linkmktg.nationalunderwriter.com Open in urlscan Pro
3.222.82.214 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Submission Tags: falconsandbox
Submission: On December 28 via api (December 28th 2023, 4:52:05 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 3.222.82.214, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is linkmktg.nationalunderwriter.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.

This is the only time linkmktg.nationalunderwriter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	3.222.82.214 3.222.82.214	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	52.216.214.96 52.216.214.96	16509 (AMAZON-02) (AMAZON-02)
5	18.239.83.32 18.239.83.32	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
11	6

2 3.222.82.214 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com

linkmktg.nationalunderwriter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.214.96 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.239.83.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-32.ams58.r.cloudfront.net

media.sailthru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d5a (United States)

ASN13335 (CLOUDFLARENET, US)

imageserver.amlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sailthru.com media.sailthru.com — Cisco Umbrella Rank: 12224	2 MB
2	gstatic.com fonts.gstatic.com	31 KB
2	nationalunderwriter.com 1 redirects linkmktg.nationalunderwriter.com	7 KB
1	amlaw.com imageserver.amlaw.com — Cisco Umbrella Rank: 60829	3 KB
1	amazonaws.com s3.amazonaws.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
11	6

	Domain	Requested by
5	media.sailthru.com	linkmktg.nationalunderwriter.com
2	fonts.gstatic.com	fonts.googleapis.com
2	linkmktg.nationalunderwriter.com	1 redirects
1	imageserver.amlaw.com	linkmktg.nationalunderwriter.com
1	s3.amazonaws.com	linkmktg.nationalunderwriter.com
1	fonts.googleapis.com	linkmktg.nationalunderwriter.com
11	6

This site contains links to these domains. Also see Links.

Domain
linkmktg.alm.com

Subject Issuer	Validity	Valid
linkmktg.nationalunderwriter.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
media.sailthru.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
amlaw.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Frame ID: 1B11CAB3CD10400C8C587A049FB45892
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1643 kB
Transfer

1684 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://linkmktg.alm.com/click/33751077.5036/aHR0cHM6Ly93d3cuYWxtLmNvbS9wcml2YWN5LXBvbGljeS1uZXcvP3V0bV9zb3VyY2U9ZW1haWwmdXRtX21lZGl1bT1wcm9tbyZ1dG1fY2FtcGFpZ249bnVjby1ob2xpZGF5cHJvbW8yMDIzLWNsYWltcyZ1dG1fY29udGVudD0yMDIzMTIyOCZ1dG1fdGVybT1udWNv/5ef5ea7bf6424f64f700ac54Bf25bfceb
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://linkmktg.alm.com/click/33751077.5036/aHR0cHM6Ly93d3cuYWxtLmNvbS90ZXJtcy1vZi11c2UvP3V0bV9zb3VyY2U9ZW1haWwmdXRtX21lZGl1bT1wcm9tbyZ1dG1fY2FtcGFpZ249bnVjby1ob2xpZGF5cHJvbW8yMDIzLWNsYWltcyZ1dG1fY29udGVudD0yMDIzMTIyOCZ1dG1fdGVybT1udWNv/5ef5ea7bf6424f64f700ac54Ba9384a05
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://linkmktg.nationalunderwriter.com/img/5ef5ea7bf6424f64f700ac54k3ehx.3vw/ec7c7bfd.gif HTTP 302
https://s3.amazonaws.com/sailthru-media/6ii/1k4/6/3/5ed7c3f82bc35.gif

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request b29614a9 Show response
linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/ 43 KB
6 KB 506ms
180ms Document
text/html 3.222.82.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.82.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-82-214.compute-1.amazonaws.com
Software: Sailthru /
Resource Hash: a9e292a7afbfc0bfb624eab05d87275306ae97fc54f3fec760823147defb3fc2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 5721
content-type: text/html; charset=utf-8
date: Thu, 28 Dec 2023 16:52:00 GMT
server: Sailthru
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700;900&display=swap

Requested by

Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ab69aea6be997b229e6bf55f3343cdc7f5c97d5ffbb106a0ae04f4d927155f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 16:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 16:01:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 16:52:01 GMT

GET
H/1.1

200
OK

5ed7c3f82bc35.gif
s3.amazonaws.com/sailthru-media/6ii/1k4/6/3/
Redirect Chain

https://linkmktg.nationalunderwriter.com/img/5ef5ea7bf6424f64f700ac54k3ehx.3vw/ec7c7bfd.gif
https://s3.amazonaws.com/sailthru-media/6ii/1k4/6/3/5ed7c3f82bc35.gif

