www.expressoprod.com Open in urlscan Pro
204.93.139.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f6...
Submission: On August 15 via manual (August 15th 2023, 9:03:22 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 204.93.139.244, located in United States and belongs to RADWARE-CLOUD-SERVICES, US. The main domain is www.expressoprod.com. The Cisco Umbrella rank of the primary domain is 635843.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2022. Valid for: a year.

This is the only time www.expressoprod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

D7010C9B-1FD3-46BD-88E7-A2DDD3AA2EEB.PDF 221 KB application/pdf

SHA256: 382dc63502f7a5d97aff36e7b1adb02503235330ceae052b58255535a3e2e3d2

MIME: PDF document, version 1.5

Size: 221 KB (226559 bytes, 100% done)

Downloaded from: https://www.nordisdirect.net:4433/ExpOut/080423_1392187604/D7010C9B-1FD3-46BD-88E7-A2DDD3AA2EEB.PDF

Domain & IP information

	IP Address	AS Autonomous System
1 18	204.93.139.244 204.93.139.244	25773 (RADWARE-C...) (RADWARE-CLOUD-SERVICES)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	68.168.245.238 68.168.245.238	33561 (LUNAVI-WY) (LUNAVI-WY)
19	3

18 204.93.139.244 (United States) 1 redirects

ASN25773 (RADWARE-CLOUD-SERVICES, US)
PTR: unknown.scnet.net

www.expressoprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
expressoprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.168.245.238 (Washington, United States)

ASN33561 (LUNAVI-WY, US)
PTR: 68.168.245.238.STATIC.GREENHOUSEDATA.NET

www.nordisdirect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	expressoprod.com 1 redirects www.expressoprod.com — Cisco Umbrella Rank: 635843 expressoprod.com — Cisco Umbrella Rank: 434319	106 KB
1	nordisdirect.net www.nordisdirect.net
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392	34 KB
19	3

	Domain	Requested by
17	www.expressoprod.com	1 redirects www.expressoprod.com
1	expressoprod.com	www.expressoprod.com
1	www.nordisdirect.net	www.expressoprod.com
1	ajax.googleapis.com	www.expressoprod.com
19	4

This site contains links to these domains. Also see Links.

Domain
www.nordistechnologies.com

Subject Issuer	Validity	Valid
*.expressoprod.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-25` - `2023-11-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.nordisdirect.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-02-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
Frame ID: 3EA2B3F3A5173F4EA65078C3768F47F0
Requests: 18 HTTP requests in this frame

Frame: https://www.nordisdirect.net:4433/ExpOut/080423_1392187604/D7010C9B-1FD3-46BD-88E7-A2DDD3AA2EEB.PDF
Frame ID: 71ACF85E56C55BF84D84AF935D3F16DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Retrieve PDF File

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

139 kB
Transfer

335 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nordistechnologies.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.expressoprod.com/ClientPDF/images1/BlueBdr.png HTTP 302
https://expressoprod.com/logon.aspx

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request GetPdf.aspx Show response
www.expressoprod.com/ClientPDF/ 10 KB
6 KB 647ms
368ms Document
text/html 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

dc74f11342947e9621d52d6d717be880e6039935278573410097be5e793ff805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Aug 2023 21:03:16 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 GlobalExpresso2011.css
www.expressoprod.com/ClientPDF/styles/ 9 KB
2 KB 162ms
161ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/styles/GlobalExpresso2011.css

Requested by

Host: www.expressoprod.com
URL: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

6ec11a97860049ab3014cd626f642216eab8b172b2a6727fe29f8d228e48b9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 20:52:27 GMT
server: Microsoft-IIS/10.0
etag: W/"8037185580ebd61:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 Globalbkgr.css
www.expressoprod.com/ClientPDF/styles/ 123 B
346 B 165ms
163ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/styles/Globalbkgr.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

b75ffd94f690eb87d424627e32bd2d298943321413f2ca931d2e21686b20a0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Aug 2012 16:58:37 GMT
server: Microsoft-IIS/10.0
etag: "854abe3677bcd1:0"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 123
x-xss-protection: 1; mode=block

GET
H2 200 StandardFooter.css
www.expressoprod.com/styles/ 649 B
501 B 163ms
161ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/styles/StandardFooter.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

aa5c25672349ecc3a80a109a9e1de03523f887cc6ce0090e5014932a01719469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 20:18:14 GMT
server: Microsoft-IIS/10.0
etag: W/"0c76117f64d71:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
www.expressoprod.com/ClientPDF/bootstrap/css/ 118 KB
25 KB 406ms
405ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/bootstrap/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: W/"801a2bb450e7d31:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 loader.css
www.expressoprod.com/ClientPDF/jquery-loader/ 574 B
530 B 290ms
289ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/jquery-loader/loader.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

24c0cbd994db0259392d53cfa4e0b5657b6452e303fa3024caa21557b3397843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: W/"9f542b450e7d31:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 site.css
www.expressoprod.com/ClientPDF/styles/ 516 B
514 B 290ms
289ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/styles/site.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

df7d3fc4d0b1e464aab89547af368c35c9e7bf38006023c461ac6da6415832e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: W/"e1a142b450e7d31:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 SecureEmail.css
www.expressoprod.com/ClientPDF/styles/ 793 B
582 B 292ms
290ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/styles/SecureEmail.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

