urlscan.io logo urlscan.io
SecurityTrails logo

emedeventslive.s3-us-west-2.amazonaws.com Open in urlscan Pro
52.218.153.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u9366208.ct.sendgrid.net/ls/click?upn=0FhmaBVRYcIv6Px78ew1epvHOKTUzX59q7DfLWRmGJJ65Ianlr8dent-2BcclqvTACVyUlHMtO8cbnscJjl...
Effective URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Submission: On March 10 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 52.218.153.217, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is emedeventslive.s3-us-west-2.amazonaws.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on July 30th 2020. Valid for: a year.
This is the only time emedeventslive.s3-us-west-2.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.118.35 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u9366208.ct.sendgrid.net
2    52.218.153.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
emedeventslive.s3-us-west-2.amazonaws.com
1    13.111.186.217 (United States)

ASN22606 (EXACT-7, US)
PTR: click.email.gotoper.com
click.email.gotoper.com
3    52.31.77.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-77-198.eu-west-1.compute.amazonaws.com
beacon.krxd.net
9    2a02:26f0:64::210:b543 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.email.gotoper.com
3    52.217.66.248 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
per16.s3.us-east-1.amazonaws.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
84cc07de73e87ad897c599dcc0391ee1.safeframe.googlesyndication.com
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Domain Requested by
9 image.email.gotoper.com emedeventslive.s3-us-west-2.amazonaws.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net emedeventslive.s3-us-west-2.amazonaws.com
securepubads.g.doubleclick.net
3 per16.s3.us-east-1.amazonaws.com emedeventslive.s3-us-west-2.amazonaws.com
3 beacon.krxd.net emedeventslive.s3-us-west-2.amazonaws.com
2 emedeventslive.s3-us-west-2.amazonaws.com emedeventslive.s3-us-west-2.amazonaws.com
1 84cc07de73e87ad897c599dcc0391ee1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 click.email.gotoper.com emedeventslive.s3-us-west-2.amazonaws.com
1 u9366208.ct.sendgrid.net 1 redirects
30 12

This site contains links to these domains. Also see Links.

Domain
www.emedevents.com
Subject Issuer Validity Valid
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-07-30 -
2021-08-04		 a year crt.sh
click.email.gotoper.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-14 -
2022-01-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
akamai-san171.exacttarget.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-17		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.nl
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Frame ID: 9B09466CFA774B99F02E7A3A29D6DB07
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 49DC8D4520D382BFC63459F19EB36D66
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u9366208.ct.sendgrid.net/ls/click?upn=0FhmaBVRYcIv6Px78ew1epvHOKTUzX59q7DfLWRmGJJ65Ianlr8dent-2Bcclqv... HTTP 302
    https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

30
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

1042 kB
Transfer

1283 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u9366208.ct.sendgrid.net/ls/click?upn=0FhmaBVRYcIv6Px78ew1epvHOKTUzX59q7DfLWRmGJJ65Ianlr8dent-2BcclqvTACVyUlHMtO8cbnscJjlDnPFwHo9jxQTfucF-2FXTw5o-2F8Xk7ll9uFH2s8iAphzFJKo8Xk3MG34rmqZ-2FYFHCIL8qrJA-3D-3D52dN_GT6YAEts0on5Z7PYCy9xV5DWDhzQYOY9OHTLblYkyvkgn22L2ubxzw6VKkCph-2FY1YVabGmlzJO50o3Bk7tgClqreqZOBezje9jbKi0BoWcGXcL0h2hi0pKkS6fcCyBLRyTrIIqid1ugVQoxF1OMhko-2BrhLW0QM0PQ4o0QvsfDTiwLJa8Ev8ddYTEsIegU6eYMzu4vTOtEYkQkTM02yD976ywAYXEW7Galk6AvR1Rf5r0rjg0FSP9JhE5YYFZ0pVz8lH2TmwaYxW-2B2p-2F1BjQZzZEMawO0bNqCnzVw4mt8vQNNgjD4dm2o43zkNc0WFZ4Z2GOhT6mIaGNfw4heMB0atbveVf4QHpsn8YoDgsuUlhSaPaEgwZDw5x77uZC4iHFNd2oEpmQsqJFwornoRwS6WwiJl3ybbeP3nqRnQFyqqNWpCCbiGsRSsU5aZEJHnzoT HTTP 302
    https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PER-102.html
emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/
Redirect Chain
  • https://u9366208.ct.sendgrid.net/ls/click?upn=0FhmaBVRYcIv6Px78ew1epvHOKTUzX59q7DfLWRmGJJ65Ianlr8dent-2BcclqvTACVyUlHMtO8cbnscJjlDnPFwHo9jxQTfucF-2FXTw5o-2F8Xk7ll9uFH2s8iAphzFJKo8Xk3MG34rmqZ-2FYFHC...
  • https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.153.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7849d471bf313e040f77bc392fa4cfcad4e6507c52789de5bfc78baa4c51497e

Request headers

Host
emedeventslive.s3-us-west-2.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2
OHSEFs8AeSOPIqnyg3jt0/fSpNWog7b9tiOLtk5YeSyPkYln/mLJtFzBODCu/2rveW8ExGTED6M=
x-amz-request-id
8B09CKQQ9MX6Y4RG
Date
Wed, 10 Mar 2021 18:41:47 GMT
Last-Modified
Sat, 06 Mar 2021 11:29:06 GMT
ETag
"d6e8e808553f87db9a54399722247a8c"
x-amz-server-side-encryption
AES256
x-amz-meta-cb-modifiedtime
Sat, 06 Mar 2021 11:29:04 GMT
x-amz-version-id
CNuS6P..vQFN9aZQxIlg0TViyNaHnAje
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
33716
Server
AmazonS3

Redirect headers

Server
nginx
Date
Wed, 10 Mar 2021 18:41:45 GMT
Content-Type
text/html; charset=utf-8
Content-Length
116
Connection
keep-alive
Location
https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
X-Robots-Tag
noindex, nofollow
open.aspx
click.email.gotoper.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.email.gotoper.com/open.aspx?ffcb10-feca1578756d047e-fe631673746707757316-fe3715707564067e761c77-ff981271-fe511773716d017b7d1c-ffce15&d=100143&bmt=0
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.186.217 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
click.email.gotoper.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:46 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
1x1_usermatch.gif
beacon.krxd.net/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/1x1_usermatch.gif?partner=MY4IoRRR_sfmc_100023387_sha256&partner_uid=19e8e9bb03629545a54e9853b14b0ebdea0ca8313a24c02cebb195a83e36fdb0
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.77.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-77-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 10 Mar 2021 18:41:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1615401706
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
42
x-served-by
beacon-n023-dub-prod.krxd.net
1x1_usermatch.gif
beacon.krxd.net/ 		42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/1x1_usermatch.gif?partner=MY4IoRRR_sfmc_100023387_subid&partner_uid=33495688
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.77.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-77-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 10 Mar 2021 18:41:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1615401706
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
42
x-served-by
beacon-n014-dub-prod.krxd.net
1x1_ad_impression.gif
beacon.krxd.net/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/1x1_ad_impression.gif?confid=ucbsf9y20&advertiserid=100023387&campaignid=SOGO_2021_Broad_Email_2
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.77.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-77-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 10 Mar 2021 18:41:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1615401706
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
42
x-served-by
beacon-n016-dub-prod.krxd.net
c39314d8-126a-4a61-8fc8-734dd747eab7.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/c39314d8-126a-4a61-8fc8-734dd747eab7.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e501a0e8ebeb7a4abdebf488d3dab3b9e23a848d7e59c6ac8e751c55ef78ff27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:47 GMT
Last-Modified
Wed, 06 Jan 2021 14:47:04 GMT
Server
AkamaiNetStorage
ETag
"fc72f29c3f91604ffb39e8ea4ea86bf8:1609944424.742135"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25904
f3ef00c8-a5ae-45b6-a03c-3f6a9a650429.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/f3ef00c8-a5ae-45b6-a03c-3f6a9a650429.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0e79850038d28800d8d0f96324a7cec3d91ff3c68b5ac45e6e1d57c6af87b949

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:47 GMT
Last-Modified
Wed, 24 Feb 2021 14:57:12 GMT
Server
AkamaiNetStorage
ETag
"2b82c2e070b0de94618d5cb05a49fa91:1614178632.156161"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38486
4aadd39e-6e4c-479f-a566-33764322446e.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/4aadd39e-6e4c-479f-a566-33764322446e.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
997af1812fa1a8552ef19c8a3323c10d786c793197f90c76c589c5a59883eb0b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:47 GMT
Last-Modified
Wed, 06 Jan 2021 15:18:02 GMT
Server
AkamaiNetStorage
ETag
"8e50fdb7c755f561ab9fce3533390a7f:1609946282.639591"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1844
158c563f-1897-44b4-a0c4-0292bc577111.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/1/ 		955 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/1/158c563f-1897-44b4-a0c4-0292bc577111.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
19e289ef35b8d6afbbc19600896ce4101929f2b0bee4262b0901b45894f14955

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:47 GMT
Last-Modified
Tue, 01 Sep 2020 05:20:13 GMT
Server
AkamaiNetStorage
ETag
"6c4b219df3a2b939c81307eb39f802aa:1598937613.420281"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
955
b2c45e6e-067e-4177-af25-23d8171f0255.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/b2c45e6e-067e-4177-af25-23d8171f0255.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b18eecf5f1bfdd811c67c00ba5945458ed19f3fa04c32bee01a98bd1a5aaa31e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:47 GMT
Last-Modified
Wed, 06 Jan 2021 15:28:56 GMT
Server
AkamaiNetStorage
ETag
"add0e8c65fe2d571769b650accffa89a:1609946936.581646"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2982
4ebf5562-6a93-42eb-80bd-1c87680965bf.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		652 KB
653 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/4ebf5562-6a93-42eb-80bd-1c87680965bf.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2116230dfd4025eb854fad5381ca46875429570e34a6ecc547300942403ddb67

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Fri, 26 Feb 2021 17:31:48 GMT
Server
AkamaiNetStorage
ETag
"69d388bed1bdf41bc5715251328f8fe0:1614360708.00351"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
668061
SOGO21%20Email%20Banners_Banner.png
per16.s3.us-east-1.amazonaws.com/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://per16.s3.us-east-1.amazonaws.com/SOGO21%20Email%20Banners_Banner.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.66.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b4903966021a5d21e1e075177e3e4b4db42a7d326f92f988dc375bc42b1065cc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Mon, 22 Feb 2021 15:04:27 GMT
Server
AmazonS3
x-amz-request-id
PVPSMATF3EDXDT5G
ETag
"4586831e728b0670563ebdb1ef27a577"
x-amz-meta-sha256
b4903966021a5d21e1e075177e3e4b4db42a7d326f92f988dc375bc42b1065cc
x-amz-version-id
1xMb57gXQdZgrDQyHlVsaOhkpAp9hUZp
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
70185
x-amz-id-2
urpOfSW3giGSEaCJnG6AA814myp6R7cKdR0PbCftSymC8tOgUj1jofQI0lKAvpT9UCJOwTS2gfo=
x-amz-meta-s3b-last-modified
20210222T144836Z
1eb44ab6-ea3d-400f-b204-65689596ff54.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/1eb44ab6-ea3d-400f-b204-65689596ff54.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5cf3ba0f50e45f0a0b2ef98f043eaa3c236f79d2e6b4cdd66e643e3473ca9fa0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Tue, 02 Feb 2021 21:08:42 GMT
Server
AkamaiNetStorage
ETag
"6fab08344cb7f5e5f7d4778de73bca42:1612300122.572093"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3750
faculty_marshall_john.jpg
per16.s3.us-east-1.amazonaws.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://per16.s3.us-east-1.amazonaws.com/faculty_marshall_john.jpg
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.66.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
754d6f01d5721e026c9488571aee336efc4b574feeecde73c51c84333bc979cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Mon, 22 Feb 2021 15:03:28 GMT
Server
AmazonS3
x-amz-request-id
PVPJKY8CN0ZB6EGV
ETag
"7d1f584e7a7fc62bd8ce008be18d33de"
x-amz-meta-sha256
754d6f01d5721e026c9488571aee336efc4b574feeecde73c51c84333bc979cb
x-amz-version-id
NsrQh5Hu9_YotKnXdfGPO1EHtAnT8yx8
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
8720
x-amz-id-2
/Mq/WGo/f3VjafrhQrEZ/kAVzwdZtJ5aHQeLLlv+H3O9gp+ABqVSDl3WkRj8Be6q0L4Y7ZdUW4s=
x-amz-meta-s3b-last-modified
20210222T144939Z
faculty_choti_michael.jpg
per16.s3.us-east-1.amazonaws.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://per16.s3.us-east-1.amazonaws.com/faculty_choti_michael.jpg
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.66.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1a77ce742c1410022d9f2504f85ff8171a3b8cb7f450891d328db191a95fa9fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Mon, 22 Feb 2021 15:03:23 GMT
Server
AmazonS3
x-amz-request-id
PVPXWWSKAQ803NBX
ETag
"4cb4849d2eb02d16b3c7e610d9a24b41"
x-amz-meta-sha256
1a77ce742c1410022d9f2504f85ff8171a3b8cb7f450891d328db191a95fa9fe
x-amz-version-id
ocQPQEjO7eoD6wMJ.ZFRNeAPowO14bKc
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
5208
x-amz-id-2
7H89eV2rcZ4QI8+NtPO4CWm/CQutAjbkJ+EF58Ogp01pKLwHTo8o/1+j4/Y0ENBQ0tqMYOzLYn0=
x-amz-meta-s3b-last-modified
20210222T144956Z
22b90c27-ab98-4eed-ad5b-4b24ef6d8414.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/1/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/1/22b90c27-ab98-4eed-ad5b-4b24ef6d8414.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ec2286f912e07daa77884bb547a6ac3bc351c7fc1e584b86fff255744bfc0b02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Thu, 06 Aug 2020 15:31:57 GMT
Server
AkamaiNetStorage
ETag
"3bfc6b8977f706cce60681d3072231af:1596727917.902498"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12052
bbb.png
emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-02-22/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-02-22/bbb.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.153.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b3f529e1bf12d847b89c8188506832bf09a6f137dbf21ecc890f63fb7035c394

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 10 Mar 2021 18:41:47 GMT
x-amz-meta-cb-modifiedtime
Wed, 03 Mar 2021 17:42:45 GMT
Server
AmazonS3
x-amz-request-id
8B02AAC8BHWNMP3H
ETag
"ee67892d35a56bd6dbb925cede454bb9"
x-amz-version-id
DKJd28bDjZYPZlOQfx55cqLicqtKa_Tk
Last-Modified
Wed, 03 Mar 2021 17:44:00 GMT
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
12574
x-amz-id-2
YWL/TJbBuku9aECOuayvQ/DWHktbJmufexXFGlGq9/LfvWGAc/7OAo8E1CbjkXvQoFSnyluJ1/c=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
7fd9e8b1e0b357e68b0a7e316f7d3c1ddcffbf10564e0f7e3c81cc3b474608e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"807 / 37 of 1000 / last-modified: 1615378750"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19877
x-xss-protection
0
expires
Wed, 10 Mar 2021 18:41:46 GMT
35551ae2-aef1-431d-aafa-4490cf9cfdb9.png
image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.email.gotoper.com/lib/fe3715707564067e761c77/m/2/35551ae2-aef1-431d-aafa-4490cf9cfdb9.png
Requested by
Host: emedeventslive.s3-us-west-2.amazonaws.com
URL: https://emedeventslive.s3-us-west-2.amazonaws.com/uploads/newsletters/2021-03-04/PER-102.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:b543 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fa01dc2afd59ea934b3d207e2743f6ebfeeb19b97c95a9918a2ef83764cae54f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Mar 2021 18:41:48 GMT
Last-Modified
Tue, 08 Dec 2020 10:05:57 GMT
Server
AkamaiNetStorage
ETag
"e8f9b9b316528e772fee988fcf22759f:1607421957.882862"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26261
pubads_impl_2021030401.js
securepubads.g.doubleclick.net/gpt/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 09:38:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101872
x-xss-protection
0
expires
Wed, 10 Mar 2021 18:41:46 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=emedeventslive.s3-us-west-2.amazonaws.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Mar 2021 18:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=emedeventslive.s3-us-west-2.amazonaws.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Mar 2021 18:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		453 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=579216419708111&correlator=324538726988306&output=ldjh&impl=fif&eid=31060385%2C31060396&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210310&iu_parts=21848388897%2CIABBB-Dynamic-Seal&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1615030146&dt=1615401706967&dlt=1615401706478&idt=473&frm=20&biw=1600&bih=1200&oid=3&adxs=1063&adys=1983&adks=4230685883&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Femedeventslive.s3-us-west-2.amazonaws.com%2Fuploads%2Fnewsletters%2F2021-03-04%2FPER-102.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=190x89&msz=190x1&ga_vid=668801353.1615401707&ga_sid=1615401707&ga_hid=2142683669&ga_fc=false&fws=0&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
a15fe8903080969817b90bf08ad05a7c5367d365a7a03c4c199608fd12fa682d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:41:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://emedeventslive.s3-us-west-2.amazonaws.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
84cc07de73e87ad897c599dcc0391ee1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://84cc07de73e87ad897c599dcc0391ee1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74cd4d678c8d0b99030a2269a10a1a5221bc19253b71954b3a50eb3fb76d9593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Mar 2021 18:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6447
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Wed, 10 Mar 2021 18:41:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 49DC 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Wed, 10 Mar 2021 15:49:12 GMT
expires
Thu, 10 Mar 2022 15:49:12 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10356
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 49DC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 18:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Thu, 10 Mar 2022 18:28:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=579216419708111&bg=!eHulezjNAAUO7zDoDjsAKQB2-Dxa1wTiL-1_ekrFH3Yis9yhs15oLqD3Ry6QKXqWZKe_X-FRECQBAgAAAEtSAAAAC2gBBwoAibE1wEoznb5wNc8mIpJL2-xL3JL49BERuvOAmqoOvicSHoIbJUZLvfNr4Nx7WdzWytgZqQf6cDz1i82Nl9Yjzmlsn_W6OpfUjIFToxtQvdQ38A-ZJZJ5BLEF8RNzVeyQ7Gtjlnl_wfEvF3XfMMjxbzX6yOT5mK_CRqmQnPBf7pBjumTLg4xaeA2hmQIzeOFOdiIp90-g0KH4TjOrnSULYHz4oJGE8Jxe-g7FdRXx1YqEhLTyEvVRRrUgrsDyj8JRwE59X6ukls0rDrY_226DgIRsBYWvnBs0xzrGWAc7oX4sbdhGrNmE12aoyJHV5Pma870uYI3paDtfn2i5UZJkb4UCcxFDC0JMO5vaGTBqRDv3Hm77S7z_4Ojz7nFrH2_7fgHxCOCY2wZVZgEbh2wHsuiPJb1C2fYLCNffsS1F5fyy00gTMXupX_wHS3tM3mBP4kFH-vVf1HXErNNeNxrU8Ek-xrdoXPBjtFOVBeYwM_5PlSjrh-8ARBRblL62cioHkjjBtca3sgb5xoT7HxM5ETdmTxz1YY-5-yfGgtPwjjfHLGuBQK4hleHWFwJT720UmlPZAuT-1ppaF8rveLD7EXYG53RPmfLSPAhJShYlFCmQJoazZg-Sj9CewDMrTyUwCNwv4Nq7PajzG9kUTR6wQU1eGRqwOenEoZjb6ug_kbrI-LJcgJGpbDwUh2p_wdkJnvloQcsPtvTzyFbcDCiHDjofWl4eSe621yxLD69qC52EwfwHecGupb08xojMMrCSJOWKWQCoPzI1bvrPCv4v1VvQcUmSYQ2Sa936VrBVN3VLC81vi6MHMsb4jwqN_mS3oH4H-okqbQv6yx1nnI1zdVEbpImxYh8bkEP4rZxAdByvdANxNFdGj21bO1CFDkYMnHYyD51zJRrnWTKrfwXJySiptzTVBIQ3vjig4HobeFk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 18:41:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

84cc07de73e87ad897c599dcc0391ee1.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
beacon.krxd.net
click.email.gotoper.com
emedeventslive.s3-us-west-2.amazonaws.com
image.email.gotoper.com
pagead2.googlesyndication.com
per16.s3.us-east-1.amazonaws.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
u9366208.ct.sendgrid.net
13.111.186.217
167.89.118.35
172.217.18.98
2a00:1450:4001:800::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a02:26f0:64::210:b543
52.217.66.248
52.218.153.217
52.31.77.198
0e79850038d28800d8d0f96324a7cec3d91ff3c68b5ac45e6e1d57c6af87b949
19e289ef35b8d6afbbc19600896ce4101929f2b0bee4262b0901b45894f14955
1a77ce742c1410022d9f2504f85ff8171a3b8cb7f450891d328db191a95fa9fe
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
2116230dfd4025eb854fad5381ca46875429570e34a6ecc547300942403ddb67
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
5cf3ba0f50e45f0a0b2ef98f043eaa3c236f79d2e6b4cdd66e643e3473ca9fa0
74cd4d678c8d0b99030a2269a10a1a5221bc19253b71954b3a50eb3fb76d9593
754d6f01d5721e026c9488571aee336efc4b574feeecde73c51c84333bc979cb
7849d471bf313e040f77bc392fa4cfcad4e6507c52789de5bfc78baa4c51497e
7fd9e8b1e0b357e68b0a7e316f7d3c1ddcffbf10564e0f7e3c81cc3b474608e9
997af1812fa1a8552ef19c8a3323c10d786c793197f90c76c589c5a59883eb0b
a15fe8903080969817b90bf08ad05a7c5367d365a7a03c4c199608fd12fa682d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18eecf5f1bfdd811c67c00ba5945458ed19f3fa04c32bee01a98bd1a5aaa31e
b3f529e1bf12d847b89c8188506832bf09a6f137dbf21ecc890f63fb7035c394
b4903966021a5d21e1e075177e3e4b4db42a7d326f92f988dc375bc42b1065cc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e501a0e8ebeb7a4abdebf488d3dab3b9e23a848d7e59c6ac8e751c55ef78ff27
ec2286f912e07daa77884bb547a6ac3bc351c7fc1e584b86fff255744bfc0b02
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa01dc2afd59ea934b3d207e2743f6ebfeeb19b97c95a9918a2ef83764cae54f