b1x7c.emailsp.com Open in urlscan Pro
13.226.132.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://customer21073.musvc3.net/e/r?q=Qv%3dFCQw_PjzW_at_OX1i_Ym_PjzW_Zy98VP0.lKtFsQ9.0vK_AxZx_KCm_PjzW_ZyOuJ.tPwV_AxZx_KC_yylw_0...
Effective URL:
https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06...
Submission: On November 06 via manual (November 6th 2020, 8:45:47 am UTC) from IT

Summary HTTP 16 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 13.226.132.5, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is b1x7c.emailsp.com.
TLS certificate: Issued by Amazon on May 13th 2020. Valid for: a year.

This is the only time b1x7c.emailsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.51.7.134 52.51.7.134	16509 (AMAZON-02) (AMAZON-02)
1 4	13.226.132.5 13.226.132.5	16509 (AMAZON-02) (AMAZON-02)
3 10	80.211.162.39 80.211.162.39	31034 (ARUBA-ASN) (ARUBA-ASN)
1	13.226.132.86 13.226.132.86	16509 (AMAZON-02) (AMAZON-02)
2	13.226.132.76 13.226.132.76	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::34	15169 (GOOGLE) (GOOGLE)
16	6

2 52.51.7.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-7-134.eu-west-1.compute.amazonaws.com

customer21073.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.132.5 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-5.dus51.r.cloudfront.net

b1x7c.emailsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 80.211.162.39 (Arezzo, Italy) 3 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: host39-162-211-80.serverdedicati.aruba.it

www.fluirespira.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-86.dus51.r.cloudfront.net

customer21073.img.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.132.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-76.dus51.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::34 (United States)

ASN15169 (GOOGLE, US)

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	fluirespira.it 3 redirects www.fluirespira.it	252 KB
4	pendo.io cdn.pendo.io app.pendo.io	119 KB
4	emailsp.com 1 redirects b1x7c.emailsp.com	9 KB
3	musvc3.net 1 redirects customer21073.musvc3.net customer21073.img.musvc3.net	65 KB
16	4

	Domain	Requested by
10	www.fluirespira.it	3 redirects b1x7c.emailsp.com
4	b1x7c.emailsp.com	1 redirects b1x7c.emailsp.com
2	app.pendo.io	cdn.pendo.io
2	cdn.pendo.io	b1x7c.emailsp.com cdn.pendo.io
2	customer21073.musvc3.net	1 redirects b1x7c.emailsp.com
1	customer21073.img.musvc3.net	b1x7c.emailsp.com
16	6

This site contains links to these domains. Also see Links.

Domain
customer21073.musvc3.net
www.fluirespira.it
www.zambon.it

Subject Issuer	Validity	Valid
*.emailsp.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
fluirespira.it Let's Encrypt Authority X3	`2020-10-21` - `2021-01-19`	3 months	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
app.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-07-23` - `2021-10-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Frame ID: 4ED0DB004E6E6B799125C8148275C66B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://customer21073.musvc3.net/e/r?q=Qv%3dFCQw_PjzW_at_OX1i_Ym_PjzW_Zy98VP0.lKtFsQ9.0vK_AxZx_KCm_PjzW_ZyOuJ... HTTP 301
http://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=p... HTTP 301
https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=p... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

16
Requests

88 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

444 kB
Transfer

702 kB
Size

1
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://customer21073.musvc3.net/e/t?q=6%3d2UJZ3%26F%3dB%26G%3d5WA%26H%3d6bAU8%26O%3drMtJ_2tSt_C4_rucs_20_2tSt_B9wQ7.9lOsKeMzBr5.sM_rucs_20pEuC28sJsKa_LavP_Vp8xJyKt_LavP_VpLi4a5kNoL_rucs_20n8f55Et_LavP_VpBt_LavP_VpLeTsHnC_2tSt_B9s5vNt9_2tSt_B9iHn8x.B4Fl%268%3dwNsPmV.n94%26Bs%3dVDc8