822 B
1 KB

319ms
118ms

Image
image/gif

52.216.214.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sailthru-media/6ii/1k4/6/3/5ed7c3f82bc35.gif
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Server: 52.216.214.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ece59d6d5796d72d12e36abfbea72557d2c910895f90e890489b213008f6bfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 16:52:02 GMT
Last-Modified: Wed, 03 Jun 2020 15:38:33 GMT
Server: AmazonS3
x-amz-request-id: 4Q6Q51XPNBEWJCJ2
ETag: "2f517a12cebc287376b09ed25b26f7d2"
Content-Type: image/gif
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Content-Length: 822
x-amz-id-2: 01ADM8u+yaNqbh5nqQnJa29dWroZXSfAuhWBsPtjjSK5ZAbQnM45MREj/eZi4qvHpz0qf1/lshE=

Redirect headers

date: Thu, 28 Dec 2023 16:52:01 GMT
server: Sailthru
content-type: text/html; charset=UTF-8
location: https://s3.amazonaws.com/sailthru-media/6ii/1k4/6/3/5ed7c3f82bc35.gif
cache-control: no-cache, no-store
connection: close
x-robots-tag: noindex
content-length: 0

GET
H/1.1 200
OK ALM%20Cobrand_PC360%20%26%20UN_Vertical-ko.png
media.sailthru.com/composer/images/sailthru-prod-6ii/NU_PC360/ 89 KB
90 KB 75ms
21ms Image
image/png 18.239.83.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-6ii/NU_PC360/ALM%20Cobrand_PC360%20%26%20UN_Vertical-ko.png
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-32.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 805c1d86685ee29c582ae2fd3c051744897d86abe14f0ac072216dd1a250d4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 16:50:00 GMT
Via: 1.1 6a29cf21ce984f6a6d3f67cb902ef37e.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Nov 2023 23:03:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P5
Age: 890
x-amz-server-side-encryption: AES256
ETag: "d912ab30ef7d06d984552c768c20bf38"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91569
X-Amz-Cf-Id: Kp6zMmbMXU-tcu6ih3LmoWeckUlKYiIcfoxrKFaoEZiKs_JR6LQ_2A==

GET
H/1.1 200
OK Financial%20Planning.png
media.sailthru.com/composer/images/sailthru-prod-6ii/NU_PC360/ 193 KB
193 KB 79ms
26ms Image
image/png 18.239.83.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-6ii/NU_PC360/Financial%20Planning.png
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-32.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5670c385b58649a250775c6f0b620031449927441f030a875eaa0cdb70a5a7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 16:52:01 GMT
Via: 1.1 c27d2e9d4c6e59d1b92ac8671f0bfb9c.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 23:54:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P5
Age: 3070
x-amz-server-side-encryption: AES256
ETag: "0ee5e95221a893f84f55b791000877c2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197284
X-Amz-Cf-Id: c2trH3Pe1_FATwxr-bdGyOLD4xUdMPtmr8abJG6n8dKe42nWlE45EA==

GET
H/1.1 200
OK Estate%20Planning.png
media.sailthru.com/composer/images/sailthru-prod-6ii/NU_PC360/ 479 KB
480 KB 74ms
22ms Image
image/png 18.239.83.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-6ii/NU_PC360/Estate%20Planning.png
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-32.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959b11b83346839ca879d81cdc987eaae93ad9eb31cf3ab5c85af8ed9f5ad3e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 16:23:25 GMT
Via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 23:54:46 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P5
Age: 2453
x-amz-server-side-encryption: AES256
ETag: "f56eb19efe322951706b742bb0f6ceb3"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 490795
X-Amz-Cf-Id: okHOwphX2sAKGcjAuXJqmto-0bQvyMyr3CXGBHVCgjxceDDCTBPKZw==

GET
H/1.1 200
OK 4649b9a6-1591-42f1-a492-f85319355ace.png
media.sailthru.com/composer/images/sailthru-prod-6ii/editor_images/ 21 KB
22 KB 75ms
22ms Image
image/png 18.239.83.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-6ii/editor_images/4649b9a6-1591-42f1-a492-f85319355ace.png
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-32.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 344769a2205b27ef8de991666b046339a8017fb8ba8352c1e9a4b6b1d2a25d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 16:23:24 GMT
Via: 1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
Last-Modified: Fri, 19 May 2023 22:02:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P5
Age: 2207
x-amz-server-side-encryption: AES256
ETag: "7a97fd746a02f483ab348b56c99c7b34"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21663
X-Amz-Cf-Id: N2XtV3cWtb7DlZwx2SEPioyeoMnxo6TUfkUrK8HVRA4EB8M8B-THsg==

GET
H2 200 ALM-email_transparnt_color.png
imageserver.amlaw.com/publications/ 3 KB
3 KB 261ms
220ms Image
image/png 2606:4700::6812:d5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/publications/ALM-email_transparnt_color.png
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 298810ee9592a83961fa7d69cf6ee611e5eea10fe5fef2cc4b0ec2181743ad5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 16:52:01 GMT
via: NS-CACHE-10.0: 55
cf-cache-status: REVALIDATED
last-modified: Sat, 05 Mar 2022 07:27:30 GMT
server: cloudflare
etag: "05ddb786230d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83cb4fb2f9b39bd4-FRA
content-length: 2562
expires: Thu, 28 Dec 2023 20:52:01 GMT

GET
H/1.1 200
OK f53492f2-cec8-431b-b855-1d1a1fe9be9d.gif
media.sailthru.com/composer/images/sailthru-prod-6ii/editor_images/ 815 KB
816 KB 43ms
16ms Image
image/gif 18.239.83.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-6ii/editor_images/f53492f2-cec8-431b-b855-1d1a1fe9be9d.gif
Requested by: Host: linkmktg.nationalunderwriter.com
URL: https://linkmktg.nationalunderwriter.com/view/5ef5ea7bf6424f64f700ac54k3ehx.3vw/b29614a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-32.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c255db65b1a5a62cb2e07cc4a40bda36fd8209c225ff1c8a0bf1974d4787ebf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linkmktg.nationalunderwriter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 16:43:35 GMT
Via: 1.1 459ec09472abb8544521a9b5cc6706ce.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Dec 2022 19:04:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P5
Age: 1177
ETag: "5075c1993789889d6d57fe502a32102d"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 834935
X-Amz-Cf-Id: 58MlJFQ2E0Yp4mUaaHxgseaXi_KNGB2B8JMOrv0hr-IhprnkEJ49tw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkmktg.nationalunderwriter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:28:03 GMT
x-content-type-options: nosniff
age: 257038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 17:28:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkmktg.nationalunderwriter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 201482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:53:59 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
linkmktg.nationalunderwriter.com/img/5ef5ea7bf6424f64f700ac54k3ehx.3vw	1970-01-20 17:16:22	Name: sail_fwd Value: 1703782321
.nationalunderwriter.com/	1970-01-21 02:02:19	Name: sailthru_hid Value: f359d64e4f4d41ca23f434d030e521e95ef5ea7bf6424f64f700ac54cbe7f9cdd1aa7e3a4ccb5637c0b381e3
.nationalunderwriter.com/	1970-01-20 17:26:27	Name: sailthru_bid Value: 33751077.00005036

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
imageserver.amlaw.com
linkmktg.nationalunderwriter.com
media.sailthru.com
s3.amazonaws.com
18.239.83.32
2606:4700::6812:d5a
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
3.222.82.214
52.216.214.96
298810ee9592a83961fa7d69cf6ee611e5eea10fe5fef2cc4b0ec2181743ad5e
344769a2205b27ef8de991666b046339a8017fb8ba8352c1e9a4b6b1d2a25d0f
5670c385b58649a250775c6f0b620031449927441f030a875eaa0cdb70a5a7e1
7ab69aea6be997b229e6bf55f3343cdc7f5c97d5ffbb106a0ae04f4d927155f3
805c1d86685ee29c582ae2fd3c051744897d86abe14f0ac072216dd1a250d4bc
959b11b83346839ca879d81cdc987eaae93ad9eb31cf3ab5c85af8ed9f5ad3e0
a9e292a7afbfc0bfb624eab05d87275306ae97fc54f3fec760823147defb3fc2
c255db65b1a5a62cb2e07cc4a40bda36fd8209c225ff1c8a0bf1974d4787ebf6
ece59d6d5796d72d12e36abfbea72557d2c910895f90e890489b213008f6bfd1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

linkmktg.nationalunderwriter.com Open in urlscan Pro 3.222.82.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

1643 kBTransfer

1684 kBSize

3 Cookies

2 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

Indicators

linkmktg.nationalunderwriter.com Open in urlscan Pro
3.222.82.214 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1643 kB
Transfer

1684 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions