click1.email.riskandinsurance.com
Open in
urlscan Pro
74.214.203.11
Public Scan
Submitted URL: http://click1.email.riskandinsurance.com/ViewMessage.do?m=mtccpnnc&r=hqsvncwmwq&s=pcdqclwwjjmhjrfyggtrlfgdtgrrddslvmy&q=1690891800&a=view
Effective URL: http://click1.email.riskandinsurance.com/ViewMessage.do;jsessionid=BC38FAFC2DC40F00C2F4325ECA104202
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE
Effective URL: http://click1.email.riskandinsurance.com/ViewMessage.do;jsessionid=BC38FAFC2DC40F00C2F4325ECA104202
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE
Summary
This website contacted 4 IPs
in 2 countries
across 3 domains to perform 15 HTTP transactions.
The main IP is 74.214.203.11, located in
United States and
belongs to AMAZON-AES, US.
The main domain is click1.email.riskandinsurance.com.
This is the only time click1.email.riskandinsurance.com was scanned on urlscan.io!
This is the only time click1.email.riskandinsurance.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 74.214.203.11 74.214.203.11 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 4 | 2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
| 8 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 96.46.128.252 96.46.128.252 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 15 | 4 |
4
2a03:2880:f083:9:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
96.46.128.252
(United States)
ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com
ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com
| 46e15a.efeedbacktrk.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
riskandinsurance.com
click1.email.riskandinsurance.com riskandinsurance.com — Cisco Umbrella Rank: 512290 |
654 KB |
| 4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170 |
177 KB |
| 1 |
efeedbacktrk.com
46e15a.efeedbacktrk.com |
466 B |
| 15 | 3 |
| Domain | Requested by | |
|---|---|---|
| 8 | riskandinsurance.com |
click1.email.riskandinsurance.com
|
| 4 | connect.facebook.net |
click1.email.riskandinsurance.com
connect.facebook.net |
| 2 | click1.email.riskandinsurance.com | |
| 1 | 46e15a.efeedbacktrk.com |
click1.email.riskandinsurance.com
|
| 15 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.email.riskandinsurance.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-05-11 - 2023-08-09 |
3 months | crt.sh |
| riskandinsurance.com Cloudflare Inc ECC CA-3 |
2023-06-16 - 2024-06-14 |
a year | crt.sh |
| *.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2 |
2023-03-19 - 2024-04-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://click1.email.riskandinsurance.com/ViewMessage.do;jsessionid=BC38FAFC2DC40F00C2F4325ECA104202
Frame ID: 0F80D982F8275F4A07729AE7E72F90B5
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Mental Health Matters: How Insurance Can Make a Difference Risk&InsurancePage URL History Show full URLs
- http://click1.email.riskandinsurance.com/ViewMessage.do?m=mtccpnnc&r=hqsvncwmwq&s=pcdqclwwjjmhjrfyggtrlfgdtgrrddslvmy... Page URL
- http://click1.email.riskandinsurance.com/ViewMessage.do;jsessionid=BC38FAFC2DC40F00C2F4325ECA104202 Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Mautic
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- [^a-z]mtc.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.email.riskandinsurance.com/Unsub.do?a=u&e=combsp%40grangeinsurance.com&mid=19551&sid=276BB335-13A0-4EED-A60E-8DEAA88F6954&rid=1056862&lid=4
Title: unsubscribe
Title: unsubscribe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://click1.email.riskandinsurance.com/ViewMessage.do?m=mtccpnnc&r=hqsvncwmwq&s=pcdqclwwjjmhjrfyggtrlfgdtgrrddslvmy&q=1690891800&a=view Page URL
- http://click1.email.riskandinsurance.com/ViewMessage.do;jsessionid=BC38FAFC2DC40F00C2F4325ECA104202 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://connect.facebook.net/en_US/all.js HTTP 307
- https://connect.facebook.net/en_US/all.js
- http://connect.facebook.net/en_US/all.js HTTP 307
- https://connect.facebook.net/en_US/all.js
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
ViewMessage.do
click1.email.riskandinsurance.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.js
connect.facebook.net/en_US/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.js
connect.facebook.net/en_US/ |
309 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
Primary Request
ViewMessage.do;jsessionid=BC38FAFC2DC40F00C2F4325ECA104202
click1.email.riskandinsurance.com/ |
83 KB 83 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.js
connect.facebook.net/en_US/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.js
connect.facebook.net/en_US/ |
309 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WorkersCompForumLogo-1.png
riskandinsurance.com/wp-content/uploads/2018/11/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RILogo_300x23_KF.jpg
riskandinsurance.com/wp-content/uploads/2013/11/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Newsletter-WCF-Banner-Aug2023-JPG.jpg
riskandinsurance.com/wp-content/uploads/2023/07/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
GettyImages-1436010616.jpg
riskandinsurance.com/wp-content/uploads/2023/07/ |
129 KB 129 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Harvey_Warren-700.jpg
riskandinsurance.com/wp-content/uploads/2023/06/ |
244 KB 244 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
MicrosoftTeams-image-13-700.jpg
riskandinsurance.com/wp-content/uploads/2023/07/ |
74 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Predict_and_Prevent_logo.png
riskandinsurance.com/wp-content/uploads/2023/05/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Medrisk-Large-Logo.png
riskandinsurance.com/wp-content/uploads/2022/04/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
etrszhjjyybfryvdftcclfvhdcfplcvvppkhqbtytdhtt_xbcdgrbsbvtdbcgscdsgg.gif
46e15a.efeedbacktrk.com/ |
68 B 466 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FB object| __buffer1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| click1.email.riskandinsurance.com/ | Name: JSESSIONID Value: 6D65E656123441D99A70109299A07BA8 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
46e15a.efeedbacktrk.com
click1.email.riskandinsurance.com
connect.facebook.net
riskandinsurance.com
2a03:2880:f083:9:face:b00c:0:3
2a06:98c1:3121::3
74.214.203.11
96.46.128.252
06776ca43ce6d12e73dae59f772fd33c3387c24a30c72b2eaa661123a6cf4989
16cf2200610dd25f7bc9d7aaed575dd58d6054f6dff1425151bcdc7173b77e1b
16dbbc060af1ef222d0602e1d7005d26f20642888f02d3ca3d02522fe2375541
1b9c47dfc39e0f0f3934caf1099f95a3db610d489262983bb4b53919866cd865
2a63ec4911a62e2be56f4b9278bf4e5ffa098ee6e91ffbd64753a220e3bd5120
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
309e80a12c1f5a6b9b24d0200a05497d0547967d1861c131074f7489b46a5506
43e061040c76fa4ba45e9c1205f6c325b2dc954dd4e70a0a374657cf4c4aaf29
94e6c9169388bb69ef1ee3c8d0290f8cf6ea22101517ef9e11c8892ffbacb430
ac72447569fd933c7fa6f531d3c6c1440122c69e17946639be44007b8b97201e
b9090910d6239d9908a555fb831dcc31b60382c1791eb3279d3b0d46a56033cf
b9d4a4778b37a6c24e7ab0ec24c58dda22fccf87ef7654b432d49a37e7dc7b0b
d863c8051108f61ddf5cc92d049e72dbb4155f0a37d182c4952a6c249ebc9496