urlscan.io logo urlscan.io
SecurityTrails logo

pages.mgic.com Open in urlscan Pro
104.17.71.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://em.mgic.com/v/ODgxLVdZTy01NTUAAAGBOgakdpQ-10KKiXnSbrh2VM5NTc8ZXWp8iCIZDua_HibFNGPpYPJi7AbEBTR0hpB9wNGddss=?u...
Effective URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuU...
Submission: On December 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 104.17.71.206, located in and belongs to CLOUDFLARENET, US. The main domain is pages.mgic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 23rd 2021. Valid for: a year.
This is the only time pages.mgic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.17.73.206 13335 (CLOUDFLAR...)
6 104.17.71.206 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 18.66.122.122 16509 (AMAZON-02)
1 3 192.124.249.130 30148 (SUCURI-SEC)
2 2a00:1450:400... 15169 (GOOGLE)
21 6
3    104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)
em.mgic.com
6    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
pages.mgic.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    18.66.122.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-122.fra60.r.cloudfront.net
client-data.knak.io
3    192.124.249.130 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10130.sucuri.net
loanofficerhub.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 mgic.com
em.mgic.com
pages.mgic.com
55 KB
7 knak.io
client-data.knak.io
165 KB
3 loanofficerhub.com
loanofficerhub.com
195 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 googleapis.com
fonts.googleapis.com
2 KB
21 5
Domain Requested by
7 client-data.knak.io pages.mgic.com
6 pages.mgic.com em.mgic.com
pages.mgic.com
3 loanofficerhub.com 1 redirects pages.mgic.com
3 em.mgic.com 1 redirects pages.mgic.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com pages.mgic.com
21 6

This site contains links to these domains. Also see Links.

Domain
em.mgic.com
Subject Issuer Validity Valid
em.mgic.com
Cloudflare Inc ECC CA-3		 2021-09-20 -
2022-09-19		 a year crt.sh
pages.mgic.com
Cloudflare Inc ECC CA-3		 2021-08-23 -
2022-08-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
knak.io
Amazon		 2021-02-17 -
2022-03-18		 a year crt.sh
loanofficerhub.com
Starfield Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Frame ID: 87D1159873445674572C170AD20AC708
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Top Mortgage Headlines | Q4 2021

Page URL History Show full URLs

  1. https://em.mgic.com/v/ODgxLVdZTy01NTUAAAGBOgakdpQ-10KKiXnSbrh2VM5NTc8ZXWp8iCIZDua_HibFNGPpYPJi7A... Page URL
  2. https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqil... Page URL

Page Statistics

21
Requests

90 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

446 kB
Transfer

575 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://em.mgic.com/v/ODgxLVdZTy01NTUAAAGBOgakdpQ-10KKiXnSbrh2VM5NTc8ZXWp8iCIZDua_HibFNGPpYPJi7AbEBTR0hpB9wNGddss=?utm_source=marketo&utm_medium=email&utm_campaign=ICYMI&utm_content=Q4-2021 Page URL
  2. https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://loanofficerhub.com/-/media/loan-officer-hub/author-headshots/Todd-Duncan-250.jpg?h=170&iar=0&w=170&mode=crop&hash=9A60BA2E75301C5EDD00F2C7C3672759 HTTP 301
  • https://loanofficerhub.com/-/media/loan-officer-hub/author-headshots/todd-duncan-250.jpg?h=170&iar=0&w=170&mode=crop&hash=9A60BA2E75301C5EDD00F2C7C3672759
Request Chain 11
  • https://em.mgic.com/trk?t=1&mid=${mktmail.QpMarketoId} HTTP 302
  • https://em.mgic.com/images/downloadPicture.gif

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODgxLVdZTy01NTUAAAGBOgakdpQ-10KKiXnSbrh2VM5NTc8ZXWp8iCIZDua_HibFNGPpYPJi7AbEBTR0hpB9wNGddss=
em.mgic.com/v/ 		499 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://em.mgic.com/v/ODgxLVdZTy01NTUAAAGBOgakdpQ-10KKiXnSbrh2VM5NTc8ZXWp8iCIZDua_HibFNGPpYPJi7AbEBTR0hpB9wNGddss=?utm_source=marketo&utm_medium=email&utm_campaign=ICYMI&utm_content=Q4-2021
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603f9dee9d460b1b2b47dcbd5d7963e21b0949cfc964b2e7c124b82df9b31b71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 08 Dec 2021 21:20:17 GMT
content-type
text/html
cache-control
private, no-cache, no-store, max-age=0
x-content-type-options
nosniff
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ba909699ca14ab5-FRA
content-encoding
gzip
Primary Request emailWebview
pages.mgic.com/index.php/email/ 		72 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Requested by
Host: em.mgic.com
URL: https://em.mgic.com/v/ODgxLVdZTy01NTUAAAGBOgakdpQ-10KKiXnSbrh2VM5NTc8ZXWp8iCIZDua_HibFNGPpYPJi7AbEBTR0hpB9wNGddss=?utm_source=marketo&utm_medium=email&utm_campaign=ICYMI&utm_content=Q4-2021
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f38cbaabb0352b41e6aba0b1f4cbddfea506998de2e7f1b154bee94edabcef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://em.mgic.com/

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ba9096dcb9d4a80-FRA
content-encoding
gzip
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 19:41:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Dec 2021 21:20:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Dec 2021 21:20:18 GMT
css
fonts.googleapis.com/ 		6 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29bc8d1584c12a05db9ac9637886359eb8688bb718cd946ff177dcca7cafd81b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 19:36:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Dec 2021 21:20:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Dec 2021 21:20:18 GMT
1bEbPqOUyydwWth37dh0xTjyl1DmIcenNMecALLb.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/1bEbPqOUyydwWth37dh0xTjyl1DmIcenNMecALLb.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcce3d55ae5e2d5b090d08f2ca0d8feaf00c246b46c69f36b27c51e935c7a661

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
WVI4bQI.PJWam.XCn1.fs6YIhQK14TQi
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"f5e8ef659dc6b2c4d367a1b56d0f032a"
age
43519
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
23828
x-amz-id-2
SWAlDUbDSbhQkk4i0S1BMxPtLk71AYuv5vmxI/6VfD0xI4d6rCw55wsxhn8JL2JnmFFqy+wCUYE=
last-modified
Thu, 21 Oct 2021 03:49:00 GMT
server
AmazonS3
date
Wed, 08 Dec 2021 17:16:31 GMT
x-amz-request-id
1H91WDT5NHTC7QSD
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
NjI2g4RwBHrZO3ButNiN-GWI1UP-GQXirnggUvXS0YldZotBnwyoAA==
todd-duncan-250.jpg
loanofficerhub.com/-/media/loan-officer-hub/author-headshots/
Redirect Chain
  • https://loanofficerhub.com/-/media/loan-officer-hub/author-headshots/Todd-Duncan-250.jpg?h=170&iar=0&w=170&mode=crop&hash=9A60BA2E75301C5EDD00F2C7C3672759
  • https://loanofficerhub.com/-/media/loan-officer-hub/author-headshots/todd-duncan-250.jpg?h=170&iar=0&w=170&mode=crop&hash=9A60BA2E75301C5EDD00F2C7C3672759
10 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loanofficerhub.com/-/media/loan-officer-hub/author-headshots/todd-duncan-250.jpg?h=170&iar=0&w=170&mode=crop&hash=9A60BA2E75301C5EDD00F2C7C3672759
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Server
192.124.249.130 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10130.sucuri.net
Software
nginx /
Resource Hash
c22794db8b87e80ba5330e7da4a7070f9f57c9612deb38ce34f7924fcc656e2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.azurewebsites.net/; img-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com data: https://img.youtube.com/ *.buzzsprout.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ *.monsido.com *.vidyard.com *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.marketo.com/ https://munchkin.marketo.net https://ajax.googleapis.com https://www.youtube.com/ *.buzzsprout.com/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.google.com https://static.ads-twitter.com https://www.googleadservices.com https://www.gstatic.com/ https://connect.facebook.net *.hotjar.com *.monsido.com https://snap.licdn.com; style-src 'self' 'unsafe-inline' *.mgic.com *.readynest.com *.loanofficerhub.com *.buzzsprout.com/ https://fonts.googleapis.com *.marketo.com; font-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://fonts.gstatic.com/; media-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/; frame-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/ https://www.google.com/ https://player.vimeo.com *.marketo.com; connect-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.google-analytics.com/ https://stats.g.doubleclick.net *.monsido.com *.mktoresp.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff always
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
x-content-type-options
nosniff, nosniff always
x-sucuri-cache
HIT
content-disposition
inline; filename="Todd-Duncan-250.jpg"
content-length
10186
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 09 Nov 2021 19:43:13 GMT
server
nginx
x-frame-options
SAMEORIGIN, sameorigin
etag
bba52e6c8ad348c48a3daa5a7c1da11b
expect-ct
max-age=86400, enforce
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15030
content-security-policy
upgrade-insecure-requests;, default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.azurewebsites.net/; img-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com data: https://img.youtube.com/ *.buzzsprout.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ *.monsido.com *.vidyard.com *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.marketo.com/ https://munchkin.marketo.net https://ajax.googleapis.com https://www.youtube.com/ *.buzzsprout.com/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.google.com https://static.ads-twitter.com https://www.googleadservices.com https://www.gstatic.com/ https://connect.facebook.net *.hotjar.com *.monsido.com https://snap.licdn.com; style-src 'self' 'unsafe-inline' *.mgic.com *.readynest.com *.loanofficerhub.com *.buzzsprout.com/ https://fonts.googleapis.com *.marketo.com; font-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://fonts.gstatic.com/; media-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/; frame-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/ https://www.google.com/ https://player.vimeo.com *.marketo.com; connect-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.google-analytics.com/ https://stats.g.doubleclick.net *.monsido.com *.mktoresp.com;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 08 Dec 2021 21:20:18 GMT
x-content-type-options
nosniff, nosniff always
server
nginx
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN, sameorigin
content-type
text/html; charset=UTF-8
location
https://loanofficerhub.com/-/media/loan-officer-hub/author-headshots/todd-duncan-250.jpg?h=170&iar=0&w=170&mode=crop&hash=9A60BA2E75301C5EDD00F2C7C3672759
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15030
content-security-policy
