urlscan.io logo urlscan.io
SecurityTrails logo

www.lfg.com Open in urlscan Pro
2.16.186.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lfg.quadientcloud.com/api/query/Messenger/TrackerQuery?Uri=xciedZM5JTqiGpuutXC%2bSA5P4pEhTCttC07KYocqCvBodHRwczovL3d3d...
Effective URL: https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c...
Submission: On April 05 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2.16.186.121, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.lfg.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 7th 2020. Valid for: 2 years.
This is the only time www.lfg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.141.211.57 8075 (MICROSOFT...)
1 2.16.186.121 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
7 2
Apex Domain
Subdomains		 Transfer
6 gstatic.com
fonts.gstatic.com
154 KB
1 lfg.com
www.lfg.com
1 KB
1 quadientcloud.com
lfg.quadientcloud.com
653 B
7 3
Domain Requested by
6 fonts.gstatic.com
1 www.lfg.com
1 lfg.quadientcloud.com 1 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
www.lfg.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-07 -
2022-04-08		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c_statementreadynotice_Q2_2020%20&utm_medium=email&utm_source=rps_quadient&utm_content=edelivery_ppt_dc-edel-eml002_z03_Q2_login_btn&elqid=~~eloqua..type--emailfield..syntax--Eloqua_ID1..innerText--Eloqua_ID1..encodeFor--url~~
Frame ID: 71E7CD99EE57051114EBAF2AD6D4071C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://lfg.quadientcloud.com/api/query/Messenger/TrackerQuery?Uri=xciedZM5JTqiGpuutXC%2bSA5P4pEhTCttC07KY... HTTP 302
    https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&... Page URL

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

155 kB
Transfer

213 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lfg.quadientcloud.com/api/query/Messenger/TrackerQuery?Uri=xciedZM5JTqiGpuutXC%2bSA5P4pEhTCttC07KYocqCvBodHRwczovL3d3dy5sZmcuY29tL3B1YmxpYy9ib3VuY2U%2fZGVzdF91cmw9aHR0cHM6Ly9odWIyLmxmZy5jb20vb2FhbV9zZXJ2ZXIvb2FtTG9naW5QYWdlLmpzcCAmdXRtX2NhbXBhaWduPXJwc19iMmNfc3RhdGVtZW50cmVhZHlub3RpY2VfUTJfMjAyMCAmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPXJwc19xdWFkaWVudCZ1dG1fY29udGVudD1lZGVsaXZlcnlfcHB0X2RjLWVkZWwtZW1sMDAyX3owM19RMl9sb2dpbl9idG4mZWxxaWQ9fn5lbG9xdWEuLnR5cGUtLWVtYWlsZmllbGQuLnN5bnRheC0tRWxvcXVhX0lEMS4uaW5uZXJUZXh0LS1FbG9xdWFfSUQxLi5lbmNvZGVGb3ItLXVybH5%2b&Data=q10SwhqsAI1YpE%2fEOAC0Mq17nMFGrnKm9Dhmp5koKLIzOTM4NzI1MjYtMzEtMA%3d%3d HTTP 302
    https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c_statementreadynotice_Q2_2020%20&utm_medium=email&utm_source=rps_quadient&utm_content=edelivery_ppt_dc-edel-eml002_z03_Q2_login_btn&elqid=~~eloqua..type--emailfield..syntax--Eloqua_ID1..innerText--Eloqua_ID1..encodeFor--url~~ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bounce
www.lfg.com/public/
Redirect Chain
  • https://lfg.quadientcloud.com/api/query/Messenger/TrackerQuery?Uri=xciedZM5JTqiGpuutXC%2bSA5P4pEhTCttC07KYocqCvBodHRwczovL3d3dy5sZmcuY29tL3B1YmxpYy9ib3VuY2U%2fZGVzdF91cmw9aHR0cHM6Ly9odWIyLmxmZy5jb2...
  • https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c_statementreadynotice_Q2_2020%20&utm_medium=email&utm_source=rps_quadient&utm_con...
284 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c_statementreadynotice_Q2_2020%20&utm_medium=email&utm_source=rps_quadient&utm_content=edelivery_ppt_dc-edel-eml002_z03_Q2_login_btn&elqid=~~eloqua..type--emailfield..syntax--Eloqua_ID1..innerText--Eloqua_ID1..encodeFor--url~~
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-121.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
576f097587b37b1941090fd5febdbc53e95888f1c472447155c2bd5cb8023491

Request headers

:method
GET
:authority
www.lfg.com
:scheme
https
:path
/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c_statementreadynotice_Q2_2020%20&utm_medium=email&utm_source=rps_quadient&utm_content=edelivery_ppt_dc-edel-eml002_z03_Q2_login_btn&elqid=~~eloqua..type--emailfield..syntax--Eloqua_ID1..innerText--Eloqua_ID1..encodeFor--url~~
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
284
cache-control
max-age=0
expires
Mon, 05 Apr 2021 18:21:33 GMT
date
Mon, 05 Apr 2021 18:21:33 GMT
set-cookie
AKA_A2=A; expires=Mon, 05-Apr-2021 19:21:33 GMT; path=/; domain=lfg.com; secure; HttpOnly
server-timing
cdn-cache; desc=MISS edge; dur=9111 origin; dur=0
link
<https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxP.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc9.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc9.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzc.ttf>;rel="preload";as="font";type="font/ttf";crossorigin,<https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYag.ttf>;rel="preload";as="font";type="font/ttf";crossorigin

Redirect headers

Date
Mon, 05 Apr 2021 18:21:23 GMT
Content-Length
0
Connection
keep-alive
Location
https://www.lfg.com/public/bounce?dest_url=https://hub2.lfg.com/oaam_server/oamLoginPage.jsp%20&utm_campaign=rps_b2c_statementreadynotice_Q2_2020%20&utm_medium=email&utm_source=rps_quadient&utm_content=edelivery_ppt_dc-edel-eml002_z03_Q2_login_btn&elqid=~~eloqua..type--emailfield..syntax--Eloqua_ID1..innerText--Eloqua_ID1..encodeFor--url~~
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v20/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxP.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lfg.com
Referer
https://www.lfg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 12:45:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
538569
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36176
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:45:24 GMT
KFOlCnqEu92Fr1MmEU9fBBc9.ttf
fonts.gstatic.com/s/roboto/v20/ 		36 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc9.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
719df7954428f52779f3fa18641c19fc854b39394193d87eea5a61795dec8dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lfg.com
Referer
https://www.lfg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 11:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26408
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20908
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 11:01:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v20/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lfg.com
Referer
https://www.lfg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 15:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96739
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20796
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:59 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Apr 2022 15:29:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc9.ttf
fonts.gstatic.com/s/roboto/v20/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc9.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4c96f55c265e0a80be4243a16f7e88b9a67c85b71b4e2aa8cea4e1aa989b0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lfg.com
Referer
https://www.lfg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 13:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105173
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20827
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:53 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Apr 2022 13:08:40 GMT
KFOkCnqEu92Fr1Mu51xIIzc.ttf
fonts.gstatic.com/s/roboto/v20/ 		37 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzc.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dfa4684ad9c52a1a97d91764ef1d404c15dd95ed20f00a2f9f3f4d11df2abf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lfg.com
Referer
https://www.lfg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 17:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260857
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22299
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 17:53:56 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYag.ttf
fonts.gstatic.com/s/robotocondensed/v19/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYag.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18f06892dd904d12a6c25bc8270fdefdd4b86ae38fcb77f027c23647ffe0503c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lfg.com
Referer
https://www.lfg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 07:19:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
298898
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35948
x-xss-protection
0
expires
Sat, 02 Apr 2022 07:19:55 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
.lfg.com/ Name: AKA_A2
Value: A