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=9%3d8VQc9%26G%3dI%26J%3dAXH%26K%3dBcHXD%26P%3dyPzK_9wYu_J7_xvjv_8A_9wYu_IB3RD.BrPzNkN7Ex6.zP_xvjv_8AwH1D9AyKzNg_MhyV_WwA4K6Nz_MhyV_WwOoOvO_xvjv_8AuAl6BHz_MhyV_WwEz_MhyV_WwOkUzKtD_9wYu_IBgGzIkIA76D6Jk_MhyV_WwEt9vT.nO4H%26j%3dHBO28J.JkO%26zO%3d8YQ7g6rd

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=8%3dNQPbO%26B%3dH%26I%3dQSG%26J%3dRXGWT%26K%3dxOFF_8vop_I6_Dqiu_N6_8vop_HAIMC.A8KyM1I6DD1.yO_Dqiu_N6vGG980EFyMw_Hgxl_Rv0JF5MF_Hgxl_RvN56w1qJuN_Dqiu_N6t021AGF_Hgxl_RvDF_Hgxl_RvN1PyJ09_8vop_HA014Iw_Hgxl_RvD04uS.4J3G%26z%3dCANH3I.I1J%26yN%3dNTPc

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=7%3d0XGaA%26I%3d9%26H%3dCZ8%26I%3dDe8VF%26R%3doN2M_yuaw_05_zxZt_0C_yuaw_905T4.0tRpLmPwCz8.pN_zxZt_0CmF3Fy91MpLi_OXwX_Ym96MvL2_OXwX_YmMq5i8hQlM_zxZt_0Ck9n82F2_OXwX_YmC2_OXwX_YmMmWpIvF_yuaw_902BtJw-Ip6mOv_LYzW_VnFu8mU.oNuI%26k%3dG3P37A.KlN%26qP%3d9XHe

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=7%3dNWRaO%26H%3dJ%26H%3dQYI%26I%3dRdIVT%26Q%3dz5w7sNFL_0uov_K5_Dwkt_NB_0uov_J0ISE.08Q1L1O8CD7.1N_Dwkt_NB%26v%3dGGOD7O.JwN%265O%3dJXVd

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=7%3d5SSa6%26D%3dK%26H%3d8UJ%26I%3d9ZJVA%26M%3d15d3tNwH_AuVr_L5_uslt_58_AuVr_K0zOF.0oM2LhK9Cu3.2N%26g%3dEDMy5L.HhL%262M%3d5VSb

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=A%3d5UAe6%26F%3d3%26L%3d8W2%26M%3d9b2ZA%26O%3diRwJt_PTwQ_ad_LR1S_Vg_PTwQ_ZiQxU.iFvGu9tNlLb.Gw_LR1S_VgDoOjPhMqGu5_syVt_3DhRqMuN_syVt_3DvCuCv_LR1S_VgBh0bSoN_syVt_3DlN_syVt_3Dv91GrHj_PTwQ_ZiMbJxNf_PTwQ_Zi7pLvChJl-JfP-j9tRlLf-Jh-7pJl7iC-q9pL9d5bdNbJl.BuKo%268%3dnSvPda.q9u%26Gv%3dV5hA

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=9%3d3VNc4%26G%3dF%26J%3d6XE%26K%3d7cEX9%26P%3dvPuK7_NRxd_Yb_MeyQ_Wt_NRxd_XgRAS.gG9Es07LjMo.Eu_MeyQ_WtBmPwNfN4Es6_6wTu_FBfS4KsO_6wTu_FBtD8At_MeyQ_Wt0fAoQmO_6wTu_FBjO_6wTu_FBt0DEpIw_NRxd_XgNoHvOs_NRxd_Xg83JtDuHj-KsN-h07PjMs-Hf-83Hj8vA-o03J7b6obOoHj.C8Im%269%3d1QtQqY.o08%26Et%3dWHf9

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=8%3dKWHbL%26H%3d0%26I%3dNY9%26J%3dOd9WQ%26Q%3dpOCL1_MjyX_Xt_NYxi_Xn_MjyX_WyS5R.yH3DAA1K2Ni.DC_NYxi_XnA5QqMxOxDA7_zvlv_0AxTxJAP_zvlv_0ABE20B_NYxi_Xn9xBiP5P_zvlv_0A2P_zvlv_0ABA8D8Jq_MjyX_WyOiGDPm_MjyX_Wy9wIBEoG2-LmM-zA1O2Nm-Gx-9wG29p0-7AwI6t7itPiG2.D2H5%260%3duPBRkX.7A2%26DB%3dXBeQ

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=0%3dHTJdI%26E%3dB%26K%3dKVA%26L%3dLaAYN%26N%3drQ0I3_OgvZ_Zq_Kazf_Up_OgvZ_YvP7T.vE5F883MyKk.F0_Kazf_UpC2NsOuLzF84_2xis_BCuQzL8M_2xis_BC9B4B9_Kazf_UpAu9kR2M_2xis_BCyM_2xis_BC980F5Gs_OgvZ_YvLkIAMo_OgvZ_Yv7s-05Lk-EqGxL-645Oq-B-l835sKy.A4J2%2678q4k%3dwR9OmZ.484%26F9%3dUDgN

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=6%3d5UXZ6%26F%3dP%26G%3d8WO%26H%3d9bOUA%26O%3d6MwJG_KTwn_Vd_LovS_V4_KTwn_UiQKP.iFIBu9GIlLy.Bw_LovS_V49oO7KhMDBu5_FtVt_P9hRDHuN_FtVt_P9vCH8v_LovS_V47h0yNoN_FtVt_P9lN_FtVt_P9v9NBrH7_KTwn_UiHyGq5_FtVt_P9xG77l076dNCKl-J3K-o5-GMdHN4-g90-5h63-4d5y6rG3-Lf95El9FEl.BHFo%268%3dANvP1V.q9H%26Bv%3dVRcA

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=9%3dETPcF%26E%3dH%26J%3dHVG%26K%3dIaGXK%26N%3dxP7I9_Ndvf_Yn_Kgyc_Uv_Ndvf_XsPCS.sEAE589LvKq.E7_Kgyc_UvByNyNrL6E54_8wfs_HBrQ6K5M_8wfs_HB6B0A6_Kgyc_Uv0r9qQyM_8wfs_HBvM_8wfs_HB68FE2Gy_Ndvf_XsMuI3H-2Eo88K_5tiv_E9yJ-oBsE-pH4-InF37-r-IqLn-65Ir-7n4qLsAtEyA58-yH-68wCvH2E1H.xPzE%26t%3dI8LB9F.GuP%26vL%3dHZMa

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=5%3dNXAYO%26I%3d3%26F%3dQZ2%26G%3dRe2TT%26R%3diLFMt_JmzQ_Uw_ORul_Yg_JmzQ_T2TxO.2IvADBtH5Ob.AF_ORul_Yg88RjJ1PqAD8_ssow_381UqGDQ_ssow_38EFu7E_ORul_Yg61CbM8Q_ssow_385Q_ssow_38EB1AAKj_JmzQ_T2PbDGQf_JmzQ_T2Aj-5APb-0wKoG-B8vJw-F-c399jF5.EuE8%26A3w8b%3dnMESdU.0Bu%26AE%3dY5bT

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=8%3dCUFbD%26F%3d8%26I%3dFW7%26J%3dGb7WI%26O%3dnO5Jy_MbwV_Xl_LWxa_Vl_MbwV_WqQ3R.qF1D39yKtLg.D5_LWxa_VlAwOoMpMvD35_xvdt_8ApRvJ3N_xvdt_8A4Cz04_LWxa_Vl9p0gPwN_xvdt_8AtN_xvdt_8A496DzHo_MbwV_WqHgIy5_xvdt_8A6Go9t0o8lNuMt-JkM-w5-yOlH66-o9r-7p6k-6l5g8zGk-Nn9mGt9xGt.BzHw%268%3dsP4PiX.y9z%26D4%3dV0eI

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=9%3dHTNcI%26E%3dF%26J%3dKVE%26K%3dLaEXN%26N%3dvP0I7_Ngvd_Yq_Keyf_Ut_Ngvd_XvPAS.vE9E887LyKo.E0_Keyf_UtB2NwNuL4E84_6wis_FBuQ4K8M_6wis_FB9B8A9_Keyf_Ut0u9oQ2M_6wis_FByM_6wis_FB98DE5Gw_Ngvd_XvMsI6H-zEr86K_8tgv_H9wJ-rBqE-sH2-IqF17-u-IoLq-63Iu-7q4oLqAwEwA88-wH-98uCyHzE4H.vP3E%26r%3dIAL09I.GsP%26yL%3dFZPa

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/t?q=9%3dGYNcH%26J%3dF%26J%3dJaE%26K%3dKfEXM%26S%3dvP9N7_Nf1d_Yp_Peye_Zt_Nf1d_XuUAS.uJ9E7C7LxPo.E9_Peye_ZtLpEwJp-N6KsM8Px.NvL%26s%3dK9OAAG.JtR%26w7p9oO%3dGbNd

Search URL Search Domain Scan URL

URL: http://www.fluirespira.it/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.fluirespira.it/fluirespira/opencms/it/contattaci/
Title: Contatti

Search URL Search Domain Scan URL

URL: http://www.zambon.it/it/zmit-homezit/zc-home/entry/0/362/0/home-page.html
Title: Zambon Group

Search URL Search Domain Scan URL

URL: http://customer21073.musvc3.net/e/r?q=Mu%3d8wMvI_utYp_64_xqVs_86_utYp_59hQ1Zi.5p4oBvI.iEp_KWsS_Ul6_utYp_59uEx.4yF1_KWsS_Ul_HTvV_Sic0_HTvV_Sg_KWsS_Ul_FsNA.V-BFq_HTvV_SgJ5Y-h_KWsS_UBN_utYp_67vL_utYp_5Y_xqVs_94vI3RCUj2_utYp_67DGtO7ZxM6_HTvV_RicBK3S7VyS_xqVs_8V_u4g1dtYp_5Y9T3-QxN8P4FzHFQQfRm%26f%3dU7Z0V%26j%3dCxL236.GkJ%26lL%3d8TCa%26r%3dR%26q%3dX9Q%26r%3dYDQ5a%26z%3d-X7VAT8Y8
Title: Se non desideri ricevere più la nostra newsletter clicca qui

Search URL Search Domain Scan URL

URL: http://www.fluirespira.it/fluirespira/export/sites/default/it/sezioni/salute/index.html

Search URL Search Domain Scan URL

URL: http://www.fluirespira.it/fluirespira/export/sites/default/it/sezioni/alimentazione/index.html

Search URL Search Domain Scan URL

URL: http://www.fluirespira.it/fluirespira/export/sites/default/it/sezioni/nanna/index.html

Search URL Search Domain Scan URL

URL: http://www.fluirespira.it/fluirespira/export/sites/default/it/sezioni/tempo-libero/index.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://customer21073.musvc3.net/e/r?q=Qv%3dFCQw_PjzW_at_OX1i_Ym_PjzW_Zy98VP0.lKtFsQ9.0vK_AxZx_KCm_PjzW_ZyOuJ.tPwV_AxZx_KC_yylw_0DzAs_PjzW_awV4M8Y9_PjzW_ZOU_yylw_0B9S_yylw_9dSAu_PjzW_awR7_PjzW_ZOU_yylw_0B9S_yylw_9dw8_yylw_0BGOvV_AxZx_Kc5_PjzW_awM3_PjzW_ZOA0h_AxZx_L8_yylw_0B5.bAY5giYJ_OX1i_YCezc_yylw_9dG_OX1i_ZkN9_OX1i_YCOM_OX1i_Zh_PjzW_ZOU_yylw_0B9S_8h9tyylw_9dKbnC18nhO_OX1i_YCDG0GD_AxZx_LAwOM_uJtf%260%3d9YSd0%26B%3d6RzTvZ.uCC%26Fz%3dZMgE%26J%3dK%26K%3dBaJ%26L%3dCfJYE%26R%3d-JY0YPgDdPa HTTP 301
http://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM HTTP 301
https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.fluirespira.it/dem/testata.png HTTP 301
https://www.fluirespira.it/dem/testata.png

Request Chain 2

http://www.fluirespira.it/dem/su.png HTTP 301
https://www.fluirespira.it/dem/su.png

Request Chain 6

http://www.fluirespira.it/dem/button.png HTTP 301
https://www.fluirespira.it/dem/button.png

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
b1x7c.emailsp.com/f/rnl.aspx/
Redirect Chain

http://customer21073.musvc3.net/e/r?q=Qv%3dFCQw_PjzW_at_OX1i_Ym_PjzW_Zy98VP0.lKtFsQ9.0vK_AxZx_KCm_PjzW_ZyOuJ.tPwV_AxZx_KC_yylw_0DzAs_PjzW_awV4M8Y9_PjzW_ZOU_yylw_0B9S_yylw_9dSAu_PjzW_awR7_PjzW_ZOU_y...
http://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM

12 KB
6 KB

1020ms
891ms

Document
text/html

13.226.132.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.5 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ce835492cfea4f6cee325d46ebe6aa8774305ed251a882022145ddf2f50e83ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: b1x7c.emailsp.com
:scheme: https
:path: /f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 5635
cache-control: private
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Fri, 06 Nov 2020 08:45:29 GMT
set-cookie: BIGipServercu_front_80_pool=!RiaurhJujA8/okFG1lJNbKRWtAtM6abBlKogmq4roOM9WancNpyWPuMkyYgn+AuDHmcwLiy7111s49E=; path=/; Httponly; Secure
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: LmT1ZZVflCy7oZpXBt7gDBg6V0KF0GqguMkS91fXL-zxS27wRCmwmA==

Redirect headers

Server: CloudFront
Date: Fri, 06 Nov 2020 08:45:28 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
X-Cache: Redirect from cloudfront
Via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 53XCCCYkAzE2oO3nGCUtlO2_KHD6m8FrEHHy1WBH2_0JXkXeQtwz9Q==

GET
H2

200

testata.png
www.fluirespira.it/dem/
Redirect Chain

http://www.fluirespira.it/dem/testata.png
https://www.fluirespira.it/dem/testata.png

45 KB
45 KB

240ms
233ms

Image
image/png

80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it/dem/testata.png
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: 5f5b9e227a6caa5b4bb5c3fe1ba375d22171964f6cc34455938db83e3ed00f96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Tue, 02 Feb 2016 13:05:24 GMT
server: nginx
x-powered-by: PleskLin
etag: "56b0a994-b34e"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 45902

Redirect headers

Location: https://www.fluirespira.it/dem/testata.png
Date: Fri, 06 Nov 2020 08:45:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 1590031758_coliche.jpg
www.fluirespira.it//foto/ 34 KB
34 KB 394ms
215ms Image
image/jpeg 80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it//foto/1590031758_coliche.jpg
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: d5e7a2996c564758a68081bda5688b23822dd92502ec7890e3a34f877e33b0b6

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Thu, 21 May 2020 03:29:18 GMT
server: nginx
x-powered-by: PleskLin
etag: "5ec5f58e-8853"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 34899

GET
H2

200

su.png
www.fluirespira.it/dem/
Redirect Chain

http://www.fluirespira.it/dem/su.png
https://www.fluirespira.it/dem/su.png

2 KB
3 KB

212ms
212ms

Image
image/png

80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it/dem/su.png
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: 4f3942a03c8dd64df15bfc57540ecb93a741155fc001d09facb65803ee4bc781

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Fri, 29 Jan 2016 13:47:41 GMT
server: nginx
x-powered-by: PleskLin
etag: "56ab6d7d-9fb"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2555

Redirect headers

Location: https://www.fluirespira.it/dem/su.png
Date: Fri, 06 Nov 2020 08:45:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 1590032084_paura_neonati.jpg
www.fluirespira.it//foto/ 64 KB
65 KB 328ms
150ms Image
image/jpeg 80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it//foto/1590032084_paura_neonati.jpg
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: 8403dd253406fd09c1ae4067c0053866b34e1f0ad6cd326e1ba2af86f16f5068

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Thu, 21 May 2020 03:34:44 GMT
server: nginx
x-powered-by: PleskLin
etag: "5ec5f6d4-10151"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 65873

GET
H2 200 1590031956_umidificatore.jpg
www.fluirespira.it//foto/ 43 KB
43 KB 412ms
234ms Image
image/jpeg 80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it//foto/1590031956_umidificatore.jpg
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: 6e7356727d263c347e10b94fb975e2afb683202e73dd54fca40a0dfbe50f9024

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Thu, 21 May 2020 03:32:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "5ec5f654-aa7b"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 43643

GET
H2 200 1561956439_In-bici-con-mamma-e-papa.jpg
www.fluirespira.it//foto/ 60 KB
60 KB 411ms
234ms Image
image/jpeg 80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it//foto/1561956439_In-bici-con-mamma-e-papa.jpg
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: 403179c358e8164de5a4a786a3fe71e5cb9b2dbad40ac96ac8dd231fb01301f1

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Mon, 01 Jul 2019 04:47:19 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d199057-efe4"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 61412

GET
H2

200

button.png
www.fluirespira.it/dem/
Redirect Chain

http://www.fluirespira.it/dem/button.png
https://www.fluirespira.it/dem/button.png

2 KB
2 KB

246ms
234ms

Image
image/png

80.211.162.39
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fluirespira.it/dem/button.png
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.211.162.39 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host39-162-211-80.serverdedicati.aruba.it
Software: nginx / PleskLin
Resource Hash: c028ef137af2dffc3f4c58192918358745ac997868751885dcbeee48d577066e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:28 GMT
last-modified: Tue, 02 Feb 2016 12:21:46 GMT
server: nginx
x-powered-by: PleskLin
etag: "56b09f5a-826"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2086

Redirect headers

Location: https://www.fluirespira.it/dem/button.png
Date: Fri, 06 Nov 2020 08:45:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK fluirespira_autorizzato_22maggio20.gif
customer21073.img.musvc3.net/static/21073/images/2/ 64 KB
64 KB 136ms
91ms Image
image/gif 13.226.132.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://customer21073.img.musvc3.net/static/21073/images/2/fluirespira_autorizzato_22maggio20.gif
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: HTTP/1.1
Server: 13.226.132.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-86.dus51.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e2938d0ded26aa14ea3ff4a2ee660778acc1dd29f166a68827454d4462c1f71c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 13:02:02 GMT
Via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Jun 2020 13:10:07 GMT
Server: Microsoft-IIS/10.0
Age: 71007
X-Powered-By: ASP.NET
ETag: "5c271e78713ad61:0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 65196
X-Amz-Cf-Id: 93Ozl3ANG06AB32DTtkxdBlJQ2igRtKqTj1Zt8o9WmtyJu9D5naW3g==

GET
H/1.1 200
OK c
customer21073.musvc3.net/e/ 74 B
295 B 70ms
69ms Image
image/png 52.51.7.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://customer21073.musvc3.net/e/c?q=3%3dOUOWP%26F%3dG%26D%3dRWF%26E%3dSbFRU%26B%3dq1x5pRPcL4SZ-K41a-IZ1b-q5x7-sUPdtQRUNRxd%26xI%3dOXOX%261%3dG0II7H.D2N%269%3dWSUIQTUGV
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
Protocol: HTTP/1.1
Server: 52.51.7.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-7-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 08:45:29 GMT
Cache-Control: no-cache
Connection: keep-alive
Transfer-Encoding: chunked
X-Request-Id: a8fcef4d-92d6-494f-8bc4-db5308839e39
Content-Type: image/png

GET
H2 200 frontendPendoLoader.js Show response
b1x7c.emailsp.com/js/ 2 KB
2 KB 63ms
61ms Script
application/javascript 13.226.132.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b1x7c.emailsp.com/js/frontendPendoLoader.js

Requested by

Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.5 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
status: 200
content-length: 1118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 03 Nov 2020 16:53:36 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "068ffde1b2d61:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
cache-control: max-age=1200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: veAshqja9Y4eOZzsp-821OAyJFQ4GeZqzyAM9bGXpJMIooNu4HwMsA==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/ 352 KB
112 KB 260ms
64ms Script
application/javascript 13.226.132.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by: Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/js/frontendPendoLoader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-76.dus51.r.cloudfront.net
Software: UploadServer /
Resource Hash: 36417c72660f1b2382a8da4cec5da2c15a71dca1548d5bfbaa5ba252830c69d2

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 08:44:15 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 79
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Mon, 19 Oct 2020 18:08:56 GMT
Server: UploadServer
ETag: "395fed5dd069d7ffd3cfaed604acdb12"
Vary: Accept-Encoding
x-goog-hash: crc32c=r3Et0Q==, md5=OV/tXdBp1//Tz67WBKzbEg==
x-goog-generation: 1603130936362819
Via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 113206
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-GUploader-UploadID: ABg5-UypZgzCQmLp958gdRpAEQ3nDUuvVZe49prGbSaDqLgIiO1W1d6wmZZBIpck1BMj9uDYR3KYofLp4qoO0FO8RhQ
X-Amz-Cf-Id: audtEd_M-CxmN0TaF80KMzsWOBm3oTpmqgeR0L-6G-oP_oU6YjS5Rw==
Expires: Fri, 06 Nov 2020 08:51:40 GMT

POST
H2 200 GetPendoSettings Show response
b1x7c.emailsp.com/frontend/webMethods/Console.asmx/ 59 B
448 B 224ms
224ms XHR
application/json 13.226.132.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b1x7c.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Requested by

Host: b1x7c.emailsp.com
URL: https://b1x7c.emailsp.com/js/frontendPendoLoader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.5 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-5.dus51.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5e282597e1ab771f95fe0e23da0687457e21cb83744cb2aa237a2eba976fcd5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Fri, 06 Nov 2020 08:45:29 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-amz-cf-pop: DUS51-C1
status: 200
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
content-length: 59
x-xss-protection: 1; mode=block
x-amz-cf-id: ncaCTCJqrgYWPZaoP7zerBa2VAL1w8FccttZqvgFeYx5-qI0CMk8Wg==

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
app.pendo.io/data/ptm.gif/ 42 B
280 B 349ms
204ms Image
image/gif 2001:4860:4802:34::34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?v=2.69.2_prod&ct=1604652329813&jzb=eJzdUl9r2zAc_C568FOwJcV_WoMZIQusa5Ml-wMbYwjFkh2BbCmyktgr-e6Vlsx0MPrUp75Jv7sTv7vTz0dgB81BDgTjrRXVACZga9Sp44ZY0TgEpTBOEzzFtzcwnoCj6IRVhgjmRNCxaVmqQ2svA4xgNnXDg5HutrNWd3kUbVGflSFvqJCdDkvVRFVkWhnSTvfRu5rJYjgphXHQF_oYQNYWh9-XM6NFb1R_vUxhXsgwiZGEW4SCrE49oIN9nF8YOKn5jtYwDaq-hFWh9zFZzR-WbiNtlO5A_giUZOQfE2S9WL3_RL6S5WJxv7q7-VDv107wnAP_a_M8AZZu7_xggzc_Hr5_Pu67-1M7bCqnrwxt-B_w40wlYj2fLedm1ZU74SMeLHfbTLP4PBkraLilL8afvoH4rwb8cfQgaVsfaO0z4C359sUne_U18sbINTXup85G2I0YtV4L0wihCEPs3zxy0wnVemWY3oaYuA3YK1QWY_ysMqkoe7Gy7A1U5k3-tZYg-ArfHqHzrydGf2iI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:30 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 200
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2 Show response
app.pendo.io/data/guide.js/ 6 KB
4 KB 361ms
222ms Script
application/javascript 2001:4860:4802:34::34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJw9j09PhDAQR79LD5xM_y0LkaQxxpOJejGeySwtXZLSdkvBquG7b3GV27z5zUzm_aBlmIbowrNEDaLoDkHXudnGX-aM1ofcm4PJdI7RTw0hJ5bqDqsRBjN53LmR9CRYg2HyiTxoacTXp3OcF0n4paDSivn7VksQKbj0BwfaCIOPJTP0xFhR62oLfHEpm9sEP2p1Bk2rok8d7YW_lO3b08tr_mhUESREQM1usJXDv4UBq2fQKqOy7cc7Wnezfe5mlwMPQdn4uMe5lW9vu7QijBFO-XZzUWEanN02cXWPeeuDk2hdr0NSZTE&v=2.69.2_prod&ct=1604652329818

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e43b33dec5f06030e968c4493c26726f5544c4483d67e50c06930984582f1797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
via: 1.1 google

GET
H/1.1 200
OK guide.css
cdn.pendo.io/agent/releases/2.69.2/ 16 KB
4 KB 364ms
63ms Stylesheet
text/css 13.226.132.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/releases/2.69.2/guide.css
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-76.dus51.r.cloudfront.net
Software: UploadServer /
Resource Hash: ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396

Request headers

Referer: https://b1x7c.emailsp.com/f/rnl.aspx/?gdl=ywoo22&x=pv&0dn=uz&x=pv&da=xrox&x=pv&d30:=l.541l0b11&7g6&x=pp&q4:&x=pv&25gehag06&fxc0f=pq4_NCLM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 08:41:35 GMT
Content-Encoding: gzip
Content-Type: text/css
Age: 572
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Mon, 19 Oct 2020 17:14:47 GMT
Server: UploadServer
ETag: "79ebf9d034d448be5a3e5511f22b1af5"
Vary: Accept-Encoding
x-goog-hash: crc32c=lKQ+Eg==, md5=eev50DTUSL5aPlUR8isa9Q==
x-goog-generation: 1603127687293864
Via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: no-cache
x-goog-stored-content-length: 2742
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-GUploader-UploadID: ABg5-Uzz6CAVOaAqJDP-h3JSa5o3k6OLXVp_-vqQ7NDEyo2j_yo2qs4iM2KRtiok8UFABTHKDrXucXyT-Nx69JsV-OkJSIKkBA
X-Amz-Cf-Id: ZDKcQJ_pvjw-27EXKmY77uXxigYPQ8edFl-OIZcMDXN4NoTA0U5xpA==
Expires: Sat, 06 Nov 2021 08:35:58 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			b1x7c.emailsp.com/	1969-12-31 23:59:59	Name: BIGipServercu_front_80_pool Value: !RiaurhJujA8/okFG1lJNbKRWtAtM6abBlKogmq4roOM9WancNpyWPuMkyYgn+AuDHmcwLiy7111s49E=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.pendo.io
b1x7c.emailsp.com
cdn.pendo.io
customer21073.img.musvc3.net
customer21073.musvc3.net
www.fluirespira.it
13.226.132.5
13.226.132.76
13.226.132.86
2001:4860:4802:34::34
52.51.7.134
80.211.162.39
36417c72660f1b2382a8da4cec5da2c15a71dca1548d5bfbaa5ba252830c69d2
403179c358e8164de5a4a786a3fe71e5cb9b2dbad40ac96ac8dd231fb01301f1
4f3942a03c8dd64df15bfc57540ecb93a741155fc001d09facb65803ee4bc781
5e282597e1ab771f95fe0e23da0687457e21cb83744cb2aa237a2eba976fcd5e
5f5b9e227a6caa5b4bb5c3fe1ba375d22171964f6cc34455938db83e3ed00f96
6e7356727d263c347e10b94fb975e2afb683202e73dd54fca40a0dfbe50f9024
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
8403dd253406fd09c1ae4067c0053866b34e1f0ad6cd326e1ba2af86f16f5068
c028ef137af2dffc3f4c58192918358745ac997868751885dcbeee48d577066e
ce835492cfea4f6cee325d46ebe6aa8774305ed251a882022145ddf2f50e83ee
d5e7a2996c564758a68081bda5688b23822dd92502ec7890e3a34f877e33b0b6
e2938d0ded26aa14ea3ff4a2ee660778acc1dd29f166a68827454d4462c1f71c
e43b33dec5f06030e968c4493c26726f5544c4483d67e50c06930984582f1797
ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

b1x7c.emailsp.com Open in urlscan Pro 13.226.132.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

88 %HTTPS

17 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

444 kBTransfer

702 kBSize

1 Cookies

24 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

b1x7c.emailsp.com Open in urlscan Pro
13.226.132.5 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

444 kB
Transfer

702 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions