go2.innmktgsm1.com Open in urlscan Pro
104.17.71.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go2.inndts.com/v/NzMyLVdNRS05MDMAAAGEpJL_gT_8iHHl8sFb6mPfSl2B7A03xwn8M_Va-FTjDviKsthkCOQs9KN3Hg-otZoS-4kuSW0=
Effective URL:
https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6Zajb...
Submission: On May 27 via manual (May 27th 2022, 1:17:38 pm UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 104.17.71.206, located in and belongs to CLOUDFLARENET, US. The main domain is go2.innmktgsm1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.

This is the only time go2.innmktgsm1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	143.204.98.20 143.204.98.20	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.103 143.204.98.103	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
23	6

3 104.17.72.206 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go2.inndts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go2.innmktgsm1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-20.fra50.r.cloudfront.net

d15k2d11r6t6rl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net

app-rsrc.getbee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	5 KB
6	innmktgsm1.com go2.innmktgsm1.com	46 KB
3	inndts.com 1 redirects go2.inndts.com	1 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	cloudfront.net d15k2d11r6t6rl.cloudfront.net	251 KB
1	getbee.io app-rsrc.getbee.io — Cisco Umbrella Rank: 14914	2 KB
23	6

	Domain	Requested by
10	fonts.googleapis.com	go2.innmktgsm1.com
6	go2.innmktgsm1.com	go2.inndts.com go2.innmktgsm1.com
3	go2.inndts.com	1 redirects go2.innmktgsm1.com
2	fonts.gstatic.com	fonts.googleapis.com
2	d15k2d11r6t6rl.cloudfront.net	go2.innmktgsm1.com
1	app-rsrc.getbee.io	go2.innmktgsm1.com
23	6

This site contains links to these domains. Also see Links.

Domain
go2.inndts.com

Subject Issuer	Validity	Valid
go2.inndts.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
go2.innmktgsm1.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.getbee.io Amazon	`2022-03-05` - `2023-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
Frame ID: A0421DDFCAB621B4BC3E3E29B4520D83
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go2.inndts.com/v/NzMyLVdNRS05MDMAAAGEpJL_gT_8iHHl8sFb6mPfSl2B7A03xwn8M_Va-FTjDviKsthkCOQs9K... Page URL
https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpP... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

337 kB
Transfer

430 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://go2.inndts.com/ol/h0xXeMDLdlhd6BAlucu0B_C9zHiVIsn79vEwX6C0ioIuy0d6P6GCaRG-0IUXEYE1bO3DUUQUGpQ8kEpLFL3FOoVJ_qhOCk-xUDLrzrLSbp9DcJRy0dFnsauq1SYQo9nfyg2eUBdZFSYqZw6YarQTkTC6YchzDlPQqD3ELZMxnXVOw_s,/j0BRccTIKVlNoVdlsbPWN7q9zSLFeNaytLNwR-L1ndg720Fwc_6AKkTogcBFGYB9UsehBgoDXqFs4S5qCumtU4Fiy_JEX0TkX2Tyi7Xle4JFLJpp8dhNyayL6lNV__Cmv33tKGgrUFtAWwGleY8D1jC3AKYJDlSK31HQMZ51pikCh64e7IqaKpbgzH-I9hXE5zC4Z3lZ_di15HO6HKx9yvURkEVw3l0gaczzzCfR9qUCpwI9-f9Opwp_pNVwLcJJ0wreaXb0_NmqbuRkTu2gwtM,
Title: REGISTER

Search URL Search Domain Scan URL

URL: https://go2.inndts.com/ol/h0xXd8HLdlhd6BAlucu0B_C9zHiVIsn79vEwX6C0ioIuy0d6P6GCaRG-0IUXEYE1bO3DUUQUGpQ8kEpLFL3FOoVJ_qhOCk-xUDLrzrLSbp9DcJRy0dFnsauq1SYQo9nfyg2eUBdZFSYqZw6YarQTkTC6YchzDlPWrT3ELZMxnXVOw_s,/j0BRccTOLFlNoVdlsbPWN7q9zSLFeNaytLNwR-L1ndg720Fwc_6AKkTogcBFGYB9UsehBgoDXqFs4S5qCumtU4Fiy_JEX0TkX2Tyi7Xle4JFLJpp8dhNyayL6lNV__Cmv33tKGgrUFtAWwGleY8D1jC3AKYJDlSK31HQMZ51pikCh64e7IqaKpbgzH-I9hXE5zC4Z3lZ_di15HO6HKx9yvURkEVw3l0gaczzzCfR9qUCpwI9-f9Opwp_pNVwLcJJ0wreaXb0_NmqbuRkTu2gwtM,
Title: RESERVE A SEAT

Search URL Search Domain Scan URL

URL: https://go2.inndts.com/ol/h0xXeMzHdlhd6BAlucu0B_C9zHiVIsn79vEwX6C0ioIuy0d6P6GCaRG-0IUXEYE1bO3DUUQUGpQ8kEpLFL3FOoVJ_qhOCk-xUDLrzrLSbp9DcJRy0dFnsauq1SYQo9nfyg2eUBdZFSYqZw6YarQTkTC6YchyDlLXrT3ELZMxnXVOw_s,/j0BQccXPLFlNoVdlsbPWNb760TnJdJOtv7VzR_Tp34A91kVuc-LWd0jhhtxHHYY7c-zTBQMEEt1yzwBNDumacpMN8_teRB6_Uy_AlK7RMqNUXK1f6sVPzZv1jU0hh_yjs3vpGWUif3ZUdDa-O7JwtAvNYccueimW_mKXD4YpnjsSv6U1gbf_Sr-c-CKi_kHwvx2qLUhT6u6d-mmrXbt6tNNViUwi_HwjUvLg1yzgzJgjpTUC3_pn3zVt-_dTE9A_10GeRnKxxYPyQ7B8EIQ,

Search URL Search Domain Scan URL

URL: https://go2.inndts.com/ol/h0xYccbNdlhd6BAlucu0B_C9zHiVIsn79vEwX6C0ioIuy0d6P6GCaRG-0IUXEYE1bO3DUUQUGpQ8kEpLFL3FOoVJ_qhOCk-xUDLrzrLSbp9DcJRy0dFnsauq1SYQo9nfyg2eUBdZFSYqZw6YarQTkTC6YchyCFrfoj3ELZMxnXVOw_s,/j0BQd83HI1lNoVdlsbPWJaa_0TzOdJWjr7tuBKao0cAzln1wYfnNK0L9gdFULJM1YKeWFQ8cTJ1q1DNNFPOAfpND6PxfDhzjHjb0lJ7OYIYTX65exe1X-4aX6zBQh_mvs33tLmoeal1TYz6NWZxyiW3XBrpyCA6i0GrFLNEZnSIKlqc-zqP8WOeD91ujpEbN6QPdHHVk_e-VxVqsOY47uccuuxUS5VYyUeXZ8SPz25srjSA35tVdmww93_5_K-hb-US-DDP7st3ZQ-JiGqfgoQ,,
Title: Manage Email Preferences

Search URL Search Domain Scan URL

URL: https://go2.inndts.com/ol/h0xZccXMdlhd6BAlucu0B_C9zHiVIsn79vEwX6C0ioIuy0d6P6GCaRG-0IUXEYE1bO3DUUQUGpQ8kEpLFL3FOoVJ_qhOCk-xUDLrzrLSbp9DcJRy0dFnsauq1SYQo9nfyg2eUBdZFSYqZw6YarQTkTC6YcN6C1vUrj3ELZMxnXVOw_s,/j0tYdMzML1lNoVcspLOONb6jljvOfoy79b9yBKjr2dsBzUd1L8LVFVjDvtd_LqFiMMS6LCMxMrdE0CZ0JeetbLBjqPgNO3eYCWzypYvLa5QYS7V53tJ7xbCUj0VRndGqkQ3OAko4E1lIfR-zZ5AmlAjwYbIzcAfTzHbHIasmszoesaQj2LatcaCN0WWwp23E4T6vB0gq05OM8gruLZVgl48T7XA,
Title: inndts.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go2.inndts.com/v/NzMyLVdNRS05MDMAAAGEpJL_gT_8iHHl8sFb6mPfSl2B7A03xwn8M_Va-FTjDviKsthkCOQs9KN3Hg-otZoS-4kuSW0= Page URL
https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://go2.inndts.com/trk?t=1&mid=${mktmail.QpMarketoId} HTTP 302
https://go2.inndts.com/images/downloadPicture.gif

