clt1369097.bmetrack.com Open in urlscan Pro
35.161.213.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsI...
Submission: On March 04 via manual (March 4th 2022, 5:12:58 am UTC) from AU — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 35.161.213.193, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is clt1369097.bmetrack.com.
TLS certificate: Issued by Amazon on November 1st 2021. Valid for: a year.

This is the only time clt1369097.bmetrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	35.161.213.193 35.161.213.193	16509 (AMAZON-02) (AMAZON-02)
6 6	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:215... 2600:9000:2156:b200:d:7e9b:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	163.171.132.211 163.171.132.211	54994 (QUANTILNE...) (QUANTILNETWORKS)
13	3

5 35.161.213.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-213-193.us-west-2.compute.amazonaws.com

clt1369097.bmetrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.21.178.134 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

www5.gep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:b200:d:7e9b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

storage.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.171.132.211 (Germany)

ASN54994 (QUANTILNETWORKS, US)

ui.benchmarkemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.benchmarkemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	pardot.com storage.pardot.com — Cisco Umbrella Rank: 8541	139 KB
6	gep.com 6 redirects www5.gep.com	4 KB
5	bmetrack.com clt1369097.bmetrack.com	15 KB
2	benchmarkemail.com ui.benchmarkemail.com — Cisco Umbrella Rank: 94943 www.benchmarkemail.com — Cisco Umbrella Rank: 105763	6 KB
13	4

	Domain	Requested by
6	storage.pardot.com	clt1369097.bmetrack.com
6	www5.gep.com	6 redirects
5	clt1369097.bmetrack.com	clt1369097.bmetrack.com
1	www.benchmarkemail.com	clt1369097.bmetrack.com
1	ui.benchmarkemail.com	clt1369097.bmetrack.com
13	5

This site contains links to these domains. Also see Links.

Domain
www.benchmarkemail.com

Subject Issuer	Validity	Valid
*.bmetrack.com Amazon	`2021-11-01` - `2022-11-29`	a year	crt.sh
benchmarkemail.com R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Frame ID: 76E70DE1856F662CD06B1E3E7B8B04B8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Still Chasing Tail Spend? Download This Plan to End It{{Subject}}

Page Statistics

13
Requests

54 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

160 kB
Transfer

184 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.benchmarkemail.com/?p=500289

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www5.gep.com/l/428172/2021-03-23/6tqgfj/428172/16165072478l9rIzWc/new_gep_header_2.png HTTP 302
https://storage.pardot.com/428172/16165072478l9rIzWc/new_gep_header_2.png

Request Chain 5

https://www5.gep.com/l/428172/2021-03-23/6tqgd4/428172/1616506455HgmZzoMW/facebook.png HTTP 302
https://storage.pardot.com/428172/1616506455HgmZzoMW/facebook.png

Request Chain 6

https://www5.gep.com/l/428172/2021-03-23/6tqgd6/428172/16165065073MMubQYk/twitter.png HTTP 302
https://storage.pardot.com/428172/16165065073MMubQYk/twitter.png

Request Chain 7

https://www5.gep.com/l/428172/2021-03-23/6tqgd8/428172/16165065441DaW4pzj/linkedin.png HTTP 302
https://storage.pardot.com/428172/16165065441DaW4pzj/linkedin.png

Request Chain 8

https://www5.gep.com/l/428172/2021-03-23/6tqgdb/428172/16165065725pPmluji/youtube.png HTTP 302
https://storage.pardot.com/428172/16165065725pPmluji/youtube.png

Request Chain 9

https://www5.gep.com/l/428172/2021-10-19/71snl6/428172/1634663907sp8HeOrA/knowledgebank_emailer_header__002_.png HTTP 302
https://storage.pardot.com/428172/1634663907sp8HeOrA/knowledgebank_emailer_header__002_.png

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request v Show response
clt1369097.bmetrack.com/c/ 28 KB
8 KB 1386ms
1036ms Document
text/html 35.161.213.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.213.193 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-213-193.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

081e725a7251b9748d9959ad7bfec98f5c525d2b2066fd2e1911a741e5b8641c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-type: text/html; charset=utf-8
content-length: 7547
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-xss-protection: 0

GET
H2 200 dhtmlwindow.css
clt1369097.bmetrack.com/style/ 868 B
769 B 162ms
161ms Stylesheet
text/css 35.161.213.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clt1369097.bmetrack.com/style/dhtmlwindow.css

Requested by

Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.213.193 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-213-193.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

5ab9b01f5411eb7bf4655e6f6cfa5f451126a52f0d392a9ce236cc850ddfd824

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
last-modified: Thu, 21 Aug 2014 21:27:06 GMT
server: Microsoft-IIS/10.0
etag: "d51473a886bdcf1:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 561
x-xss-protection: 0

GET
H2 200 dhtmlwindow.js Show response
clt1369097.bmetrack.com/script/ 11 KB
4 KB 162ms
161ms Script
application/javascript 35.161.213.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clt1369097.bmetrack.com/script/dhtmlwindow.js

Requested by

Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.213.193 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-213-193.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

653680a1a4e09b8bba99ee744d3658cebf2f7b381ceb7ee4b0d75e7eb7a042bd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
last-modified: Mon, 27 Aug 2012 11:27:52 GMT
server: Microsoft-IIS/10.0
etag: "2bf5fbfe4684cd1:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4110
x-xss-protection: 0

GET
H2 200 modal.css
clt1369097.bmetrack.com/style/ 368 B
575 B 161ms
160ms Stylesheet
text/css 35.161.213.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clt1369097.bmetrack.com/style/modal.css

Requested by

Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.213.193 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-213-193.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

beae63e087a54da21123981ab8f0cd044616a8d0efb6f1467454421fa753c67d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
last-modified: Thu, 31 Jul 2014 18:39:35 GMT
server: Microsoft-IIS/10.0
etag: "1c3bcdc6eeaccf1:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 367
x-xss-protection: 0

GET
H2 200 modal.js Show response
clt1369097.bmetrack.com/script/ 2 KB
1 KB 165ms
164ms Script
application/javascript 35.161.213.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clt1369097.bmetrack.com/script/modal.js

Requested by

Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.213.193 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-213-193.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

c80379082e346ad94e225e70dacbfd298ce4f9379c6cb6df1f8ef9989e64ee58

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
last-modified: Mon, 07 May 2012 08:42:08 GMT
server: Microsoft-IIS/10.0
etag: "c7f098492d2ccd1:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1149
x-xss-protection: 0

GET
H2

200

new_gep_header_2.png
storage.pardot.com/428172/16165072478l9rIzWc/
Redirect Chain

https://www5.gep.com/l/428172/2021-03-23/6tqgfj/428172/16165072478l9rIzWc/new_gep_header_2.png
https://storage.pardot.com/428172/16165072478l9rIzWc/new_gep_header_2.png

6 KB
6 KB

70ms
8ms

Image
image/png

2600:9000:2156:b200:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/428172/16165072478l9rIzWc/new_gep_header_2.png
Requested by: Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Protocol: H2
Server: 2600:9000:2156:b200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce838634bfc1a00f8a647e3c268d2b0a95293eeb8228e4747b1a250176c2ef9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 2LcWFWXvVacrapA2r9Q6YCiZZUOFgjcP
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Mar 2021 13:47:28 GMT
server: AmazonS3
age: 85575
etag: "3d252761a1b955d07fd4a241ce2534b7"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
date: Thu, 03 Mar 2022 05:26:39 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
content-length: 5821
x-amz-cf-id: DkDh88UaVvhBTgVw3Ryj4qR6Qlx37ARBxnTBJ_sBksD-GBxlxmJeig==

Redirect headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/428172/16165072478l9rIzWc/new_gep_header_2.png
cache-control: max-age=600
x-robots-tag: none
content-length: 144
expires: Fri, 04 Mar 2022 05:22:53 GMT

GET
H2

200

facebook.png
storage.pardot.com/428172/1616506455HgmZzoMW/
Redirect Chain

https://www5.gep.com/l/428172/2021-03-23/6tqgd4/428172/1616506455HgmZzoMW/facebook.png
https://storage.pardot.com/428172/1616506455HgmZzoMW/facebook.png

10 KB
10 KB

66ms
15ms

Image
image/png

2600:9000:2156:b200:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/428172/1616506455HgmZzoMW/facebook.png
Requested by: Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Protocol: H2
Server: 2600:9000:2156:b200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f901763f74230c76b820a61d43d2ce09573da7c5cf777650b2cb8a2232d6d412

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:47:25 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Mar 2021 13:34:16 GMT
server: AmazonS3
age: 37528
etag: "8f5ce27564945d2c9a10ef827549a78c"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
content-length: 10265
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-version-id: EX2zZdct9FdxjCcy8CKFUvhvpnOTbDGK
x-amz-cf-id: QV-4ug2YHbRxiM5S1_lAG9FWhdKD2K3ITQR6aSVSHvLkNF2BjG-FiQ==

Redirect headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/428172/1616506455HgmZzoMW/facebook.png
cache-control: max-age=600
x-robots-tag: none
content-length: 141
expires: Fri, 04 Mar 2022 05:22:53 GMT

GET
H2

200

twitter.png
storage.pardot.com/428172/16165065073MMubQYk/
Redirect Chain

https://www5.gep.com/l/428172/2021-03-23/6tqgd6/428172/16165065073MMubQYk/twitter.png
https://storage.pardot.com/428172/16165065073MMubQYk/twitter.png

13 KB
14 KB

69ms
9ms

Image
image/png

2600:9000:2156:b200:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/428172/16165065073MMubQYk/twitter.png
Requested by: Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Protocol: H2
Server: 2600:9000:2156:b200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d30dd4a67d2e4af41309b42ffc8e79f6704c109cbb990f6fbbc07996f07e715

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:47:26 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Mar 2021 13:35:08 GMT
server: AmazonS3
age: 37528
etag: "0251d8ee95aa6d1f3400faa3b46b4bcf"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
content-length: 13798
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-version-id: AFD0NwVd.cUVnCeOIcq211J563jCeFpO
x-amz-cf-id: LCpCnis6Nq4ocUkWJrW955hmGC1WJc0PuylSlxxDQ96JMnEf9_8FJA==

Redirect headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
X-Pardot-Route: aaac0c4aea543f8d4e69ceff646811f2
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/428172/16165065073MMubQYk/twitter.png
cache-control: max-age=600
x-robots-tag: none
content-length: 138
expires: Fri, 04 Mar 2022 05:22:53 GMT

GET
H2

200

linkedin.png
storage.pardot.com/428172/16165065441DaW4pzj/
Redirect Chain

https://www5.gep.com/l/428172/2021-03-23/6tqgd8/428172/16165065441DaW4pzj/linkedin.png
https://storage.pardot.com/428172/16165065441DaW4pzj/linkedin.png

12 KB
13 KB

74ms
14ms

Image
image/png

2600:9000:2156:b200:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/428172/16165065441DaW4pzj/linkedin.png
Requested by: Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Protocol: H2
Server: 2600:9000:2156:b200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66de55a93bd4719ca2363c6e79dd59596a422e7f0b8afba214a91be8e337e8ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:47:26 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Mar 2021 13:35:45 GMT
server: AmazonS3
age: 37528
etag: "fd0d5546fdbdc85c76c4372a0d51f1bc"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
content-length: 12595
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-version-id: i5Qf0qzr6EJ7EmudOAlPOxxFFCGj5it9
x-amz-cf-id: ZO3OkSehNd4LvbZQcObEffZ5r1e9_P6cMx4cH1NwohlL3OvoDn9cMA==

Redirect headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/428172/16165065441DaW4pzj/linkedin.png
cache-control: max-age=600
x-robots-tag: none
content-length: 138
expires: Fri, 04 Mar 2022 05:22:53 GMT

GET
H2

200

youtube.png
storage.pardot.com/428172/16165065725pPmluji/
Redirect Chain

https://www5.gep.com/l/428172/2021-03-23/6tqgdb/428172/16165065725pPmluji/youtube.png
https://storage.pardot.com/428172/16165065725pPmluji/youtube.png

13 KB
14 KB

73ms
14ms

Image
image/png

2600:9000:2156:b200:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/428172/16165065725pPmluji/youtube.png
Requested by: Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Protocol: H2
Server: 2600:9000:2156:b200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ff65750bca4a61546debe2df1a47e5975259241e8e2adc179ab07dc0a811230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:47:26 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Mar 2021 13:36:13 GMT
server: AmazonS3
age: 37528
etag: "02f39dff89721e6ab7e6649fa7cd0ae1"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
content-length: 13516
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-version-id: jdk6.9r5QiJ9vGqN7A8AcaQ4WVgxTf41
x-amz-cf-id: QTEs5zb3LZDZzT99hc8-74TSneb_h7nZXGXgaG6fdyGu286BOn8bMw==

Redirect headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/428172/16165065725pPmluji/youtube.png
cache-control: max-age=600
x-robots-tag: none
content-length: 136
expires: Fri, 04 Mar 2022 05:22:53 GMT

GET
H2

200

knowledgebank_emailer_header__002_.png
storage.pardot.com/428172/1634663907sp8HeOrA/
Redirect Chain

https://www5.gep.com/l/428172/2021-10-19/71snl6/428172/1634663907sp8HeOrA/knowledgebank_emailer_header__002_.png
https://storage.pardot.com/428172/1634663907sp8HeOrA/knowledgebank_emailer_header__002_.png

82 KB
83 KB

68ms
15ms

Image
image/png

2600:9000:2156:b200:d:7e9b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.pardot.com/428172/1634663907sp8HeOrA/knowledgebank_emailer_header__002_.png
Requested by: Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4
Protocol: H2
Server: 2600:9000:2156:b200:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f27fc36b374641961023dcecb291605bf8fb88a93440d0b87f75675b0004a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:08:44 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 17:18:28 GMT
server: AmazonS3
age: 32650
etag: "22888a1d49111e39ad0965312c6f8b57"
x-cache: Hit from cloudfront
content-type: image/png; charset=binary
x-amz-replication-status: COMPLETED
content-length: 83937
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-version-id: RRfHY3oobxLPIyuLS81QvHOu9mWTygax
x-amz-cf-id: eNQhBmb-KjJGxT_-otTzF1udbeUR8jeGG0X9x1lXFayu_K5DngsS-w==

Redirect headers

date: Fri, 04 Mar 2022 05:12:53 GMT
content-encoding: gzip
X-Pardot-Route: 07c6fec365d81c66b16ef70448a47c0a
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Server: PardotServer
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
location: https://storage.pardot.com/428172/1634663907sp8HeOrA/knowledgebank_emailer_header__002_.png
cache-control: max-age=600
x-robots-tag: none
content-length: 156
expires: Fri, 04 Mar 2022 05:22:53 GMT

GET
H/1.1 200
OK verified.png
ui.benchmarkemail.com/images/ 1 KB
2 KB 102ms
9ms Image
image/png 163.171.132.211
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ui.benchmarkemail.com/images/verified.png

Requested by

Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.211 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

3db7d51e6b2c5d1c6bf5fa3f1adaa5f63b2436e75a0f83e9a085387f838f72d2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 05:12:53 GMT
Via: 1.1 VMmgxytSEA1fh66:6 (W), 1.1 hexi47:0 (W), 1.1 PSfgblPAR2gc184:6 (W), 1.1 PSdgflkfFRA2po75:12 (W)
Last-Modified: Tue, 19 Nov 2013 06:34:27 GMT
Server: PWS/8.3.1.0.8
Age: 226692
ETag: "dd981a65f1e4ce1:0"
X-Ws-Request-Id: 62219fd5_PSdgflkfFRA2sg74_12500-54685
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604812
X-Px: ht PSdgflkfFRA2po75FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1473
X-XSS-Protection: 0

GET
H/1.1 200
OK opt9.png
www.benchmarkemail.com/images/web4/misc/emailfooter/ 3 KB
4 KB 96ms
8ms Image
image/png 163.171.132.211
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benchmarkemail.com/images/web4/misc/emailfooter/opt9.png

Requested by

Host: clt1369097.bmetrack.com
URL: https://clt1369097.bmetrack.com/c/v?e=13F1668&c=14E409&l=744814D2&email=9PS8shfbX8cBwqoKLoHrmTIZpO%2BZ293Nv6hgcewlTBZRlJa13%2FsIJw%3D%3D&relid=AC1002D4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.211 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a73314e8dbc8d859a7cee330e54b60d49dc9f751e8714bbf12023c0f9f073a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clt1369097.bmetrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-FW-Static: YES
Date: Fri, 04 Mar 2022 05:12:53 GMT
Via: 1.1 hexi49:9 (W), 1.1 hx176:1 (W), 1.1 PSdgflkfFRA1hb199:6 (W), 1.1 PSdgflkfFRA2po75:8 (W)
X-Content-Type-Options: nosniff
Fastly-Restarts: 1
X-Cacheable: YES
Age: 237886
X-FW-Server: Flywheel/5.1.0
X-Px: ht PSdgflkfFRA2po75FRA
Connection: keep-alive
Content-Length: 3545
X-XSS-Protection: 1
X-Served-By: cache-sjc10074-SJC
X-FW-Type: VISIT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 06 Apr 2020 22:47:33 GMT
Server: PWS/8.3.1.0.8
X-Timer: S1597229789.927153,VS0,VE1
ETag: "5e8bb185-dd9"
X-FW-Hash: 7ae59s3m9y
X-Ws-Request-Id: 62219fd5_PSdgflkfFRA2sg74_10029-18161
X-FW-Version: 5.0.0
Content-Type: image/png
X-FW-Serve: TRUE
Cache-Control: max-age=604812
Accept-Ranges: bytes
X-Cache-Hits: 1

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bmetrack.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: evkluigyt0g3s5ejxppbmjpv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clt1369097.bmetrack.com
storage.pardot.com
ui.benchmarkemail.com
www.benchmarkemail.com
www5.gep.com
163.171.132.211
2600:9000:2156:b200:d:7e9b:1200:93a1
35.161.213.193
52.21.178.134
081e725a7251b9748d9959ad7bfec98f5c525d2b2066fd2e1911a741e5b8641c
2f27fc36b374641961023dcecb291605bf8fb88a93440d0b87f75675b0004a88
2ff65750bca4a61546debe2df1a47e5975259241e8e2adc179ab07dc0a811230
3db7d51e6b2c5d1c6bf5fa3f1adaa5f63b2436e75a0f83e9a085387f838f72d2
5ab9b01f5411eb7bf4655e6f6cfa5f451126a52f0d392a9ce236cc850ddfd824
5d30dd4a67d2e4af41309b42ffc8e79f6704c109cbb990f6fbbc07996f07e715
653680a1a4e09b8bba99ee744d3658cebf2f7b381ceb7ee4b0d75e7eb7a042bd
66de55a93bd4719ca2363c6e79dd59596a422e7f0b8afba214a91be8e337e8ca
a73314e8dbc8d859a7cee330e54b60d49dc9f751e8714bbf12023c0f9f073a7a
beae63e087a54da21123981ab8f0cd044616a8d0efb6f1467454421fa753c67d
c80379082e346ad94e225e70dacbfd298ce4f9379c6cb6df1f8ef9989e64ee58
ce838634bfc1a00f8a647e3c268d2b0a95293eeb8228e4747b1a250176c2ef9f
f901763f74230c76b820a61d43d2ce09573da7c5cf777650b2cb8a2232d6d412

clt1369097.bmetrack.com Open in urlscan Pro 35.161.213.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

54 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

3 IPs

2 Countries

160 kBTransfer

184 kBSize

1 Cookies

1 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

clt1369097.bmetrack.com Open in urlscan Pro
35.161.213.193 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

54 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

160 kB
Transfer

184 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions