87821
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
37854
last-modified
Mon, 29 Apr 2019 01:26:59 GMT
server
cloudflare
etag
"eebbbe268723c1cb0da8611eaa15e8cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=peuioHCazTRgqKV1KJO8%2BCgUe34f0nnTda871tqdLHT3MPxtuNB%2Fbvv%2F32qHa4ILRhDJ5d6rdEc6i8MPQzCtYmtGIq59vWg4sYlGdrYoeyXJJp5zZ1WYWP8NP%2F5pAioY6KpXAAn1%2BG4ly%2BM%2F1KF15Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
cf-ray
8645a328ef2bb8a8-AMS
x-amz-cf-id
t4iFbJUmKN5AXxOuReFldBDc0yMyPFzGSyggrD6ZLtwOEzEmYdKjOQ==
main.js
newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 1ECA
Redirect Chain
  • https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8aea56ebc059166d53bc8d986d206cdba7bc8e640bb08214240ff0fe209d47
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:28:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGLOwLdv2DSEDseXotVh5luZg5WBiSLkH%2BVgLgyvVzR0jejwnG%2BAl4xCnLH3MC2O%2BSh2kJh0TLSpU9fUg0bSEbVjnh7AOPnsR5DQtK7TEVykj2qFxCXBBB%2BtbexShtHRX0YvSzNqc9B9cFBz88oDwkbqbtA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8645a32a88c9b8a8-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Mar 2024 16:28:31 GMT
strict-transport-security
max-age=5184000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5cA7nxZ1DkVBoWsahz5TTcNo8t%2BvivKiheVUmy9%2FLTtbCxmHnS3tIhMDC0fbOljLO4%2FgEmWwNd8R%2FGRxFc113pBi7UHaGFfpgakbX4HSxHDqLN0WKrnNlbUGxruMHBUGF6z%2FXGytMQ6zgIkiwY9ytI9YtM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
cache-control
max-age=300, public
cf-ray
8645a328aef1b8a8-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
8645a3270d21b8a8
newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1ECA 		0
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/h/g/jsd/r/8645a3270d21b8a8
Requested by
Host: newsletter.mi6-hq.com
URL: https://newsletter.mi6-hq.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 16:28:31 GMT
strict-transport-security
max-age=5184000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEj2StxMcx9cO2RCwjvQqRXxPTfvMmTqGVue3n%2BsMyK6VtlF73GrVZYXMp%2FApd1Q2wM3eSH0lXHsZg5M5GsGFbJ3JCiV5g3QXEqDhKyFMNiPi4I3lfIOtcvDX0%2B%2BAK8Pdir76AzTxSLDQgC5oAOoXPCVGFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8645a32b098e7794-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
newsletter.mi6-hq.com/ Name: phpListSession
Value: fg4hq8i8bnl8h0dpit4c8c0hr1
.mi6-hq.com/ Name: cf_clearance
Value: MIkCcyzLNokzX_SSSfHoUX0d_VauMhuw8Gk8JdwR3Js-1710433711-1.0.1.1-czCrOdBvuFv6xt_Aaok0xQKdErjFra8x1Cr5_k2FrWnYjQYnWvoRD4zcEPHeTKHDVN9JBNDXFqQ.Krvx11aGAg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' www.mi6-hq.com mi6hq.substack.com www.mi6confidential.com newsletter.mi6-hq.com www.mi6community.com assets.mi6-hq.com;
Strict-Transport-Security max-age=5184000; includeSubDomains; preload
X-Content-Type-Options nosniff