upgrade-insecure-requests;, default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.azurewebsites.net/; img-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com data: https://img.youtube.com/ *.buzzsprout.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ *.monsido.com *.vidyard.com *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.marketo.com/ https://munchkin.marketo.net https://ajax.googleapis.com https://www.youtube.com/ *.buzzsprout.com/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.google.com https://static.ads-twitter.com https://www.googleadservices.com https://www.gstatic.com/ https://connect.facebook.net *.hotjar.com *.monsido.com https://snap.licdn.com; style-src 'self' 'unsafe-inline' *.mgic.com *.readynest.com *.loanofficerhub.com *.buzzsprout.com/ https://fonts.googleapis.com *.marketo.com; font-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://fonts.gstatic.com/; media-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/; frame-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/ https://www.google.com/ https://player.vimeo.com *.marketo.com; connect-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.google-analytics.com/ https://stats.g.doubleclick.net *.monsido.com *.mktoresp.com;
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
293
x-xss-protection
1; mode=block, 1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
3-tips-to-finish-the-year-strong.jpg
loanofficerhub.com/-/media/loan-officer-hub/blog-art/ 		179 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loanofficerhub.com/-/media/loan-officer-hub/blog-art/3-tips-to-finish-the-year-strong.jpg?h=620&iar=0&w=1000&mode=crop&scale=both&hash=7646541A7829A08DEB1414F2987B6F8D
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.130 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10130.sucuri.net
Software
nginx /
Resource Hash
39cc0563a4835ccdd3616ad6824083c09b5c0ae596effca08877ff9ddbb5dbfa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.azurewebsites.net/; img-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com data: https://img.youtube.com/ *.buzzsprout.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ *.monsido.com *.vidyard.com *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.marketo.com/ https://munchkin.marketo.net https://ajax.googleapis.com https://www.youtube.com/ *.buzzsprout.com/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.google.com https://static.ads-twitter.com https://www.googleadservices.com https://www.gstatic.com/ https://connect.facebook.net *.hotjar.com *.monsido.com https://snap.licdn.com; style-src 'self' 'unsafe-inline' *.mgic.com *.readynest.com *.loanofficerhub.com *.buzzsprout.com/ https://fonts.googleapis.com *.marketo.com; font-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://fonts.gstatic.com/; media-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/; frame-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/ https://www.google.com/ https://player.vimeo.com *.marketo.com; connect-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.google-analytics.com/ https://stats.g.doubleclick.net *.monsido.com *.mktoresp.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff always
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
x-content-type-options
nosniff, nosniff always
x-sucuri-cache
HIT
content-disposition
inline; filename="3-tips-to-finish-the-year-strong.jpg"
content-length
183696
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 09 Nov 2021 19:43:14 GMT
server
nginx
x-frame-options
SAMEORIGIN, sameorigin
etag
de313dbfbca848648c8f1dea2c0fc3f4
expect-ct
max-age=86400, enforce
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15030
content-security-policy
upgrade-insecure-requests;, default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.azurewebsites.net/; img-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com data: https://img.youtube.com/ *.buzzsprout.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ *.monsido.com *.vidyard.com *.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.mgic.com *.readynest.com *.loanofficerhub.com *.marketo.com/ https://munchkin.marketo.net https://ajax.googleapis.com https://www.youtube.com/ *.buzzsprout.com/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.google.com https://static.ads-twitter.com https://www.googleadservices.com https://www.gstatic.com/ https://connect.facebook.net *.hotjar.com *.monsido.com https://snap.licdn.com; style-src 'self' 'unsafe-inline' *.mgic.com *.readynest.com *.loanofficerhub.com *.buzzsprout.com/ https://fonts.googleapis.com *.marketo.com; font-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://fonts.gstatic.com/; media-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/; frame-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.youtube.com/ *.buzzsprout.com/ https://www.google.com/ https://player.vimeo.com *.marketo.com; connect-src 'self' *.mgic.com *.readynest.com *.loanofficerhub.com https://www.google-analytics.com/ https://stats.g.doubleclick.net *.monsido.com *.mktoresp.com;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
K7k9ZlEeK6lSuBMAwCLb.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/versions/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/versions/K7k9ZlEeK6lSuBMAwCLb.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1df09cf31130719c5c6326656e8346373751933c7c213188f10824aeecb7773b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 15:14:25 GMT
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
age
21954
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
103147
x-amz-id-2
DZ3V3sMtvBT6QgylhXwNFlxfJ6NjYe2s2JUWm8lN8X1AHUOSfA89Dfw/VxGhbvFy1j+tj4sbeew=
last-modified
Mon, 29 Nov 2021 21:03:17 GMT
server
AmazonS3
etag
"1bdb4912ae7851793c877919f89384c5"
x-amz-request-id
GRC1FWM11VCPFSZB
x-amz-version-id
bcSZftfERH7KsXogRYfYvvysGaaQi.RD
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
nuf3Aevi_iVDDSVBgvWuhhqxhGfIGaUI_4ADN9Bf_lkf03H-jYOD-Q==
BTwyOEk5kmUTF7wD4GLtoyPeUANDAlMJ4GGJU8x2.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/ 		745 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/BTwyOEk5kmUTF7wD4GLtoyPeUANDAlMJ4GGJU8x2.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc9e77499759a7b3b388d3d25e864a8638271f871748a81098b1a135bd0e8a41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
oKWX4aLELW_.yBJDUMuK4kdGkt0QLUdB
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"e8b30adbc500533ab72cb0df026b4153"
age
42093
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
745
x-amz-id-2
mO2cF3zrGQYyzx5dECqrPFAWuwZYCRk7UalZbJnBeBCtJOwpOfJtmLc5X4No8UmUH7VsxjPKMDs=
last-modified
Thu, 21 Oct 2021 03:49:01 GMT
server
AmazonS3
date
Wed, 08 Dec 2021 17:16:31 GMT
x-amz-request-id
1H98AA2APF7NWMH5
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
BI86ci6_pSqFcQoQOVygh8wShhvl828vIxEV_dDY-rse3hjKybx0Wg==
2LL9nNJVN4GvPFp25t1O61rBvOfMh7lWpjCYFr5Y.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/ 		779 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/2LL9nNJVN4GvPFp25t1O61rBvOfMh7lWpjCYFr5Y.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29a5f6e79be501fc5625853c606022b4bd8e8397fd2f7acb95b19255af41443b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
9J7em7jQGkNo.mi5XQTV_.hHQHxIKm19
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"177340ff58ebcea8b1ad2ef3d6296dd8"
age
28668
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
779
x-amz-id-2
6kWOHa/sEMabpsmK4IlxSrUVK986TnBytIg6blun/QfpMNeyX8shEHMC5DL945oWfi8iZplGUFQ=
last-modified
Thu, 21 Oct 2021 03:49:00 GMT
server
AmazonS3
date
Wed, 08 Dec 2021 13:22:30 GMT
x-amz-request-id
P0E1F3ZHX8D3399X
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
lisDkoC3VnlAkobdOmEkUgyu-1z-GrNjRzCOGam6GfddXdPY0TbYag==
rZxvG7MwnLHcS8BNKeL55wzVCLJJbooLnxLuxZAs.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/ 		772 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/rZxvG7MwnLHcS8BNKeL55wzVCLJJbooLnxLuxZAs.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fe0cb435b50a8cb391713fbccf0978c5e14170d837406417e5f8c273bb09e04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
nFdwYnKeQqK.fMFvtVWTF4V6iKfuw96X
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"858f1f4a71cee0b48b26c3400a57b179"
age
42093
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
772
x-amz-id-2
1VVZFtrQSwjMDU/+r8D85P3hXdATCoFjIWMu7YXiunNwAr4aN/+6DQF34IPITyRwlpmHBUE0E2U=
last-modified
Thu, 21 Oct 2021 03:49:05 GMT
server
AmazonS3
date
Wed, 08 Dec 2021 17:16:31 GMT
x-amz-request-id
1H94XT1FEEVDM12S
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
pOgXoJUkeCH-kgjR5Wsig8xE4bzY7hby7qXoDGaDzsXWemyizmuMqQ==
AYnxJ2o44WdQe0CNy92TZIYICEm2Ed83zMlZbgJ0.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/AYnxJ2o44WdQe0CNy92TZIYICEm2Ed83zMlZbgJ0.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88bfc218e5ec7e515f3bb495f4b7c28e53125f0cfcfc2855d3de489c014900f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
nfSVO0JZ8nus1rNgkcNDhtWxge1PRf9V
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"ce1c21752a9bf6735917578327a1c1b2"
age
42093
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
717
x-amz-id-2
rQ3o/dYT7ml55Yew3CiKfU5W6kE9sqwafIgClEYoycZVeymKg/7AgHj1n9RfEpyiz4QhxPTvc5o=
last-modified
Thu, 21 Oct 2021 03:49:01 GMT
server
AmazonS3
date
Wed, 08 Dec 2021 17:16:31 GMT
x-amz-request-id
1H95GPC4NRR9PT4S
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
7R-VQZ99mWFC5ebrrrwcDfD2B9hbnkOSO-QO8UGD5x_4Hp6ZnjCxkA==
downloadPicture.gif
em.mgic.com/images/
Redirect Chain
  • https://em.mgic.com/trk?t=1&mid=${mktmail.QpMarketoId}
  • https://em.mgic.com/images/downloadPicture.gif
43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://em.mgic.com/images/downloadPicture.gif
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:21 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Mon, 01 Nov 2021 17:55:34 GMT
server
cloudflare
etag
"2000e6-2b-5cfbde22e3180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
6ba90982fbbe4ab5-FRA
content-length
43
expires
Wed, 08 Dec 2021 21:21:21 GMT

Redirect headers

date
Wed, 08 Dec 2021 21:20:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
/images/downloadPicture.gif
cache-control
private, no-cache, no-store, max-age=0
cf-ray
6ba90972c9c44ab5-FRA
jquery-1.8.2.min.js
pages.mgic.com/js/public/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.mgic.com/js/public/jquery-1.8.2.min.js
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3228
content-length
33397
last-modified
Tue, 12 Oct 2021 18:01:53 GMT
server
cloudflare
etag
"25205a9-16cfb-5ce2ba3f1c640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6ba90972c8ec4a80-FRA
expires
Thu, 09 Dec 2021 01:20:18 GMT
forwardemail.js
pages.mgic.com/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.mgic.com/js/forwardemail.js
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3227
content-length
1959
last-modified
Tue, 12 Oct 2021 18:01:54 GMT
server
cloudflare
etag
"250199a-1efb-5ce2ba4010880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6ba90972c8f14a80-FRA
expires
Thu, 09 Dec 2021 01:20:18 GMT
forwardemail.css
pages.mgic.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pages.mgic.com/css/forwardemail.css
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3228
content-length
908
last-modified
Tue, 12 Oct 2021 18:01:57 GMT
server
cloudflare
etag
"25009e3-e2b-5ce2ba42ecf40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6ba90972c8f44a80-FRA
expires
Thu, 09 Dec 2021 01:20:18 GMT
stripmkttok.js
pages.mgic.com/js/ 		2 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.mgic.com/js/stripmkttok.js
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5303
content-length
678
last-modified
Tue, 12 Oct 2021 18:01:54 GMT
server
cloudflare
etag
"441486-602-5ce2ba4010880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6ba90972c8f64a80-FRA
expires
Thu, 09 Dec 2021 01:20:18 GMT
lKRRf6vsXk8Pw4IrnxffyoVyFB1LXogtPD5dp7Fb.png
client-data.knak.io/production/email_assets/5fbe8cfe0e18e/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client-data.knak.io/production/email_assets/5fbe8cfe0e18e/lKRRf6vsXk8Pw4IrnxffyoVyFB1LXogtPD5dp7Fb.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-122.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5a75da55121b872b0ff3a05adfb7aaba923bc5bd7827b85c5ab285e0a56b329

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
wr2ZZ14DfEYzYkuV4TIMkUUKVoFk24H0
via
1.1 2816426ad1adbedbdd23d4cdf80c2de3.cloudfront.net (CloudFront)
etag
"48df61520c9a531b1ff867814f38d443"
age
5839
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
35248
x-amz-id-2
V1xmXCoo0UzMG0SRiM/4M/xMIdnnhVqFOzupfOjFlKTByJlazKqDMKUkAr2V+0Y5CKskMvjVUdM=
last-modified
Thu, 21 Oct 2021 03:49:05 GMT
server
AmazonS3
date
Wed, 08 Dec 2021 20:03:15 GMT
x-amz-request-id
GKE7ANH1KR5MDJF1
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
4FdeYp8jsIjM7-a9eCLXo47NL4AzbuZJPySGOvNxYuL202ajR1nqjA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.mgic.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
459630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 13:39:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.mgic.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:56:19 GMT
x-content-type-options
nosniff
age
12239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 17:56:19 GMT
ftf_arrows.png
pages.mgic.com/images/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.mgic.com/images/icons/ftf_arrows.png
Requested by
Host: pages.mgic.com
URL: https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.mgic.com/index.php/email/emailWebview?ftf=true&mkt_tok=ODgxLVdZTy01NTUAAAGBOgakdlDqiljCRYojc8PWHXtT5_aEuUSnHaRn0plvHkHTR6MCRJw34XxyDkPI3tkAQ7kmqnvnerYgXkuV5CR6Ba0IQP46SWe_R29yZKO-vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 21:20:18 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Oct 2021 18:01:41 GMT
server
cloudflare
etag
"4818f8-ca8-5ce2ba33aab40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
6ba909738ab24a80-FRA
content-length
3240
expires
Wed, 08 Dec 2021 21:21:18 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery string| __mktTokVal

5 Cookies

Domain/Path Name / Value
em.mgic.com/ Name: BIGipServersj_mailtracking_http
Value: !5NQwYYc+ZKLOlQ2PurFYsUVmfdh2KA6iwNYejkcrv+p2LgYC1phcz3Ss+IKl7Vq9CgT24ZcUXcMSOIA=
.em.mgic.com/ Name: __cf_bm
Value: v9a.bFAdbEBRY7U_uSi.6ICnoipyVEYzZR2cU89lL_4-1638998417-0-AdQuE4aGhb+Q3dGocjeCTgczDrzH5y3JoH7p7SqoTjy9Uf2YkTAEWnQvJnuG4Mw6x4rzLMfm4f6taohCaYQzxU8=
pages.mgic.com/ Name: BIGipServersj13web-nginx-app_https
Value: !f70ktZgX5F5QoG+PurFYsUVmfdh2KAW+lZtU9dBlucUCvi5VRie6v9pGbUIkQFBEdu2KfCBlRCM4UkI=
.pages.mgic.com/ Name: __cf_bm
Value: uTlgKqstkg507EEroBPHmJulgk3.FCwpYRgmIoOe.mg-1638998418-0-AWLjpH+mfFzg9k8gx/QRxi28azKXOGQQGuxbqNdmatZJiLo24x6hNgL/FM9N5PZ9nosaIrKEIrP31ufraOMJqMU=
.loanofficerhub.com/ Name: ARRAffinitySameSite
Value: ce14181747e3054d48558d4957842f2c70d396c8da20889ca820e15c6efa8b7d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client-data.knak.io
em.mgic.com
fonts.googleapis.com
fonts.gstatic.com
loanofficerhub.com
pages.mgic.com
104.17.71.206
104.17.73.206
18.66.122.122
192.124.249.130
2a00:1450:4001:803::200a
2a00:1450:4001:82a::2003
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1df09cf31130719c5c6326656e8346373751933c7c213188f10824aeecb7773b
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
29a5f6e79be501fc5625853c606022b4bd8e8397fd2f7acb95b19255af41443b
29bc8d1584c12a05db9ac9637886359eb8688bb718cd946ff177dcca7cafd81b
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
39cc0563a4835ccdd3616ad6824083c09b5c0ae596effca08877ff9ddbb5dbfa
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
603f9dee9d460b1b2b47dcbd5d7963e21b0949cfc964b2e7c124b82df9b31b71
6fe0cb435b50a8cb391713fbccf0978c5e14170d837406417e5f8c273bb09e04
88bfc218e5ec7e515f3bb495f4b7c28e53125f0cfcfc2855d3de489c014900f9
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
a5a75da55121b872b0ff3a05adfb7aaba923bc5bd7827b85c5ab285e0a56b329
b2f38cbaabb0352b41e6aba0b1f4cbddfea506998de2e7f1b154bee94edabcef
c22794db8b87e80ba5330e7da4a7070f9f57c9612deb38ce34f7924fcc656e2a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
dc9e77499759a7b3b388d3d25e864a8638271f871748a81098b1a135bd0e8a41
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fcce3d55ae5e2d5b090d08f2ca0d8feaf00c246b46c69f36b27c51e935c7a661