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NzMyLVdNRS05MDMAAAGEpJL_gT_8iHHl8sFb6mPfSl2B7A03xwn8M_Va-FTjDviKsthkCOQs9KN3Hg-otZoS-4kuSW0=
go2.inndts.com/v/ 555 B
1 KB 610ms
129ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.inndts.com/v/NzMyLVdNRS05MDMAAAGEpJL_gT_8iHHl8sFb6mPfSl2B7A03xwn8M_Va-FTjDviKsthkCOQs9KN3Hg-otZoS-4kuSW0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-J8WP4r86HD2fxyJ49mKTkTIQBptkfwKlUJbOhv/sz9g=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 711f08071d71995a-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-J8WP4r86HD2fxyJ49mKTkTIQBptkfwKlUJbOhv/sz9g=';object-src 'none';form-action 'none';frame-src 'none'
content-type: text/html
date: Fri, 27 May 2022 13:17:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 Primary Request emailWebview Show response
go2.innmktgsm1.com/index.php/email/ 27 KB
6 KB 1140ms
1050ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q

Requested by

Host: go2.inndts.com
URL: https://go2.inndts.com/v/NzMyLVdNRS05MDMAAAGEpJL_gT_8iHHl8sFb6mPfSl2B7A03xwn8M_Va-FTjDviKsthkCOQs9KN3Hg-otZoS-4kuSW0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de8497f0317f56d198e5873ef6a0bee65f092b1b81785398d7dd1d9dc73c73dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go2.inndts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 711f0808895891fc-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 May 2022 13:17:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 722 B
875 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abril+Fatface

Requested by

Host: go2.innmktgsm1.com
URL: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 11:31:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 378 B
377 B 42ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dac70bf6eb33edc4858d4431e1ff7eb7cdb28aad422ce5ef0ecfbb99e9f2bc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 12:16:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
598 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10f258f566ac632b83610f3970743e1a74a6340798860be6e2c4a691386819ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 11:44:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 395 B
386 B 41ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Permanent+Marker

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 13:16:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 41ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d1254a3e2f72ad012c7675c42cf63b7ec7aff462a8be78469204830bd85ed12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 12:12:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
551 B 42ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdb47a4dd6d4123cf2de3d2dbf2452c94e769d545ae676eb121b87e5474ac275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 12:43:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 44ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 11:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
589 B 45ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45e43159ca2c58f634733eecaeb1db37105a01c2ed88679c54b4e7d28424a34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 11:40:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 677 B
433 B 48ms
26ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7a8e11272b8269b6e75d369163fc11d45525ebf7eb8e8c99abbcc90902a606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 12:24:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
528 B 47ms
26ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df90ce8fad4083e3702a114b32f0f59a76da21f1b34b0af1a8ece9d62f3b15e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 27 May 2022 12:34:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 27 May 2022 13:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 May 2022 13:17:33 GMT

GET
H2 200 CDWLOGO.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/521840_502590/ 3 KB
3 KB 44ms
10ms Image
image/png 143.204.98.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/521840_502590/CDWLOGO.png
Requested by: Host: go2.innmktgsm1.com
URL: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-20.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c25b5f8760c4917e01d34510be44776745caf1d632abbd1393233ef4702d720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:00:20 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 16:40:32 GMT
server: AmazonS3
age: 1034
etag: "41eb627cedc3b45eae231a3a1f2dd146"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2663
x-amz-cf-id: SPiE3DRCnAFWLaYIl56n8QU4s8okcR3Od4PXS6okHGz9Ed51g2jhVw==

GET
H2 200 ransomware.jpeg
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/521840_502590/ 247 KB
248 KB 45ms
12ms Image
image/jpeg 143.204.98.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/521840_502590/ransomware.jpeg
Requested by: Host: go2.innmktgsm1.com
URL: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-20.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575178c414227f597c0e2571e11d55c42ee776558fa653eb144f5ef59e7a1b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:00:19 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
last-modified: Tue, 07 Dec 2021 17:30:04 GMT
server: AmazonS3
age: 1035
etag: "74d264ed1de9f384bd6d7305f693dc3a"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 253403
x-amz-cf-id: SOlcGNs1W71IwUKaEM_FfO29dBoqjVJP4J1c5hoahwp7QwuyWbIx-A==

GET
H2 200 linkedin@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/circle-color/ 2 KB
2 KB 84ms
24ms Image
image/png 143.204.98.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-rsrc.getbee.io/public/resources/social-networks-icon-sets/circle-color/linkedin@2x.png
Requested by: Host: go2.innmktgsm1.com
URL: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ced501d2eb40b9d7a3d214a9dfbf38798b8501458712cc420bd59fd8401fe19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 16:36:02 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jan 2019 10:16:37 GMT
server: AmazonS3
age: 74493
etag: "0ba592a7fc446c5d38f4b9e246f462ca"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1945
x-amz-cf-id: QFM0-REwpgb23f9W0c68uuFRUXl6NbqfH-czA3pIBTF3A2d4Q5_Znw==
x-amz-meta-s3b-last-modified: 20180109T142505Z

GET
H2

200

downloadPicture.gif
go2.inndts.com/images/
Redirect Chain

https://go2.inndts.com/trk?t=1&mid=${mktmail.QpMarketoId}
https://go2.inndts.com/images/downloadPicture.gif

43 B
208 B

139ms
139ms

Image
image/gif

104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go2.inndts.com/images/downloadPicture.gif

Requested by

Protocol

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:17:34 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 18 May 2022 20:28:33 GMT
server: cloudflare
etag: "5400f6-2b-5df4f19dede40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 711f08100ab9995a-FRA
content-length: 43
expires: Fri, 27 May 2022 13:18:34 GMT

Redirect headers

date: Fri, 27 May 2022 13:17:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: /images/downloadPicture.gif
cache-control: private, no-cache, no-store, max-age=0
cf-ray: 711f080f38f8995a-FRA

GET
H2 200 jquery-1.8.2.min.js Show response
go2.innmktgsm1.com/js/public/ 91 KB
33 KB 131ms
128ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.innmktgsm1.com/js/public/jquery-1.8.2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 03:46:41 GMT
server: cloudflare
etag: "1e80bcc-16cfb-5de135b4bea40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 711f080f3aaf91fc-FRA
content-length: 33397
expires: Fri, 27 May 2022 17:17:34 GMT

GET
H2 200 forwardemail.js Show response
go2.innmktgsm1.com/js/ 8 KB
2 KB 140ms
138ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.innmktgsm1.com/js/forwardemail.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 03:46:42 GMT
server: cloudflare
etag: "1e60596-1efb-5de135b5b2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 711f080f3ab191fc-FRA
content-length: 1959
expires: Fri, 27 May 2022 17:17:34 GMT

GET
H2 200 forwardemail.css
go2.innmktgsm1.com/css/ 4 KB
1 KB 129ms
126ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.innmktgsm1.com/css/forwardemail.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 03:46:46 GMT
server: cloudflare
etag: "1e21df7-e2b-5de135b983580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 711f080f3ab491fc-FRA
content-length: 908
expires: Fri, 27 May 2022 17:17:34 GMT

GET
H2 200 stripmkttok.js Show response
go2.innmktgsm1.com/js/ 2 KB
786 B 132ms
129ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go2.innmktgsm1.com/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 03:46:42 GMT
server: cloudflare
etag: "1e6059f-602-5de135b5b2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 711f080f3ab591fc-FRA
content-length: 678
expires: Fri, 27 May 2022 17:17:34 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go2.innmktgsm1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:43:06 GMT
x-content-type-options: nosniff
age: 347668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 12:43:06 GMT

GET
H2 200 u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v24/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v24/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc26ff26c1a190035ec393a1d049a1451022349d7f1885ca7051b55f6d2b876e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go2.innmktgsm1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 21:04:36 GMT
x-content-type-options: nosniff
age: 58378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15468
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:34:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 21:04:36 GMT

GET
H2 200 ftf_arrows.png
go2.innmktgsm1.com/images/icons/ 3 KB
3 KB 131ms
130ms Image
image/png 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go2.innmktgsm1.com/images/icons/ftf_arrows.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go2.innmktgsm1.com/index.php/email/emailWebview?md_id=6728&mkt_tok=NzMyLVdNRS05MDMAAAGEpJL_gXpPC2m0PVJ17mEJqdy6ZajbszZxQ7E4WlHc1bkeV3HDyyNnOfpUw1BpOd4VmftLeOrvTyGnDflsYJvp2IbmkASy7W2wx62Aljl8r2Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 13:17:34 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 03:46:29 GMT
server: cloudflare
etag: "1e21325-ca8-5de135a94cf40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 711f08102c4c91fc-FRA
content-length: 3240
expires: Fri, 27 May 2022 13:18:34 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go2.inndts.com/	1970-01-20 03:20:59	Name: __cf_bm Value: LinyokcQ7b3dosoXVBizmsH7WeK4f.spzCLWK3S4gZ8-1653657452-0-AbUcJbBkt7Nu3wmEhyNG9BWGVHpxRRpYvU3jqeuBbRcTOaExciXuBjt7CQfGU+pSQZ8nzHgGorUP5wt7Hpt+B7w=
go2.innmktgsm1.com/	1969-12-31 23:59:59	Name: BIGipServerab17web-nginx-app_https Value: !ZEqTRC8N2UyC2dzn/+ZT2Dlakae2CxTQNXPfLNxbk5+407RBE8BIZnw9Iyjz/MeGMJXUU7l0YdNO
.go2.innmktgsm1.com/	1970-01-20 03:20:59	Name: __cf_bm Value: AsAbCCwpAYy8l4CVZvxow7QGKYQgKv44JRYtrB_tDEM-1653657453-0-AYv+Ynq/jxbJng02i0viFeisaoT0AnGcpZy2kpcM8z7QzRstRZr1YB1lZ2RxGfTfpTnyvAZ/o93u+W6f45JHMow=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-J8WP4r86HD2fxyJ49mKTkTIQBptkfwKlUJbOhv/sz9g=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-rsrc.getbee.io
d15k2d11r6t6rl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go2.inndts.com
go2.innmktgsm1.com
104.17.71.206
104.17.72.206
143.204.98.103
143.204.98.20
2a00:1450:4001:801::2003
2a00:1450:4001:827::200a
10f258f566ac632b83610f3970743e1a74a6340798860be6e2c4a691386819ac
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
2d1254a3e2f72ad012c7675c42cf63b7ec7aff462a8be78469204830bd85ed12
45e43159ca2c58f634733eecaeb1db37105a01c2ed88679c54b4e7d28424a34e
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
575178c414227f597c0e2571e11d55c42ee776558fa653eb144f5ef59e7a1b23
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
9c25b5f8760c4917e01d34510be44776745caf1d632abbd1393233ef4702d720
9ced501d2eb40b9d7a3d214a9dfbf38798b8501458712cc420bd59fd8401fe19
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
9f7a8e11272b8269b6e75d369163fc11d45525ebf7eb8e8c99abbcc90902a606
cdb47a4dd6d4123cf2de3d2dbf2452c94e769d545ae676eb121b87e5474ac275
dac70bf6eb33edc4858d4431e1ff7eb7cdb28aad422ce5ef0ecfbb99e9f2bc56
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
de8497f0317f56d198e5873ef6a0bee65f092b1b81785398d7dd1d9dc73c73dd
df90ce8fad4083e3702a114b32f0f59a76da21f1b34b0af1a8ece9d62f3b15e3
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
fc26ff26c1a190035ec393a1d049a1451022349d7f1885ca7051b55f6d2b876e
ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

go2.innmktgsm1.com Open in urlscan Pro 104.17.71.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

337 kBTransfer

430 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

go2.innmktgsm1.com Open in urlscan Pro
104.17.71.206 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

337 kB
Transfer

430 kB
Size

3
Cookies

23 HTTP transactions
0 data transactions