Report - sl.zillasecurity.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89

Report Overview

Submitted URL
sl.zillasecurity.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89
IP
52.2.143.224
ASN
#14618 AMAZON-AES
Submitted
2024-05-08 17:08:36
Access
public
Website Title
Salesloft
Final URL
app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sl.zillasecurity.com	unknown	unknown	No data	No data	528 B	444 B	52.4.222.229
app.salesloft.com	37350	2005-11-21	2018-05-28	2024-05-06	1.7 kB	48 kB	35.159.2.210
cdn-sdr.salesloft.com	141937	2005-11-21	2015-03-12	2023-10-04	1.5 kB	210 kB	104.16.72.105

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89	31 kB	2023-03-10	2024-05-08
Pretty URL app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 IP 35.159.2.210 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 20:13:07 Last Seen2024-05-08 19:08:42 Times Seen30 Hash cfff80f9efefbd47c9bfc0a75dbb4d4a cfa9fbef2133af39f9823426fecfd8e6327c698f 72de53be85ce8cfc8a95b00d503188882f7c73d200dfacf2bc08830e04baae8f Loading...

	app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89	700 B	2023-03-10	2024-05-08
Pretty URL app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 IP 35.159.2.210 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 20:13:07 Last Seen2024-05-08 19:08:42 Times Seen30 Hash 860d1158a6b8f73b82483118a6a52f65 769a781d222fbdbfff4c24f8d60abbb40d338941 1ff0c4cfdd83525be3d734cfb340b9c465fda12ce8e863fc70cacc8dc95f6e4c Loading...

HTTP Transactions (7)

	URL	IP	Response	Size
	sl.zillasecurity.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89	52.4.222.229	302 Found	145 B
URL User Request GET HTTP/2 sl.zillasecurity.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 IP 52.4.222.229:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subjectsl.zillasecurity.com Fingerprint50:82:E7:AE:C8:59:F8:BA:2D:EB:3E:06:10:73:32:DD:39:D1:51:F2 ValiditySun, 10 Mar 2024 22:58:27 GMT - Sat, 08 Jun 2024 22:58:26 GMT File type HTML document, ASCII text, with CRLF line terminators Size 145 B (145 bytes) Hash c833bacd981739bbf8ecae37b52b61e7 1f20ebcbb0de673daf6d01b5565461e0f44b01ea 05d723f6a33eb8bb9ce555652e6bf2d33175a9362244a6326125c59f4a4d0632 HTTP Headers GET /t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 HTTP/1.1 Host: sl.zillasecurity.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found date: Wed, 08 May 2024 17:08:11 GMT content-type: text/html content-length: 145 location: https://app.salesloft.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 strict-transport-security: max-age=31536000; includeSubDomains x-robots-tag: noindex X-Firefox-Spdy: h2`

	app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89	35.159.2.210	200 OK	33 kB
URL User Request GET HTTP/2 app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 IP 35.159.2.210:443 ASN #16509 AMAZON-02 Certificate IssuerSectigo Limited Subjectsalesloft.com Fingerprint6E:27:D0:4F:1E:66:E0:43:FB:93:21:56:1C:21:6B:00:0D:47:A4:76 ValidityWed, 20 Mar 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (30713) Size 33 kB (33037 bytes) Hash 3da2b7bf4332265946561fcaa76ba6c2 3e850dec01e753a577d996cb8d02bcd3a22cbaec 705f91abd847c7103ff514e732db1a88117d6835a40217554ca1ab84831fa080 HTTP Headers GET /unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 HTTP/1.1 Host: app.salesloft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 08 May 2024 17:08:11 GMT content-type: text/html content-length: 33037 last-modified: Wed, 08 May 2024 14:14:33 GMT etag: "663b88c9-810d" cache-control: no-store content-security-policy-report-only: default-src https: wss: blob: data: 'unsafe-inline'; img-src http: https:; object-src 'none'; frame-ancestors 'none'; x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block accept-ranges: bytes strict-transport-security: max-age=31536000; includeSubDomains x-entry-cluster: k8s-euro-pop-2 x-entry-pop: eu-central-1 x-global-request-start: t=1715188091.841 X-Firefox-Spdy: h2

	cdn-sdr.salesloft.com/styles-2e4a99948ae5337d-v1.css	104.16.72.105	200 OK	164 kB
URL GET HTTP/2 cdn-sdr.salesloft.com/styles-2e4a99948ae5337d-v1.css IP 104.16.72.105:443 ASN #13335 CLOUDFLARENET Requested by https://app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 Certificate IssuerSectigo Limited Subjectsalesloft.com Fingerprint6E:27:D0:4F:1E:66:E0:43:FB:93:21:56:1C:21:6B:00:0D:47:A4:76 ValidityWed, 20 Mar 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (15605) Size 164 kB (164166 bytes) Hash afb671dec363ceeb43269fe069bc20bf 161f77ce37a94ff53f999f4f26199706b2c91b92 0d0a64f5dd11e791239f5c9755e118b9fe49e611e5cea2918bf0a9836f4b06e3 HTTP Headers `GET /styles-2e4a99948ae5337d-v1.css HTTP/1.1 Host: cdn-sdr.salesloft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://app.salesloft.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 08 May 2024 17:08:12 GMT content-type: text/css x-amz-id-2: xRto4Cg0sysS+NqXLHnPVZDDtjysLE0F59urV9dtu6xhWO4+lRJJUqqGD2T4p5G2unFbnTQscqFHQn+8Ncc4gGbQ7mrsVjs0 x-amz-request-id: DWBXXGX36F91FEFC cache-control: public, max-age=86400 last-modified: Wed, 08 May 2024 14:13:26 GMT etag: W/"afb671dec363ceeb43269fe069bc20bf" cf-cache-status: HIT age: 9369 expires: Thu, 09 May 2024 17:08:12 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains x-content-type-options: nosniff access-control-allow-origin: * x-frame-options: SAMEORIGIN server: cloudflare cf-ray: 880b0ce8187956ba-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	app.salesloft.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89	35.159.2.210	302 Found	10 kB
URL User Request GET HTTP/2 app.salesloft.com/t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 IP 35.159.2.210:443 ASN #16509 AMAZON-02 Certificate IssuerSectigo Limited Subjectsalesloft.com Fingerprint6E:27:D0:4F:1E:66:E0:43:FB:93:21:56:1C:21:6B:00:0D:47:A4:76 ValidityWed, 20 Mar 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT File type data Size 10 kB (10269 bytes) Hash e82e4633353d3ddb02fbb0e543b9b9b5 a8a54f50fabc312a6129fc7446697e6310c7b6b1 fd440a33834cbe71b01a285cb9341c276c646a626d45c21fafea8ae4a27ae128 HTTP Headers GET /t/104861/opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 HTTP/1.1 Host: app.salesloft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Wed, 08 May 2024 17:08:11 GMT content-type: text/html; charset=utf-8 location: https://app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache content-security-policy-report-only: default-src 'self' https: blob: data:; img-src 'self' https: http:; frame-ancestors 'none' x-request-id: 1f57fab6c63aa93d0467bf2b2efa51ba x-runtime: 0.009009 strict-transport-security: max-age=31536000; includeSubDomains vary: Origin x-entry-cluster: k8s-euro-pop-2 x-entry-pop: eu-central-1 x-global-request-start: t=1715188091.812 X-Firefox-Spdy: h2

	app.salesloft.com/favicon.ico	35.159.2.210	200 OK	2.3 kB
URL GET HTTP/2 app.salesloft.com/favicon.ico IP 35.159.2.210:443 ASN #16509 AMAZON-02 Requested by https://app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 Certificate IssuerSectigo Limited Subjectsalesloft.com Fingerprint6E:27:D0:4F:1E:66:E0:43:FB:93:21:56:1C:21:6B:00:0D:47:A4:76 ValidityWed, 20 Mar 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Size 2.3 kB (2261 bytes) Hash 5589a0eb2a02e565e74982cf943b774b 45722a5d79b4e072d911459d98f9b32a891daf09 47e59ec62c6ebcfec5df315b4520a7b0b9ea9f8e1dd2a94cb5c8ceb72c0c220b HTTP Headers GET /favicon.ico HTTP/1.1 Host: app.salesloft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 08 May 2024 17:08:12 GMT content-type: image/x-icon content-length: 2261 last-modified: Wed, 08 May 2024 14:13:54 GMT etag: "663b88a2-8d5" cache-control: no-store content-security-policy-report-only: default-src https: wss: blob: data: 'unsafe-inline'; img-src http: https:; object-src 'none'; frame-ancestors 'none'; x-content-type-options: nosniff x-frame-options: DENY x-xss-protection: 1; mode=block accept-ranges: bytes strict-transport-security: max-age=31536000; includeSubDomains x-entry-cluster: k8s-euro-pop-2 x-entry-pop: eu-central-1 x-global-request-start: t=1715188092.654 X-Firefox-Spdy: h2

	cdn-sdr.salesloft.com/assets/fonts/proxima-nova-400-22a2c8bae6785757.woff2	104.16.72.105	200 OK	22 kB
URL GET HTTP/3 cdn-sdr.salesloft.com/assets/fonts/proxima-nova-400-22a2c8bae6785757.woff2 IP 104.16.72.105:443 ASN #13335 CLOUDFLARENET Requested by https://app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 Certificate IssuerSectigo Limited Subjectsalesloft.com Fingerprint6E:27:D0:4F:1E:66:E0:43:FB:93:21:56:1C:21:6B:00:0D:47:A4:76 ValidityWed, 20 Mar 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 21824, version 3.917 Size 22 kB (21824 bytes) Hash ed723eff0e7a48ca38888d304625969e 92f7a924e05bd7cde39cb429a7057bb0c291946f 501ed6d7c49a3526af1f804fff30cc8b7b8608525b100f4140b7504cc5afd4bd HTTP Headers GET /assets/fonts/proxima-nova-400-22a2c8bae6785757.woff2 HTTP/1.1 Host: cdn-sdr.salesloft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://app.salesloft.com DNT: 1 Connection: keep-alive Referer: https://cdn-sdr.salesloft.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Wed, 08 May 2024 17:08:12 GMT content-type: font/woff2 content-length: 21824 x-amz-id-2: +W3hVe9i3YtpJU7lPaGNo0Fc4kPXA70N6fsKJG4nxlyod+DiPD0ChLgFGRur6RJb8i6A8CSLNZ0= x-amz-request-id: 44KN3EFJFN5VEVHW cache-control: public, max-age=86400 last-modified: Thu, 11 Apr 2024 16:04:08 GMT etag: "ed723eff0e7a48ca38888d304625969e" cf-cache-status: HIT age: 43486 expires: Thu, 09 May 2024 17:08:12 GMT accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains x-content-type-options: nosniff access-control-allow-origin: * x-frame-options: SAMEORIGIN server: cloudflare cf-ray: 880b0ceb3b52b4ff-OSL alt-svc: h3=":443"; ma=86400

	cdn-sdr.salesloft.com/assets/fonts/proxima-nova-600-dc4e7cbc9cbad6fd.woff2	104.16.72.105	200 OK	22 kB
URL GET HTTP/3 cdn-sdr.salesloft.com/assets/fonts/proxima-nova-600-dc4e7cbc9cbad6fd.woff2 IP 104.16.72.105:443 ASN #13335 CLOUDFLARENET Requested by https://app.salesloft.com/unsubscribe?id=e902dc2c-fda1-4407-9725-7bb532c9eb89&confirm_opt_out_path=/t/104861/confirm_opt_out/e902dc2c-fda1-4407-9725-7bb532c9eb89 Certificate IssuerSectigo Limited Subjectsalesloft.com Fingerprint6E:27:D0:4F:1E:66:E0:43:FB:93:21:56:1C:21:6B:00:0D:47:A4:76 ValidityWed, 20 Mar 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 21764, version 3.917 Size 22 kB (21764 bytes) Hash 544dd647c869224a722f87638ebd245e d5d16716f150c907751939d2c44517a89b261fd3 fa861c8158da0846d8b78df67af609f6428aa62e0f4e460f0f546880141407f4 HTTP Headers GET /assets/fonts/proxima-nova-600-dc4e7cbc9cbad6fd.woff2 HTTP/1.1 Host: cdn-sdr.salesloft.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://app.salesloft.com DNT: 1 Connection: keep-alive Referer: https://cdn-sdr.salesloft.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Wed, 08 May 2024 17:08:12 GMT content-type: font/woff2 content-length: 21764 x-amz-id-2: t6Cp23V4kiY8FsBptvlj6AEl6ehypSWF3HhXl7EvKQ6kxTjQqyu2fvzaPpbP1pIcUyNSkgyqoec= x-amz-request-id: 44KYRJ0Q6HGFH4B1 cache-control: public, max-age=86400 last-modified: Thu, 11 Apr 2024 16:04:08 GMT etag: "544dd647c869224a722f87638ebd245e" cf-cache-status: HIT age: 43486 expires: Thu, 09 May 2024 17:08:12 GMT accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains x-content-type-options: nosniff access-control-allow-origin: * x-frame-options: SAMEORIGIN server: cloudflare cf-ray: 880b0ceb3b54b4ff-OSL alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type