Submitted URL: http://t.varonis.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Effective URL: https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Submission: On September 16 via manual from IN

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 52.22.157.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.salesloft.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 23rd 2020. Valid for: a year.
This is the only time app.salesloft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 3.85.251.35 14618 (AMAZON-AES)
1 2 52.22.157.210 14618 (AMAZON-AES)
3 23.111.9.35 33438 (HIGHWINDS2)
1 151.101.14.110 54113 (FASTLY)
3 162.247.242.21 23467 (NEWRELIC-...)
8 4
Domain
Subdomains
Transfer
5 salesloft.com
107 KB
3 nr-data.net
643 B
2 varonis.com
424 B
1 newrelic.com
14 KB
8 4
Domain Requested by
3 bam.nr-data.net app.salesloft.com
3 cdn-sdr.salesloft.com app.salesloft.com
cdn-sdr.salesloft.com
2 app.salesloft.com 1 redirects
2 t.varonis.com 2 redirects
1 js-agent.newrelic.com app.salesloft.com
8 5

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
salesloft.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-23 -
2021-03-23
a year
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-09-09 -
2021-05-07
8 months
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years

Screenshot



Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
664321bc-a726-4fb1-a8af-36343d7a06dd
/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out
Redirect Chain
  • http://t.varonis.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
  • https://t.varonis.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
  • https://app.salesloft.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
  • https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
28 KB
11 KB
Document
General
Full URL
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.157.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-157-210.compute-1.amazonaws.com
Software
/
Resource Hash
0b0e4402e34502dff0d9cd5d09adc75a5285f46500879f9695762926319e1751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
app.salesloft.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-store
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src https: wss: blob: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'; frame-ancestors 'none'; report-uri https://salesloft.report-uri.com/r/d/csp/enforce
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Sep 2020 14:21:31 GMT
ETag
W/"7079-sWKaFlVsoiifWRY/jkM4d1c6V3M"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding Origin
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Cache-Control
no-cache
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Sep 2020 14:21:30 GMT
Location
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Request-Id
ae5ef2fdf95a7ba63188369f92327d8d
X-Runtime
0.018931
X-XSS-Protection
1; mode=block
Content-Length
266
Connection
keep-alive
static-e9132dc7b457d3255f1e.css
cdn-sdr.salesloft.com
263 KB
52 KB
Stylesheet
General
Full URL
https://cdn-sdr.salesloft.com/static-e9132dc7b457d3255f1e.css
Requested by
Host: app.salesloft.com
URL: https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
49eac55f52686409daa0d14c1585c0b59d1715df6535b7f4382a8addc449d5ee

Request headers

Referer
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 14:21:31 GMT
content-encoding
gzip
last-modified
Tue, 15 Sep 2020 16:58:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
3E4CDB83C1E3BF52
etag
W/"d4122019ea7e95ba490def0613049724"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=86400
access-control-allow-origin
*
x-amz-id-2
+cgBzmmrXE5HD8UHvLqa9c+p5zNH0vDGuBYfpqqA2IgOOBxsQ4GiqElQoutYcfOeCj52GSNtaMI=
expires
Thu, 17 Sep 2020 14:21:31 GMT
proxima-nova-400-ed723eff0e7a48ca38888d304625969e.woff2
cdn-sdr.salesloft.com/fonts
21 KB
22 KB
Font
General
Full URL
https://cdn-sdr.salesloft.com/fonts/proxima-nova-400-ed723eff0e7a48ca38888d304625969e.woff2
Requested by
Host: cdn-sdr.salesloft.com
URL: https://cdn-sdr.salesloft.com/static-e9132dc7b457d3255f1e.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
501ed6d7c49a3526af1f804fff30cc8b7b8608525b100f4140b7504cc5afd4bd

Request headers

Origin
https://app.salesloft.com
Referer
https://cdn-sdr.salesloft.com/static-e9132dc7b457d3255f1e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 14:21:31 GMT
last-modified
Thu, 10 Sep 2020 16:49:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
67CF96CECE4F1CEB
etag
"ed723eff0e7a48ca38888d304625969e"
x-cache
HIT
content-type
font/woff2
status
200
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-origin
*
content-length
21824
x-amz-id-2
7fPL2ycTNyyFhqdJjyWUfSD/59zxTnPJl7US8/tg7ypIfy01JkYEhDgGe/EV9sDzkpVJkYLextY=
expires
Thu, 17 Sep 2020 14:21:31 GMT
proxima-nova-600-544dd647c869224a722f87638ebd245e.woff2
cdn-sdr.salesloft.com/fonts
21 KB
22 KB
Font
General
Full URL
https://cdn-sdr.salesloft.com/fonts/proxima-nova-600-544dd647c869224a722f87638ebd245e.woff2
Requested by
Host: cdn-sdr.salesloft.com
URL: https://cdn-sdr.salesloft.com/static-e9132dc7b457d3255f1e.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fa861c8158da0846d8b78df67af609f6428aa62e0f4e460f0f546880141407f4

Request headers

Origin
https://app.salesloft.com
Referer
https://cdn-sdr.salesloft.com/static-e9132dc7b457d3255f1e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 14:21:31 GMT
last-modified
Thu, 10 Sep 2020 16:49:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
9C78C495AA809DDB
etag
"544dd647c869224a722f87638ebd245e"
x-cache
HIT
content-type
font/woff2
status
200
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-origin
*
content-length
21764
x-amz-id-2
ebpNL6y8CVtd+JdDMvJvUrzfD+yuxBYO7+JP0FsVqI7zFoDtzJsm1ZQ1EZWNvFZIkov8g7wDWPM=
expires
Thu, 17 Sep 2020 14:21:31 GMT
nr-spa-1177.min.js
js-agent.newrelic.com
37 KB
14 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1177.min.js
Requested by
Host: app.salesloft.com
URL: https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54cb1f867060c01677649ce2d5e65485b33ce06ea271cb4244cbdd22c31fe69a

Request headers

Referer
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 14:21:31 GMT
content-encoding
gzip
x-amz-request-id
1E690D79A2F5B83E
x-cache
HIT
status
200
content-length
14161
x-amz-id-2
eIgSBAFFjj3Ytu5jdKIcV6EWOSVxXxfwNC6TePHp5NmCgOQsyWQq+KO3rrJ3l4C+rjXFV1vFi1M=
x-served-by
cache-fra19175-FRA
last-modified
Tue, 18 Aug 2020 17:23:34 GMT
server
AmazonS3
x-timer
S1600266092.594637,VS0,VE0
etag
"d89642b485486b2c9af6da463597333c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
917
unsubscribe&qt=1&ap=0.600884&be=1224&fe=1568&dc=1412&tt=f804dd08a1f26&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1600266089930,%22n%22:0,%22f%22:1098,%22dn%22:1098,%22dne%22:1098,%22c%...
bam.nr-data.net/1/ba18735fd3?a=61255279&v=1177.96a4d39&to=blIBMkNSXBBTVUJbXFcYJh5BQVcQQVxFHXR8Y0xJRF1BFlBFVUBaW1I%3D&rst=1719&ck=1&ref=https://app.salesloft.com
57 B
275 B
Script
General
Full URL
https://bam.nr-data.net/1/ba18735fd3?a=61255279&v=1177.96a4d39&to=blIBMkNSXBBTVUJbXFcYJh5BQVcQQVxFHXR8Y0xJRF1BFlBFVUBaW1I%3D&rst=1719&ck=1&ref=https://app.salesloft.com/unsubscribe&qt=1&ap=0.600884&be=1224&fe=1568&dc=1412&tt=f804dd08a1f26&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1600266089930,%22n%22:0,%22f%22:1098,%22dn%22:1098,%22dne%22:1098,%22c%22:1098,%22ce%22:1098,%22rq%22:1099,%22rp%22:1215,%22rpe%22:1216,%22dl%22:1218,%22di%22:1412,%22ds%22:1412,%22de%22:1412,%22dc%22:1567,%22l%22:1567,%22le%22:1569%7D,%22navigation%22:%7B%7D%7D&fp=1434&fcp=1434&jsonp=NREUM.setToken
Requested by
Host: app.salesloft.com
URL: https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
unsubscribe
bam.nr-data.net/events/1/ba18735fd3?a=61255279&v=1177.96a4d39&to=blIBMkNSXBBTVUJbXFcYJh5BQVcQQVxFHXR8Y0xJRF1BFlBFVUBaW1I%3D&rst=2257&ck=1&ref=https://app.salesloft.com
24 B
184 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/ba18735fd3?a=61255279&v=1177.96a4d39&to=blIBMkNSXBBTVUJbXFcYJh5BQVcQQVxFHXR8Y0xJRF1BFlBFVUBaW1I%3D&rst=2257&ck=1&ref=https://app.salesloft.com/unsubscribe
Requested by
Host: app.salesloft.com
URL: https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://app.salesloft.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif
unsubscribe
bam.nr-data.net/events/1/ba18735fd3?a=61255279&v=1177.96a4d39&to=blIBMkNSXBBTVUJbXFcYJh5BQVcQQVxFHXR8Y0xJRF1BFlBFVUBaW1I%3D&rst=11719&ck=1&ref=https://app.salesloft.com
24 B
184 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/ba18735fd3?a=61255279&v=1177.96a4d39&to=blIBMkNSXBBTVUJbXFcYJh5BQVcQQVxFHXR8Y0xJRF1BFlBFVUBaW1I%3D&rst=11719&ck=1&ref=https://app.salesloft.com/unsubscribe
Requested by
Host: app.salesloft.com
URL: https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://app.salesloft.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://t.varonis.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
  • https://t.varonis.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
  • https://app.salesloft.com/t/11475/opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd
  • https://app.salesloft.com/unsubscribe?id=664321bc-a726-4fb1-a8af-36343d7a06dd&email=paul.sweet@providence.org&confirm_opt_out_path=/t/11475/confirm_opt_out/664321bc-a726-4fb1-a8af-36343d7a06dd

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| NREUM object| newrelic function| __nr_require object| params

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block