link.landsend.com
Open in
urlscan Pro
97.107.19.97
Public Scan
Effective URL: https://link.landsend.com/YesConnect/HtmlMessagePreview?OOLrB5VmY3uqXVuUobxx5i41Sty-l5v7VZNGJrLI-PE=.enc
Submission Tags: phishing malicious Search All
Submission: On September 09 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 10th 2020. Valid for: a year.
This is the only time link.landsend.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 97.107.19.97 97.107.19.97 | 12154 (INFOUSA) (INFOUSA) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE) | |
12 | 68.232.35.38 68.232.35.38 | 15133 (EDGECAST) (EDGECAST) | |
1 | 157.245.23.207 157.245.23.207 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
3 | 104.111.253.219 104.111.253.219 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
5 | 35.244.245.222 35.244.245.222 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.236.10.233 34.236.10.233 | 14618 (AMAZON-AES) (AMAZON-AES) | |
27 | 8 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-253-219.deploy.static.akamaitechnologies.com
s7.landsend.com |
ASN15169 (GOOGLE, US)
PTR: 222.245.244.35.bc.googleusercontent.com
sr.rlcdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-10-233.compute-1.amazonaws.com
pxl.landsend-ympxl.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
4at5.net
media.4at5.net |
205 KB |
7 |
landsend.com
2 redirects
link.landsend.com s7.landsend.com |
101 KB |
5 |
rlcdn.com
sr.rlcdn.com |
234 B |
2 |
googleapis.com
fonts.googleapis.com |
21 KB |
1 |
landsend-ympxl.com
pxl.landsend-ympxl.com |
187 B |
1 |
sendtric.com
gen.sendtric.com |
6 KB |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
27 | 7 |
Domain | Requested by | |
---|---|---|
12 | media.4at5.net |
link.landsend.com
|
5 | sr.rlcdn.com |
link.landsend.com
|
4 | link.landsend.com |
2 redirects
link.landsend.com
|
3 | s7.landsend.com |
link.landsend.com
|
2 | fonts.googleapis.com |
link.landsend.com
|
1 | pxl.landsend-ympxl.com |
link.landsend.com
|
1 | gen.sendtric.com |
link.landsend.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
27 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
link.landsend.com DigiCert SHA2 Secure Server CA |
2020-02-10 - 2021-02-10 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
s10.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-06-03 - 2022-08-24 |
2 years | crt.sh |
*.landsend.com DigiCert SHA2 Secure Server CA |
2019-09-17 - 2020-12-16 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://link.landsend.com/YesConnect/HtmlMessagePreview?OOLrB5VmY3uqXVuUobxx5i41Sty-l5v7VZNGJrLI-PE=.enc
Frame ID: 7448C0B576270B9AC3B9FB534796D62D
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://link.landsend.com/t.d?dIhv2qegLdVJdBLgSkoDC9yEOGfyqeCz30gggZn7OU8M0LwFQw4GTQZAtyErEHBSRlqzYoV1...
HTTP 302
http://link.landsend.com/YesConnect/HtmlMessagePreview?OOLrB5VmY3uqXVuUobxx5i41Sty-l5v7VZNGJrLI-PE=.enc HTTP 302
https://link.landsend.com/YesConnect/HtmlMessagePreview?OOLrB5VmY3uqXVuUobxx5i41Sty-l5v7VZNGJrLI-PE=.enc Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://link.landsend.com/t.d?dIhv2qegLdVJdBLgSkoDC9yEOGfyqeCz30gggZn7OU8M0LwFQw4GTQZAtyErEHBSRlqzYoV1Cd6o8yChrZkzz58aMY_7uoxCCgacI-f5wnr9BxO3_xB2kuVk2YGj4uAX.enc
HTTP 302
http://link.landsend.com/YesConnect/HtmlMessagePreview?OOLrB5VmY3uqXVuUobxx5i41Sty-l5v7VZNGJrLI-PE=.enc HTTP 302
https://link.landsend.com/YesConnect/HtmlMessagePreview?OOLrB5VmY3uqXVuUobxx5i41Sty-l5v7VZNGJrLI-PE=.enc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
HtmlMessagePreview
link.landsend.com/YesConnect/ Redirect Chain
|
81 KB 82 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
767 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
188 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lelogo2020_comfy_TM.png
media.4at5.net/email_domains/lad/logos/ |
75 KB 76 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3r9rvoviku
gen.sendtric.com/countdown/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
I1598539525984976.gif
media.4at5.net/email_domains/ci/15541283420200827/ |
52 KB 53 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
I159889059824978.gif
media.4at5.net/email_domains/ci/15541283420200831/ |
7 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
I1598538585079551.gif
media.4at5.net/email_domains/ci/15541283420200827/ |
20 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
421324_A812_LF_WHI
s7.landsend.com/is/image/LandsEnd/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
400370_AG18_LF_WHI
s7.landsend.com/is/image/LandsEnd/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
519284_FW20_FF_8II
s7.landsend.com/is/image/LandsEnd/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marker.png
media.4at5.net/email_domains/lad/template/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raf.png
media.4at5.net/email_domains/lad/template/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creditcards.png
media.4at5.net/email_domains/lad/template/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soc17-inst.png
media.4at5.net/email_domains/lad/i142342/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soc17-fb.png
media.4at5.net/email_domains/lad/i142342/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soc17-tw.png
media.4at5.net/email_domains/lad/i142342/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soc17-pin.png
media.4at5.net/email_domains/lad/i142342/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
soc17-yt.png
media.4at5.net/email_domains/lad/i142342/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
458259.gif
sr.rlcdn.com/ |
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
458259.gif
sr.rlcdn.com/ |
0 66 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
458259.gif
sr.rlcdn.com/ |
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
458259.gif
sr.rlcdn.com/ |
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
458259.gif
sr.rlcdn.com/ |
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
log.gif
pxl.landsend-ympxl.com/ |
43 B 187 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1x1.dyn
link.landsend.com/ |
822 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
gen.sendtric.com
link.landsend.com
media.4at5.net
pxl.landsend-ympxl.com
s7.landsend.com
sr.rlcdn.com
104.111.253.219
157.245.23.207
2a00:1450:4001:815::2003
2a00:1450:4001:820::200a
34.236.10.233
35.244.245.222
68.232.35.38
97.107.19.97
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05434de8637ece76948df28eb6f9dd67f4f7621ba65728f7dd0c8febaf8709fc
09077737ff91d3c7b576756e2f48f7d8e87ae9f3f690f87372429bb78c35d903
1337dcecd80c1c99b3d5d65f991b4a6ecb47ada2698125ca508dafa2587a85a6
134dd5d9c5328490f11e1c5c904d708006dbfb1f49bc6c5147471c2cb8b2c945
416e6cc2e95033c0fe64f7042bb0251da939fdce55f9ad3e91c1c46c402d8f08
41cfdf0d44501523c0416d0491431023f309c112fecd82b8367e88b1a8fa3431
4c4d50ec7b04684338ef266693db37856672900971f999b7f18b814ee691dd47
4d8fa77cd267ebbac662d428de969b8862458fb39e45e5a53df4bc19e9716ca0
6066dacc4f8df0e2f4cae2373d329513cbf0e393ae385ead156ff1cfef8b98a9
627265f2e8d3c287bddad5098f16fe1dab1d9d0b1fdc5f05952818c47476ac71
63b612b7cadab051e2e925efd85f753f9a4e33e8ad5dd438ed47957c283f093d
71ae1d6f37f6d5f88ce914273e87238f4d5b7ed717f83655b5bad36a6805d03f
946d5f1993047d8d38225b53a1a45b6ebaccf8e5d7154490b66b8781ca72f8aa
95e3412e45652be72efcfb39d329c321dc9fb6a2e3c46d90602c754ee41290c2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c2ceab48f308df9f8b4f83441502a83fbe6ce3a3c21a9894b148bb373dfa23a
a27ab083bef76888e1969b3e011222d186cd00591199d778f3dd65edd6eb33ee
a5eab3cabd86aab8729ce628c37d61960fb154f3a3d895e0a69e06f3010c214f
a8393b9be91ee09675df4adc74974545d84d95ec834406be44c75ebc1186654d
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eb85bdff8611448ed88181b30472973e12a42308cec005c5f35a79049a2fb6