Submitted URL: https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ=
Effective URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUs...
Submission: On July 12 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 23 HTTP transactions. The main IP is 104.17.73.206, located in and belongs to CLOUDFLARENET, US. The main domain is pages.winsightmedia.com. The Cisco Umbrella rank of the primary domain is 965014.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time pages.winsightmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.17.72.206 13335 (CLOUDFLAR...)
7 104.17.73.206 13335 (CLOUDFLAR...)
2 2a00:1450:401... 15169 (GOOGLE)
1 3.20.3.235 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
7 18.66.112.25 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
23 7
Apex Domain
Subdomains
Transfer
10 winsightmedia.com
pages.winsightmedia.com — Cisco Umbrella Rank: 965014
sync.winsightmedia.com — Cisco Umbrella Rank: 457554
cdn.winsightmedia.com — Cisco Umbrella Rank: 336670
101 KB
7 cspdigitals.com
www.cspdigitals.com — Cisco Umbrella Rank: 380991
34 KB
2 gstatic.com
fonts.gstatic.com
41 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
2 KB
2 mkto-sj240021.com
mkto-sj240021.com — Cisco Umbrella Rank: 359443
1 KB
23 5
Domain Requested by
7 www.cspdigitals.com pages.winsightmedia.com
7 pages.winsightmedia.com mkto-sj240021.com
pages.winsightmedia.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.winsightmedia.com pages.winsightmedia.com
2 fonts.googleapis.com pages.winsightmedia.com
2 mkto-sj240021.com pages.winsightmedia.com
1 sync.winsightmedia.com pages.winsightmedia.com
23 7

This site contains links to these domains. Also see Links.

Domain
mkto-sj240021.com
Subject Issuer Validity Valid
mkto-sj240021.com
Cloudflare Inc ECC CA-3
2022-06-22 -
2023-06-21
a year crt.sh
pages.winsightmedia.com
Cloudflare Inc ECC CA-3
2022-05-08 -
2023-05-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
winsightmedia.com
Amazon
2021-11-08 -
2022-12-07
a year crt.sh
cspdigitals.com
Amazon
2022-05-01 -
2023-05-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Frame ID: 91C0045130E688C4FB002DB139F763D8
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

GB Daily News

Page URL History Show full URLs

  1. https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCD... Page URL
  2. https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

179 kB
Transfer

269 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ= Page URL
  2. https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ=
mkto-sj240021.com/v/
565 B
1 KB
Document
General
Full URL
https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-hbeiVYQr1jNrUGPbtYiIbKVSSg8btMOFg27NtKwjldw=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
729d62d109da9b77-FRA
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-hbeiVYQr1jNrUGPbtYiIbKVSSg8btMOFg27NtKwjldw=';object-src 'none';form-action:'none';frame-src:'none'
content-type
text/html;charset=UTF-8
date
Tue, 12 Jul 2022 22:58:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
strict-origin
server
cloudflare
x-frame-options
SAMEORIGIN
x-request-id
e8476090e9456155
Primary Request emailWebview
pages.winsightmedia.com/index.php/email/
36 KB
12 KB
Document
General
Full URL
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Requested by
Host: mkto-sj240021.com
URL: https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7c0d803a9e69ca9344df1336a8e0429e05a0373d2d080c69ef1a3b8962934b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mkto-sj240021.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
729d62d64b959bd4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Jul 2022 22:58:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
css2
fonts.googleapis.com/
3 KB
635 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 21:47:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 22:58:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 22:58:57 GMT
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald&display=swap
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8444eef16466b77fb9673f0682daa635c524beae333408c1e824b536a78fde0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 21:43:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 12 Jul 2022 22:58:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jul 2022 22:58:57 GMT
x.png
sync.winsightmedia.com/beacon/
43 B
269 B
Image
General
Full URL
https://sync.winsightmedia.com/beacon/x.png?l=11896802&m=74129&p=21061&pn=NL_WGB_Alert_07-12-22_14:00
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.3.235 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-3-235.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 22:58:57 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
image/png
cache-control
max-age=0, must-revalidate, post-check=0, pre-check=0, private
content-length
43
expires
Tue, 12 Jul 2022 22:58:57 GMT
WGB-728_no_bg.png
cdn.winsightmedia.com/platform/files/editor/snippets/gb/email/
19 KB
19 KB
Image
General
Full URL
https://cdn.winsightmedia.com/platform/files/editor/snippets/gb/email/WGB-728_no_bg.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c00:1a:3cb0:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2405cf11ba7a1a3f850d4a96e86619adcd2e14e50ec1295a2fffdba5adae522e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
Y.0K0EPngC7p1gOqQv72hU2EeXhdfg2n
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Tue, 10 May 2022 23:08:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"008531f20f956cabe4118c54f7374f8c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
date
Tue, 12 Jul 2022 22:58:58 GMT
content-length
19372
x-amz-cf-id
tfsub6NTl5DG1zcTdMqncKFpPcPsJgHu355ss_0LLXstyhikov_gTw==
shutterstock_image%20-%202022-07-12T110739.009_0.jpg
cdn.winsightmedia.com/platform/files/public/2022-07/background/650x375c/
29 KB
29 KB
Image
General
Full URL
https://cdn.winsightmedia.com/platform/files/public/2022-07/background/650x375c/shutterstock_image%20-%202022-07-12T110739.009_0.jpg
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c00:1a:3cb0:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee1a45b79c72852484c1d26457d0b4e4357528cc07e50cc63a38b8a89f4c46bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 19:09:41 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Sat, 23 Jul 2022 00:00:00 GMT", rule-id="ResizedImageExpiry"
last-modified
Tue, 12 Jul 2022 18:29:40 GMT
server
AmazonS3
age
13757
etag
"1776f0b105aa6e3ff89da3929617a8fe"
x-cache
Hit from cloudfront
x-amz-version-id
Y8peyr6cghgby5s3SQH1seFQDggKB5MN
cache-control
public, max-age=864000
x-amz-cf-pop
FRA60-P4
content-type
image/jpeg
content-length
29241
x-amz-cf-id
O90irZe8H8KND2xKZUKfJ7TB_uy8OzZRpPsAFxSfHzm6N9VGAG31jw==
Grocery_Business_Web_WHITE_Logo.png
www.cspdigitals.com/ghq_newsletters/
4 KB
5 KB
Image
General
Full URL
https://www.cspdigitals.com/ghq_newsletters/Grocery_Business_Web_WHITE_Logo.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
3140105c4478f14a93f68c21a6a45b372236dc4bbbd80814bfc7c4b47c64f8bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 19:51:28 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2017 19:27:20 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
11249
etag
"118b-56051df722a04"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
4491
x-amz-cf-id
5gYPHkm79gBaNme4Lb1vj0z5aopeJgQeEm_ixwtBLHzuJkqddVZDVQ==
facebook-50.png
www.cspdigitals.com/mc/
5 KB
5 KB
Image
General
Full URL
https://www.cspdigitals.com/mc/facebook-50.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
0f04b40e88763fd51b82da9e1e550e7cc44dd01331af95ed82f84f86cac72d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 19:29:37 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Fri, 09 Mar 2018 17:52:59 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
12560
etag
"13c7-566fe7683aebc"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5063
x-amz-cf-id
PDSCogUgBSxDA3pvTkBYG-6ot11pVis_1p4u19HAsCF88DoLreO1Bg==
twitter-50.png
www.cspdigitals.com/mc/
5 KB
5 KB
Image
General
Full URL
https://www.cspdigitals.com/mc/twitter-50.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
3f0e6fddaced8c481bc59eb73ec3d7412aae94c82da20ccb3e28a051cd7980f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 19:09:41 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Fri, 09 Mar 2018 17:52:59 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
13756
etag
"148a-566fe76892529"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5258
x-amz-cf-id
Y37h9R8kQobDxl-0FqPrdDdV83CJdDgfy6UFnvrVn5DY1emNqKf1Ow==
instagram-50.png
www.cspdigitals.com/mc/
6 KB
6 KB
Image
General
Full URL
https://www.cspdigitals.com/mc/instagram-50.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
d5a091e67fef9242b9ed154141df8bb9cf0a82b069a8e2135623b8de4997d3fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 19:51:28 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Fri, 09 Mar 2018 17:52:59 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
11249
etag
"1738-566fe76832dd4"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5944
x-amz-cf-id
McBhvGmNz23d3gmBrH8Y_uIWKWpz0ji8LbnGAZ6n6QkOpT9Kt9qGUw==
linkedin-50.png
www.cspdigitals.com/mc/
5 KB
5 KB
Image
General
Full URL
https://www.cspdigitals.com/mc/linkedin-50.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
6c7c23a13502f29daccad5db03b6286b574abd5310b5818a746e56cfc9ba272e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 07:13:18 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Fri, 09 Mar 2018 17:52:59 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
56739
etag
"1451-566fe7685d583"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5201
x-amz-cf-id
HqFfFada_3-xNDHuoH_4TERzCycPcqeghh7goylfUKG9FPEkz22hmw==
spacer_footer.gif
www.cspdigitals.com/mc/
1 KB
1 KB
Image
General
Full URL
https://www.cspdigitals.com/mc/spacer_footer.gif
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
40c75f72c6f94c587e5c028a2fbe9a4fab3010274a145d9918d44fa2d1e38399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 10:42:37 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Fri, 03 Jun 2016 14:43:39 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
44180
etag
"44b-53460bf90dcc0"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
1099
x-amz-cf-id
em7LHH6J1y8cjvgxzICShs3s_-cgoWOfZZIKQD2Ue2r5H2wi9e9faw==
winsight_footer.png
www.cspdigitals.com/fsg_newsletters/rb/rb_recap/
5 KB
6 KB
Image
General
Full URL
https://www.cspdigitals.com/fsg_newsletters/rb/rb_recap/winsight_footer.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25 /
Resource Hash
ab10457bda385f3bec4670cfcce3fca485e300604e8d0f1c721fa5a782cbb31c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 12:36:57 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified
Thu, 24 Mar 2016 14:43:47 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.2.25
age
37320
etag
"158f-52ecc794f4ec0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
5519
x-amz-cf-id
nxb9zNz4XKQtqct1Ht3nxwkBL3fSjZre2lN6cIiODqxqBrDthTO9BA==
trk
mkto-sj240021.com/
0
0
Image
General
Full URL
https://mkto-sj240021.com/trk?t=1&mid=${mktmail.QpMarketoId}
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

email-decode.min.js
pages.winsightmedia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
848 B
Script
General
Full URL
https://pages.winsightmedia.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 19:29:15 GMT
server
cloudflare
etag
W/"62c8858b-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
729d62f23ba89bd4-FRA
vary
Accept-Encoding
expires
Thu, 14 Jul 2022 22:58:57 GMT
jquery-1.8.2.min.js
pages.winsightmedia.com/js/public/
91 KB
33 KB
Script
General
Full URL
https://pages.winsightmedia.com/js/public/jquery-1.8.2.min.js
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Jun 2022 21:04:06 GMT
server
cloudflare
etag
"46144f-16cfb-5e16ebeb8fd80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
729d62f23bac9bd4-FRA
content-length
33397
expires
Wed, 13 Jul 2022 02:58:57 GMT
forwardemail.js
pages.winsightmedia.com/js/
8 KB
2 KB
Script
General
Full URL
https://pages.winsightmedia.com/js/forwardemail.js
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Jun 2022 21:04:07 GMT
server
cloudflare
etag
"46169c-1efb-5e16ebec83fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
729d62f23bad9bd4-FRA
content-length
1959
expires
Wed, 13 Jul 2022 02:58:57 GMT
forwardemail.css
pages.winsightmedia.com/css/
4 KB
1023 B
Stylesheet
General
Full URL
https://pages.winsightmedia.com/css/forwardemail.css
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Jun 2022 21:04:11 GMT
server
cloudflare
etag
"2420c20-e2b-5e16ebf0548c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
729d62f24baf9bd4-FRA
content-length
908
expires
Wed, 13 Jul 2022 02:58:57 GMT
stripmkttok.js
pages.winsightmedia.com/js/
2 KB
763 B
Script
General
Full URL
https://pages.winsightmedia.com/js/stripmkttok.js
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Jun 2022 21:04:07 GMT
server
cloudflare
etag
"24017d7-602-5e16ebec83fc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
729d62f24bb19bd4-FRA
content-length
678
expires
Wed, 13 Jul 2022 02:58:57 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.winsightmedia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:12:12 GMT
x-content-type-options
nosniff
age
89205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:12:12 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v48/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v48/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.winsightmedia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 16:01:17 GMT
x-content-type-options
nosniff
age
111460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:36:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 16:01:17 GMT
ftf_arrows.png
pages.winsightmedia.com/images/icons/
3 KB
3 KB
Image
General
Full URL
https://pages.winsightmedia.com/images/icons/ftf_arrows.png
Requested by
Host: pages.winsightmedia.com
URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 22:58:57 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 14 Jun 2022 21:03:56 GMT
server
cloudflare
etag
"2440973-ca8-5e16ebe206700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
729d62f38d2c9bd4-FRA
content-length
3240
expires
Tue, 12 Jul 2022 22:59:57 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| __mktTokVal

3 Cookies

Domain/Path Name / Value
.mkto-sj240021.com/ Name: __cf_bm
Value: T8Qky1ii__A.FXsiE6EqESB6wkMwxzRuJQzqOjgLPL0-1657666732-0-Aak7gA2mwtuxjU2lCiCNItXCiio4kts9k2dxCljCgspQaOkgjtmM75v0Vmi23lbZ3o9jRUU3Ix9c1qxUuaiHsgA=
pages.winsightmedia.com/ Name: BIGipServersj24web-nginx-app_https
Value: !0wrHd+WXdo884rnMZROflEEG2tCikiko/SfSXH3q+SgVevghnv7CCBX5c647o300niEQWkIiMvkRp1s=
.pages.winsightmedia.com/ Name: __cf_bm
Value: JqUA9hLYsKrP_trKbEXWbWe8Xu7g7T5rXzAwV87gU0M-1657666736-0-AWfhEBSrG8SRnWxKqoJv3mVH8RD942TwCNU/cVtyoQGEhXjkmeYkIVMzIofuuWQRdERVm77uqsmdBn70lDEDWi8=

6 Console Messages

Source Level URL
Text
security error URL: https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ=
Message:
The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://mkto-sj240021.com/v/NTYxLVpOUC04OTcAAAGFks2mhQ1IM6Krk8XeJq3fWoijhNmfRQLl549e-bi2j2NbHh_u9GxJCDinAXib1W9Id1rbSXQ=
Message:
The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security warning URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4
Message:
Mixed Content: The page at 'https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4' was loaded over HTTPS, but requested an insecure element 'http://sync.winsightmedia.com/beacon/x.png?l=11896802&m=74129&p=21061&pn=NL_WGB_Alert_07-12-22_14:00'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4(Line 5)
Message:
The key "" is not recognized and ignored.
security warning URL: https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4(Line 137)
Message:
Mixed Content: The page at 'https://pages.winsightmedia.com/index.php/email/emailWebview?md_id=74129&mkt_tok=NTYxLVpOUC04OTcAAAGFks2mha253rHVh9JIU86gDp_AHUsc1qySlHsqznPqMxDzSYf__NNjOFTaytwzjBZSB4FdSl-W3HS_rgFRWmKeQfU0YvpoZLuuAt-39Plhhu-5fK4' was loaded over HTTPS, but requested an insecure element 'http://sync.winsightmedia.com/beacon/x.png?l=11896802&m=74129&p=21061&pn=NL_WGB_Alert_07-12-22_14:00'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://mkto-sj240021.com/trk?t=1&mid=${mktmail.QpMarketoId}
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-hbeiVYQr1jNrUGPbtYiIbKVSSg8btMOFg27NtKwjldw=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.winsightmedia.com
fonts.googleapis.com
fonts.gstatic.com
mkto-sj240021.com
pages.winsightmedia.com
sync.winsightmedia.com
www.cspdigitals.com
104.17.72.206
104.17.73.206
18.66.112.25
2600:9000:225e:c00:1a:3cb0:a900:93a1
2a00:1450:4001:80b::2003
2a00:1450:4014:80e::200a
3.20.3.235
0f04b40e88763fd51b82da9e1e550e7cc44dd01331af95ed82f84f86cac72d83
2405cf11ba7a1a3f850d4a96e86619adcd2e14e50ec1295a2fffdba5adae522e
246c93f3fc86f8345be260d6b7f73a92c26093d9db1449b5fd35f89b93027e56
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3140105c4478f14a93f68c21a6a45b372236dc4bbbd80814bfc7c4b47c64f8bc
3f0e6fddaced8c481bc59eb73ec3d7412aae94c82da20ccb3e28a051cd7980f5
40c75f72c6f94c587e5c028a2fbe9a4fab3010274a145d9918d44fa2d1e38399
536fdc22b1c1bc61bca6408c052b74d6f40f5ae530243a21cc503393e81aed65
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
6c7c23a13502f29daccad5db03b6286b574abd5310b5818a746e56cfc9ba272e
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8444eef16466b77fb9673f0682daa635c524beae333408c1e824b536a78fde0c
9876cd51083c982d4b8fafa2ef6d329509635eff48379152f67484fdf14f6c1d
ab10457bda385f3bec4670cfcce3fca485e300604e8d0f1c721fa5a782cbb31c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
be7c0d803a9e69ca9344df1336a8e0429e05a0373d2d080c69ef1a3b8962934b
d5a091e67fef9242b9ed154141df8bb9cf0a82b069a8e2135623b8de4997d3fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1a45b79c72852484c1d26457d0b4e4357528cc07e50cc63a38b8a89f4c46bf
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715