98beb7631e274cc61d43d5aa2a507c227ef6464899f1171910caf981805d0a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 May 2022 15:49:59 GMT
server: Microsoft-IIS/10.0
etag: W/"ab445ec856fd81:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 196ms
57ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 14:18:07 GMT

GET
H2 200 bootstrap.min.js Show response
www.expressoprod.com/ClientPDF/bootstrap/js/ 36 KB
10 KB 289ms
288ms Script
application/javascript 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/bootstrap/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: "801a2bb450e7d31:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
content-length: 9846
x-xss-protection: 1; mode=block

GET
H2 200 loader.js Show response
www.expressoprod.com/ClientPDF/jquery-loader/ 6 KB
2 KB 290ms
289ms Script
application/javascript 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/jquery-loader/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

69b06f54cac6cef33aba3cfe668c67200cbc66a2df2dcb62ca1401ccba44a31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: W/"af2c42b450e7d31:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 ThumbNail.aspx
www.expressoprod.com/ClientPDF/ 5 KB
6 KB 172ms
172ms Image
image/jpeg 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expressoprod.com/ClientPDF/ThumbNail.aspx?type=thumbnail2&url=\\\\nordis.cc\\DFS%20Cloud\\DLG_eXpressoClientImages\\229_WCFGEN\\SecureEmails\\new_club-wyndham-azure-rgb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

9920ffb8205e6520652ba9a231722547e8815b48a1fafa86c5199683ca619d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/jpeg
cache-control: no-cache
content-length: 5413
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 getpdf.css
www.expressoprod.com/ClientPDF/styles/ 110 B
335 B 160ms
160ms Stylesheet
text/css 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressoprod.com/ClientPDF/styles/getpdf.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

3ebe3bc7185cd5276bcb844d081b0c8d00c9137d2e0fca9472eb0ed414ffc132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: "d17a42b450e7d31:0"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 110
x-xss-protection: 1; mode=block

GET
H2 200 GlobalBkgr.png
www.expressoprod.com/ClientPDF/images1/ 934 B
1 KB 160ms
160ms Image
image/png 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expressoprod.com/ClientPDF/images1/GlobalBkgr.png

Requested by

Host: www.expressoprod.com
URL: https://www.expressoprod.com/ClientPDF/styles/Globalbkgr.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

ac22bc20e53cee7412fc31681f3648b4928863e2a87f969b2295347603837043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/ClientPDF/styles/Globalbkgr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 04:46:33 GMT
server: Microsoft-IIS/10.0
etag: "f0d3eb450e7d31:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 934
x-xss-protection: 1; mode=block

GET
H2 200 D7010C9B-1FD3-46BD-88E7-A2DDD3AA2EEB.PDF
www.nordisdirect.net/ExpOut/080423_1392187604/ Frame 71AC 0
0 615ms
286ms Document
application/pdf 68.168.245.238
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nordisdirect.net:4433/ExpOut/080423_1392187604/D7010C9B-1FD3-46BD-88E7-A2DDD3AA2EEB.PDF
Requested by: Host: www.expressoprod.com
URL: https://www.expressoprod.com/ClientPDF/GetPdf.aspx?id=1392187604&ClientID=229&SplitID=WCF_Secure_Email_WVRUSD&oID=046a0231-f658-403d-be3e-b1970467bb2b&mldata=eyJMb2dvUGF0aCI6IlxcXFxub3JkaXMuY2NcXERGUyBDbG91ZFxcRExHX2VYcHJlc3NvQ2xpZW50SW1hZ2VzXFwyMjlfV0NGR0VOXFxTZWN1cmVFbWFpbHNcXG5ld19jbHViLXd5bmRoYW0tYXp1cmUtcmdiLmpwZyIsIkZyb21MYWJlbE92ZXJyaWRlIjoiIiwiVG9MYWJlbE92ZXJyaWRlIjoiIiwiT3ZlcnJpZGVQZGZUb1ZpZXdGb3JUZXN0IjpudWxsLCJFbWFpbFN1YmplY3RMYWJlbCI6IiIsIkN1c3RvbUZvb3RlciI6ZmFsc2UsIlNob3dGb290ZXIiOmZhbHNlLCJGb290ZXJIVE1MIjoiIiwiVG9wTWVzc2FnZSI6IiIsIklzVGV4dFNwbGl0IjpmYWxzZSwiRW5hYmxlQ2FsbFRvQWN0aW9uIjpmYWxzZSwiQ2FsbFRvQWN0aW9uQnV0dG9uTGFiZWwiOiIiLCJDYWxsVG9BY3Rpb25VUkwiOiIiLCJGb250SGV4Q29sb3JDb2RlIjoiIiwiQnV0dG9uSGV4Q29sb3JDb2RlIjoiIn0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.168.245.238 Washington, United States, ASN33561 (LUNAVI-WY, US),
Reverse DNS: 68.168.245.238.STATIC.GREENHOUSEDATA.NET
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://www.expressoprod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 226559
content-type: application/pdf
date: Tue, 15 Aug 2023 21:03:17 GMT
etag: "314199790c7d91:0"
last-modified: Fri, 04 Aug 2023 18:21:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2

200

logon.aspx
expressoprod.com/
Redirect Chain

https://www.expressoprod.com/ClientPDF/images1/BlueBdr.png
https://expressoprod.com/logon.aspx

0
0

185ms
172ms

Image
text/html

204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://expressoprod.com/logon.aspx
Requested by: Host: www.expressoprod.com
URL: https://www.expressoprod.com/ClientPDF/styles/GlobalExpresso2011.css
Protocol: H2
Server: 204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),
Reverse DNS: unknown.scnet.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://expressoprod.com/logon.aspx
content-length: 158
x-xss-protection: 1; mode=block

GET
H2 200 PoweredByNordisDirect.png
www.expressoprod.com/styles/expresso/expresso-images/ 19 KB
19 KB 262ms
261ms Image
image/png 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expressoprod.com/styles/expresso/expresso-images/PoweredByNordisDirect.png

Requested by

Host: www.expressoprod.com
URL: https://www.expressoprod.com/styles/StandardFooter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

b802d75e6b51addd349e55dfc85c486b7d5099a0085eaf4b1819b9b264ec3c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/styles/StandardFooter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 20:18:14 GMT
server: Microsoft-IIS/10.0
etag: "0c76117f64d71:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 19653
x-xss-protection: 1; mode=block

GET
H2 200 HIPAAcompliant.png
www.expressoprod.com/styles/expresso/expresso-images/ 13 KB
14 KB 163ms
162ms Image
image/png 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expressoprod.com/styles/expresso/expresso-images/HIPAAcompliant.png

Requested by

Host: www.expressoprod.com
URL: https://www.expressoprod.com/styles/StandardFooter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

8542d3dfa1420577033c56c19e7b8e4acdf77df7fb61334771b989ac39bf7d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/styles/StandardFooter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 20:18:14 GMT
server: Microsoft-IIS/10.0
etag: "0c76117f64d71:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 13666
x-xss-protection: 1; mode=block

GET
H2 200 SOC2logoSM.png
www.expressoprod.com/styles/expresso/expresso-images/ 18 KB
18 KB 163ms
163ms Image
image/png 204.93.139.244
RADWARE-CLOUD-SER...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expressoprod.com/styles/expresso/expresso-images/SOC2logoSM.png

Requested by

Host: www.expressoprod.com
URL: https://www.expressoprod.com/styles/StandardFooter.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.93.139.244 , United States, ASN25773 (RADWARE-CLOUD-SERVICES, US),

Reverse DNS

unknown.scnet.net

Software

Microsoft-IIS/10.0 /

Resource Hash

778333d54604676f58da64543671482d21471b4072c72c3ef5c6d1be30dffb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.expressoprod.com/styles/StandardFooter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:03:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 20:18:14 GMT
server: Microsoft-IIS/10.0
etag: "0c76117f64d71:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 18440
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.expressoprod.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: udvqg4kmc5jyribe0wl3gcgi
			expressoprod.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wa4m2j5qpxaefj1kacxe2uq5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
expressoprod.com
www.expressoprod.com
www.nordisdirect.net
204.93.139.244
2a00:1450:4001:829::200a
68.168.245.238
24c0cbd994db0259392d53cfa4e0b5657b6452e303fa3024caa21557b3397843
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3ebe3bc7185cd5276bcb844d081b0c8d00c9137d2e0fca9472eb0ed414ffc132
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69b06f54cac6cef33aba3cfe668c67200cbc66a2df2dcb62ca1401ccba44a31e
6ec11a97860049ab3014cd626f642216eab8b172b2a6727fe29f8d228e48b9d1
778333d54604676f58da64543671482d21471b4072c72c3ef5c6d1be30dffb69
8542d3dfa1420577033c56c19e7b8e4acdf77df7fb61334771b989ac39bf7d3e
98beb7631e274cc61d43d5aa2a507c227ef6464899f1171910caf981805d0a96
9920ffb8205e6520652ba9a231722547e8815b48a1fafa86c5199683ca619d90
aa5c25672349ecc3a80a109a9e1de03523f887cc6ce0090e5014932a01719469
ac22bc20e53cee7412fc31681f3648b4928863e2a87f969b2295347603837043
b75ffd94f690eb87d424627e32bd2d298943321413f2ca931d2e21686b20a0c9
b802d75e6b51addd349e55dfc85c486b7d5099a0085eaf4b1819b9b264ec3c56
dc74f11342947e9621d52d6d717be880e6039935278573410097be5e793ff805
df7d3fc4d0b1e464aab89547af368c35c9e7bf38006023c461ac6da6415832e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.expressoprod.com Open in urlscan Pro 204.93.139.244 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

139 kBTransfer

335 kBSize

2 Cookies

1 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.expressoprod.com Open in urlscan Pro
204.93.139.244 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

139 kB
Transfer

335 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions