mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com Open in urlscan Pro
198.245.82.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.enews.thesource.ca/?qs=4101702db94808354af3cd2e316c3bd36944d00a8ba4b7305afc08edc0f6021f597cfe209230c9a0ff049a9f8298...
Effective URL:
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe...
Submission Tags: phisherman local Search All
Submission: On May 26 via api (May 26th 2023, 6:19:15 pm UTC) from CA — Scanned from CA

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 8 HTTP transactions. The main IP is 198.245.82.43, located in United States and belongs to EXACT-7, US. The main domain is mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 1st 2023. Valid for: a year.

This is the only time mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.17.96.172 128.17.96.172	14340 (SALESFORCE) (SALESFORCE)
2	198.245.82.43 198.245.82.43	22606 (EXACT-7) (EXACT-7)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.73.235.104 23.73.235.104	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.206.160.245 34.206.160.245	14618 (AMAZON-AES) (AMAZON-AES)
1	23.41.168.146 23.41.168.146	16625 (AKAMAI-AS) (AKAMAI-AS)
8	6

1 128.17.96.172 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.enews.thesource.ca

click.enews.thesource.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.245.82.43 (United States)

ASN22606 (EXACT-7, US)

mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.235.104 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-235-104.deploy.static.akamaitechnologies.com

image.s6.exacttarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.160.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-160-245.compute-1.amazonaws.com

thesource.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.168.146 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-146.deploy.static.akamaitechnologies.com

a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	igodigital.com thesource.collect.igodigital.com — Cisco Umbrella Rank: 583486 nova.collect.igodigital.com — Cisco Umbrella Rank: 5165	3 KB
2	sfmc-content.com mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com	3 KB
1	rackcdn.com a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com	29 KB
1	exacttarget.com image.s6.exacttarget.com — Cisco Umbrella Rank: 123476	7 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817	7 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	3 KB
1	thesource.ca 1 redirects click.enews.thesource.ca	440 B
8	7

	Domain	Requested by
2	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	nova.collect.igodigital.com	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	thesource.collect.igodigital.com	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	image.s6.exacttarget.com	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	maxcdn.bootstrapcdn.com	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	cdn.jsdelivr.net	mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
1	click.enews.thesource.ca	1 redirects
8	8

This site contains links to these domains. Also see Links.

Domain
www.thesource.ca

Subject Issuer	Validity	Valid
*.pub.sfmc-content.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-01` - `2024-05-01`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
akamai-san1.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-24` - `2024-02-13`	a year	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-13`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-23` - `2024-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
Frame ID: 83059ACC928C3A9F734D696C7E264BB4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Source

Page URL History Show full URLs

https://click.enews.thesource.ca/?qs=4101702db94808354af3cd2e316c3bd36944d00a8ba4b7305afc08edc0f6021f597cfe20... HTTP 302
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

8
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

52 kB
Transfer

92 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thesource.ca/?utm_campaign=8500&utm_medium=SMS&utm_source=Push&utm_content=1&utm_term=na

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.enews.thesource.ca/?qs=4101702db94808354af3cd2e316c3bd36944d00a8ba4b7305afc08edc0f6021f597cfe209230c9a0ff049a9f82989c9b28478fd03e2f6ff262c22848936f62b2 HTTP 302
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request bquetxyqy1f Show response
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
Redirect Chain

https://click.enews.thesource.ca/?qs=4101702db94808354af3cd2e316c3bd36944d00a8ba4b7305afc08edc0f6021f597cfe209230c9a0ff049a9f82989c9b28478fd03e2f6ff262c22848936f62b2
https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb...

11 KB
3 KB

432ms
314ms

Document
text/html

198.245.82.43
EXACT-7

General

Check archive.org

Show headers Download Go to

Full URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.245.82.43 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
Software: /
Resource Hash: 970b9f8ed972f4c8ef22bac96e574543f7586ef296653b7f3ab414af86f63f5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Length: 3145
Content-Type: text/html; charset=utf-8
Date: Fri, 26 May 2023 18:19:11 GMT
Expires: -1
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 382
Content-Type: text/html; charset=utf-8
Date: Fri, 26 May 2023 18:19:09 GMT
Location: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539

GET
H2 200 normalize.css
cdn.jsdelivr.net/normalize/7.0.0/ 8 KB
3 KB 55ms
10ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/normalize/7.0.0/normalize.css

