URL: https://campaign.kpmg.co.il/LP=435
Submission Tags: falconsandbox
Submission: On July 03 via api from US — Scanned from NL

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 192.29.200.183, located in Amsterdam, Netherlands and belongs to ORACLE-BMC-31898, US. The main domain is campaign.kpmg.co.il.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 11th 2022. Valid for: a year.
This is the only time campaign.kpmg.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.29.200.183 31898 (ORACLE-BM...)
1 1 95.101.111.165 20940 (AKAMAI-ASN1)
1 95.101.111.154 20940 (AKAMAI-ASN1)
4 23.201.242.231 16625 (AKAMAI-AS)
2 3 192.29.202.153 31898 (ORACLE-BM...)
7 4
Apex Domain
Subdomains
Transfer
4 en25.com
img06.en25.com — Cisco Umbrella Rank: 52292
21 KB
3 eloqua.com
s158287357.t.eloqua.com
2 KB
1 kpmg.com
kpmg.com — Cisco Umbrella Rank: 54663
190 KB
1 home.kpmg
home.kpmg — Cisco Umbrella Rank: 241600
120 B
1 kpmg.co.il
campaign.kpmg.co.il
14 KB
7 5
Domain Requested by
4 img06.en25.com campaign.kpmg.co.il
3 s158287357.t.eloqua.com 2 redirects campaign.kpmg.co.il
1 kpmg.com campaign.kpmg.co.il
1 home.kpmg 1 redirects
1 campaign.kpmg.co.il
7 5

This site contains links to these domains. Also see Links.

Domain
s158287357.t.en25.com
Subject Issuer Validity Valid
campaign.kpmg.co.il
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2022-10-11 -
2023-10-11
a year crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-21 -
2024-05-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://campaign.kpmg.co.il/LP=435
Frame ID: 467142736CB13EEA7BC770E7F9AC46A5
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

הצטרפות לפורומים ורשימות תפוצה | KPMG סומך חייקין

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

225 kB
Transfer

291 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://home.kpmg/content/dam/kpmg/il/Publications/Images/2021/02/mailinglist_header3101.jpg HTTP 301
  • https://kpmg.com/content/dam/kpmg/il/Publications/Images/2021/02/mailinglist_header3101.jpg
Request Chain 5
  • https://s158287357.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=158287357&PURLSiteID=16&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=435&PURLRecordID=0&PURLGUID=8577299315F247E1806D982CAD8DDEF7&UseRelativePath=False&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0 HTTP 302
  • https://s158287357.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=158287357&PURLSiteID=16&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=435&PURLRecordID=0&PURLGUID=8577299315F247E1806D982CAD8DDEF7&UseRelativePath=False&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0&elqCookie=1 HTTP 302
  • https://s158287357.t.eloqua.com/eloquaimages/tinydot.gif

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request LP=435
campaign.kpmg.co.il/
83 KB
14 KB
Document
General
Full URL
https://campaign.kpmg.co.il/LP=435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.29.200.183 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
4c3c742110c60eb6d1c999459a635e77daf0451715d927f155c8b49cc4ba8df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store
Content-Encoding
gzip
Content-Length
13903
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Jul 2023 15:18:06 GMT
Expires
-1
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
mailinglist_header3101.jpg
kpmg.com/content/dam/kpmg/il/Publications/Images/2021/02/
Redirect Chain
  • https://home.kpmg/content/dam/kpmg/il/Publications/Images/2021/02/mailinglist_header3101.jpg
  • https://kpmg.com/content/dam/kpmg/il/Publications/Images/2021/02/mailinglist_header3101.jpg
190 KB
190 KB
Image
General
Full URL
https://kpmg.com/content/dam/kpmg/il/Publications/Images/2021/02/mailinglist_header3101.jpg
Requested by
Host: campaign.kpmg.co.il
URL: https://campaign.kpmg.co.il/LP=435
Protocol
H2
Server
95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d4c5fccd59733df5ca1d11eaf22b6d6432054a89d2309921f587cc3f9d28948
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://kpmg.experiencecloud.adobe.com
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://campaign.kpmg.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors http://kpmg.experiencecloud.adobe.com
date
Mon, 03 Jul 2023 15:18:06 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=16070400
last-modified
Thu, 29 Jun 2023 18:34:19 GMT
server
Apache
etag
"2f656-5ff48f2cfb802"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=56972
accept-ranges
bytes
content-length
194134
x-xss-protection
1; mode=block
expires
Tue, 04 Jul 2023 07:07:38 GMT

Redirect headers

location
https://kpmg.com/content/dam/kpmg/il/Publications/Images/2021/02/mailinglist_header3101.jpg
date
Mon, 03 Jul 2023 15:18:06 GMT
server
AkamaiGHost
content-length
0
livevalidation_standalone.compressed.js
img06.en25.com/i/
13 KB
14 KB
Script
General
Full URL
https://img06.en25.com/i/livevalidation_standalone.compressed.js
Requested by
Host: campaign.kpmg.co.il
URL: https://campaign.kpmg.co.il/LP=435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-242-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://campaign.kpmg.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jul 2023 15:18:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:05:41 GMT
ETag
"6a86f2409968d91:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type
application/x-javascript
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
13723
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Jul 2023 15:18:06 GMT
%7B40493398-c904-4d53-85de-fa51bfcebad5%7D_Facebook.png
img06.en25.com/EloquaImages/clients/KPMGSomekhChaikin/
2 KB
2 KB
Image
General
Full URL
https://img06.en25.com/EloquaImages/clients/KPMGSomekhChaikin/%7B40493398-c904-4d53-85de-fa51bfcebad5%7D_Facebook.png
Requested by
Host: campaign.kpmg.co.il
URL: https://campaign.kpmg.co.il/LP=435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-242-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
653a89704ae191584dd3caf56555fcd6669f6dad8628bed5c64ee244c5002433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://campaign.kpmg.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jul 2023 15:18:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 27 Jan 2022 12:38:05 GMT
ETag
"f11f38bb7a13d81:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type
image/png
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
1919
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Jul 2023 15:18:06 GMT
%7B12ae7537-b037-45f5-bebb-77e951aeae36%7D_LinkedIN.png
img06.en25.com/EloquaImages/clients/KPMGSomekhChaikin/
2 KB
2 KB
Image
General
Full URL
https://img06.en25.com/EloquaImages/clients/KPMGSomekhChaikin/%7B12ae7537-b037-45f5-bebb-77e951aeae36%7D_LinkedIN.png
Requested by
Host: campaign.kpmg.co.il
URL: https://campaign.kpmg.co.il/LP=435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-242-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f37e19510a826f55a1f7b8a495d7a2a983d9d65a925a542b49baa0b0755fc68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://campaign.kpmg.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jul 2023 15:18:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 27 Jan 2022 12:38:05 GMT
ETag
"bce03abb7a13d81:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type
image/png
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
1829
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Jul 2023 15:18:06 GMT
%7Bcb6867a6-def9-4515-adc3-063d4ab0e826%7D_Youtube.png
img06.en25.com/EloquaImages/clients/KPMGSomekhChaikin/
1 KB
2 KB
Image
General
Full URL
https://img06.en25.com/EloquaImages/clients/KPMGSomekhChaikin/%7Bcb6867a6-def9-4515-adc3-063d4ab0e826%7D_Youtube.png
Requested by
Host: campaign.kpmg.co.il
URL: https://campaign.kpmg.co.il/LP=435
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.242.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-242-231.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d02794693a4a9d38abb6b69b8336532dfee363d4236b78b8d8eb21639f1a159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://campaign.kpmg.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jul 2023 15:18:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 27 Jan 2022 12:38:46 GMT
ETag
"da6ae0d37a13d81:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type
image/png
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
1385
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Jul 2023 15:18:06 GMT
tinydot.gif
s158287357.t.eloqua.com/eloquaimages/
Redirect Chain
  • https://s158287357.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=158287357&PURLSiteID=16&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=435&PURLRecordID=0&PURLGUID=8577299315F247E1806D982CAD...
  • https://s158287357.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=158287357&PURLSiteID=16&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=435&PURLRecordID=0&PURLGUID=8577299315F247E1806D9...
  • https://s158287357.t.eloqua.com/eloquaimages/tinydot.gif
49 B
542 B
Image
General
Full URL
https://s158287357.t.eloqua.com/eloquaimages/tinydot.gif
Requested by
Host: campaign.kpmg.co.il
URL: https://campaign.kpmg.co.il/LP=435
Protocol
HTTP/1.1
Server
192.29.202.153 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://campaign.kpmg.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jul 2023 15:18:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:05:36 GMT
ETag
"e0c4b3e9968d91:0"
Content-Type
image/gif
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
49
X-XSS-Protection
1; mode=block
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jul 2023 15:18:07 GMT
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=utf-8
Location
/eloquaimages/tinydot.gif
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
142
X-Xss-Protection
1; mode=block
Expires
-1

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| LiveValidation function| LiveValidationForm object| Validate function| handleFormSubmit function| resetSubmitButton function| addChangeHandler object| form object| nodes number| len object| node string| selectedValue undefined| j object| dom1 object| fe1245 object| dom2 object| fe1246 object| dom3 object| fe1247 object| dom4 object| fe1248 object| dom5 object| fe1249 object| dom6 object| fe1250 object| dom7 object| fe1251 object| dom8 object| fe1277 object| dom9 object| fe1278 object| dom11 object| fe1256 object| dom12 object| fe1255 object| dom13 object| fe1601 object| dom14 object| fe1481 object| dom15 object| fe1260 object| dom16 object| fe1259 object| dom17 object| fe1261 object| dom18 object| fe1262 object| dom19 object| fe1263 object| dom20 object| fe1266 object| dom21 object| fe1267 object| dom22 object| fe1406 object| dom23 object| fe1270 object| dom24 object| fe1272 object| dom25 object| fe1309 object| dom26 object| fe1310 object| dom27 object| fe1264 object| dom28 object| fe1271 object| dom29 object| fe1265 object| dom30 object| fe1442 object| dom31 object| fe2384 object| dom32 object| fe1275 object| dom33 object| fe1273 object| dom34 object| fe1443 function| getParentElement

3 Cookies

Domain/Path Name / Value
.campaign.kpmg.co.il/ Name: ELOQUA
Value: GUID=8577299315F247E1806D982CAD8DDEF7
.eloqua.com/ Name: ELOQUA
Value: GUID=B4A6BC9C8FFB43AB8D5B66C15E5AB2D4
.eloqua.com/ Name: ELQSTATUS
Value: OK

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block