Requested by

Host: mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 18:19:11 GMT
age: 1526168
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2275
x-served-by: cache-fra-eddf8230025-FRA, cache-yul12827-YUL
etag: W/"1e27-6+B1m/JZtsrq3uYTeXNIEEasVjY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 56ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 18:19:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 607211
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 86fd96f5aa4c1b4ae340363f44e3ac4f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7cd80663198c7142-YUL
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 26287371-0d76-4dcd-9e05-5618c1e8ba49.png
image.s6.exacttarget.com/lib/fe9713707567057b72/m/41/ 7 KB
7 KB 162ms
62ms Image
image/png 23.73.235.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.s6.exacttarget.com/lib/fe9713707567057b72/m/41/26287371-0d76-4dcd-9e05-5618c1e8ba49.png
Requested by: Host: mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.73.235.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-235-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 956d37585023130920d6b70524079737f8a68f3c9168162ab79aa928b488363b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 18:19:11 GMT
Last-Modified: Wed, 19 Jun 2019 22:16:47 GMT
Server: AkamaiNetStorage
ETag: "a578100ba9885c5236021d1c1c302dc6:1560982607.487257"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7032

GET
H2 200 collect.js Show response
thesource.collect.igodigital.com/ 8 KB
2 KB 85ms
26ms Script
application/javascript 34.206.160.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thesource.collect.igodigital.com/collect.js
Requested by: Host: mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.160.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-160-245.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 18:19:11 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 17:30:08 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 410
Gone _t
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f/ 35 B
35 B 97ms
34ms Image
text/html 198.245.82.43
EXACT-7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f/_t?eventType=CLOUDPAGESVISIT
Requested by: Host: mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.245.82.43 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
Software: /
Resource Hash: 7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 18:19:10 GMT
Cache-Control: private
Connection: close
Content-Length: 35
Content-Type: text/html

GET
H/1.1 200
OK clanot-book-webfont.woff
a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com/fonts/ 28 KB
29 KB 77ms
20ms Font
application/font-woff 23.41.168.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com/fonts/clanot-book-webfont.woff
Requested by: Host: mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f?qs=79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.146 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe943fa8dc9425e567fa15136c9d0828eb11d04c20b3895bd141c26d14444e74

Request headers

Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
Origin: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 18:19:11 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Mon, 19 Jun 2017 15:49:35 GMT
ETag: 83754919539d742921751ed9e5bfbb63
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
X-Timestamp: 1497887374.45413
Cache-Control: public, max-age=59469
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx927c9ababc4f4e06b4b08-00646debf4ord1
Content-Length: 29036
Expires: Sat, 27 May 2023 10:50:20 GMT

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/thesource/ 43 B
685 B 31ms
30ms Image
image/gif 34.206.160.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/thesource/track_page_view?payload=%7B%22title%22%3A%22The%20Source%22%2C%22url%22%3A%22https%3A%2F%2Fmchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com%2Fbquetxyqy1f%3Fqs%3D79bee6b8c9ceaaffdfde8d43f583eeaf7b070fd8525f06f92bbf4cc6e4218883a53e3c6412c3e3bbe6a38d6276faad6fe9bcfb6d7365009d8d94be3cc2fb6f84631eafea1fbfe7c0841b2facca4a16ba05555d4ccc805addf458a41fb3ad0539%22%2C%22referrer%22%3A%22%22%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.160.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-206-160-245.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-runtime: 0.004180
date: Fri, 26 May 2023 18:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-request-id: 4047efee-59bc-40e3-a2a8-0df430576d9a

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.igodigital.com/	1970-01-20 21:41:25	Name: igodigitaltc2 Value: cff39448-fbf1-11ed-b775-262ab35a8d48
.igodigital.com/	1970-01-20 12:05:28	Name: igodigitalst_thesource Value: cff39a88-fbf1-11ed-b775-262ab35a8d48
.igodigital.com/	1970-01-20 12:05:28	Name: igodigitalstdomain Value: 5125

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com/bquetxyqy1f/_t?eventType=CLOUDPAGESVISIT Message: Failed to load resource: the server responded with a status of 410 (Gone)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a40c2d0e98bc71c0ffe6-a6553ae2f1d90a31de379c1f3f51592c.ssl.cf2.rackcdn.com
cdn.jsdelivr.net
click.enews.thesource.ca
image.s6.exacttarget.com
maxcdn.bootstrapcdn.com
mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com
nova.collect.igodigital.com
thesource.collect.igodigital.com
128.17.96.172
198.245.82.43
23.41.168.146
23.73.235.104
2606:4700::6812:bcf
2a04:4e42::485
34.206.160.245
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a3829ab689107132e51a31a407eca7a4ecb7050d6b9ee83137b6b142c931a73
956d37585023130920d6b70524079737f8a68f3c9168162ab79aa928b488363b
970b9f8ed972f4c8ef22bac96e574543f7586ef296653b7f3ab414af86f63f5b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036
fe943fa8dc9425e567fa15136c9d0828eb11d04c20b3895bd141c26d14444e74

mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com Open in urlscan Pro 198.245.82.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

29 %IPv6

7 Domains

8 Subdomains

6 IPs

1 Countries

52 kBTransfer

92 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

mchlr4th6lbzb43p18kyz6tjlvq8.pub.sfmc-content.com Open in urlscan Pro
198.245.82.43 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

52 kB
Transfer

92 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions