c8e7a.emailsp.com Open in urlscan Pro
13.35.253.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://customer38571.musvc1.net/e/r?q=M4%3dECM5P_Athw_L4_7xls_GC_Athw_K9rexZp.B64xIBI.rL6_Kfzi_UuC_Athw_K97K5.48MG_Kfzi_Uu_Ojve_...
Effective URL:
https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1s...
Submission: On November 29 via manual (November 29th 2021, 3:31:29 pm UTC) from DE — Scanned from DE

Summary HTTP 11 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 13.35.253.19, located in United States and belongs to AMAZON-02, US. The main domain is c8e7a.emailsp.com.
TLS certificate: Issued by Amazon on April 15th 2021. Valid for: a year.

This is the only time c8e7a.emailsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	18.203.76.113 18.203.76.113	16509 (AMAZON-02) (AMAZON-02)
3	13.35.253.19 13.35.253.19	16509 (AMAZON-02) (AMAZON-02)
4	13.35.253.46 13.35.253.46	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.31 13.35.253.31	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2013	15169 (GOOGLE) (GOOGLE)
11	5

2 18.203.76.113 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-76-113.eu-west-1.compute.amazonaws.com

customer38571.musvc1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-19.fra6.r.cloudfront.net

c8e7a.emailsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.253.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-46.fra6.r.cloudfront.net

customer38571.img.musvc1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-31.fra6.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

data.pendo-pro.beefree.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	musvc1.net 1 redirects customer38571.musvc1.net customer38571.img.musvc1.net	266 KB
3	emailsp.com c8e7a.emailsp.com	5 KB
2	beefree.io data.pendo-pro.beefree.io	2 KB
1	pendo.io cdn.pendo.io	136 KB
11	4

	Domain	Requested by
4	customer38571.img.musvc1.net	c8e7a.emailsp.com
3	c8e7a.emailsp.com	c8e7a.emailsp.com
2	data.pendo-pro.beefree.io	cdn.pendo.io
2	customer38571.musvc1.net	1 redirects c8e7a.emailsp.com
1	cdn.pendo.io	c8e7a.emailsp.com
11	5

This site contains links to these domains. Also see Links.

Domain
customer38571.musvc1.net

Subject Issuer	Validity	Valid
*.emailsp.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh
*.musvc1.net Amazon	`2021-05-01` - `2022-05-30`	a year	crt.sh
*.musvc0.net Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
data.pendo-pro.beefree.io GTS CA 1D4	`2021-11-22` - `2022-02-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Frame ID: 38747F58670678DE8CEB0606D608549E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ANNULLATO INCONTRO SOTTSASS - POLTRONOVA 1958-1974 di Ivan Mietton

Page URL History Show full URLs

https://customer38571.musvc1.net/e/r?q=M4%3dECM5P_Athw_L4_7xls_GC_Athw_K9rexZp.B64xIBI.rL6_Kfzi_UuC_Athw_K97K... HTTP 301
https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f... Page URL

Page Statistics

11
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

409 kB
Transfer

712 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://customer38571.musvc1.net/e/t?q=8%3dCdGbA%26H%3dC%26I%3dIYH%26J%3dAdEYA%26Q%3dtO4L_4vcv_E6_2weu_BB_4vcv_DA7S9.VJ91M3KoJwK.oJw_NcxZ_XrRz-91I4AzO_2weu_BB7KvKm93_NcxZ_XrW6k7mJXC_Mayb_WpWC_Mayb_Wpib-xYzfxKye-uYrfwYta1K-yWnbg.29p%260%3dyP3RoV.xA6%26D3%3dbGdB

Search URL Search Domain Scan URL

URL: https://customer38571.musvc1.net/e/t?q=A%3d6e0e4%26I%3d6%26L%3dBZA%26M%3d4e8b4%26R%3dmRwM_wyVw_89_uxXx_5C_wyVw_7DzT2.Dd0j0rLp.ArJ_wyVw_7DiLsBdWnMqBxM3WfLl_OV1S_Yk%26B%3dpRxTfX.sC9d8fw%26Fx%3dd8f7

Search URL Search Domain Scan URL

URL: https://customer38571.musvc1.net/e/t?q=0%3d4fDd2%26J%3d0%26K%3d0aE%26L%3d2fBa2%26S%3dqQuN_1xTx_B8_sybw_3D_1xTx_ACxU6.FoQ38hPjJ.dMv_OR1Y_YgDxKe99FpLnPpX98oG_1xTx_AC_sybw_4DqI_8b9jsybw_4BrQ%26e%3dK4PwA0.KfR%26rP%3d7cHY

Search URL Search Domain Scan URL

URL: https://customer38571.musvc1.net/e/r?q=L7%3dEDL8P_Bskw_M3_0xmr_JC_Bskw_L8ueyYs.B731ICH.uL7_Jizj_TxC_Bskw_L87LE.3AMH_Jizj_Tx_Okuh_Zz_Jizj_TN_Okuh_YP_Jizj_UvO_0KC_Okuh_Yz.V_0xmr_JcH_Jizj_UvMF_Jizj_TN82C_0xmr_KA8Rsey_Jizj_Us_Okuh_ZxPETLZKH_Bskw_M3_0xmr_KA_BLGU_Bskw_LX0bOR_0xmr_JCPXMRGHObPQJQOW_0xmr_Jc0NHWQKK_Okuh_YPR_0xmr_JChedt%26w%3dUPbQS%26v%3dJEKD0K.FwQ%263K%3d3s8uNbST%264%3dX%268%3daKc%269%3dSPZNS%26B%3deTTLXSXMb
Title: Unsubscribe.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://customer38571.musvc1.net/e/r?q=M4%3dECM5P_Athw_L4_7xls_GC_Athw_K9rexZp.B64xIBI.rL6_Kfzi_UuC_Athw_K97K5.48MG_Kfzi_Uu_Ojve_ZyAzD_Athw_L79RAQ7Y_Athw_L4_7xls_Gc4B_7xls_HACQ.z_Ojve_YO_Kfzi_Vs_Ojve_YyI0ZR7F_Ojve_YO7_7xls_HAuZr_Ojve_YO6sc-LCx._Ojve_YOQ_7xls_HA9O_7xls_Gcu_Kfzi_UKU_Athw_L75M_Athw_KYC_J.OaOC_Athw_KYC_Ojve_ZwIA_Ojve_YOZLdy-Spe3_Kfzi_VsP4p8tCT8uVob%260%3dLaJdJ%267%3d2RBOrX.789%26FB%3dYJfK%26E%3dF%26K%3dRVK%26L%3dJaHaJ%26M%3d-MZJaHaRbF&mupckp=mupAtu4m8OiX0wt HTTP 301
https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
c8e7a.emailsp.com/f/rnl.aspx/
Redirect Chain

https://customer38571.musvc1.net/e/r?q=M4%3dECM5P_Athw_L4_7xls_GC_Athw_K9rexZp.B64xIBI.rL6_Kfzi_UuC_Athw_K97K5.48MG_Kfzi_Uu_Ojve_ZyAzD_Athw_L79RAQ7Y_Athw_L4_7xls_Gc4B_7xls_HACQ.z_Ojve_YO_Kfzi_Vs_Oj...
https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM

6 KB
3 KB

823ms
796ms

Document
text/html

13.35.253.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-19.fra6.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

645f86c69a7430f777794e42b82a99ab1b353d9efc1bcc6cf0b0bd00009f9744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 2326
cache-control: private
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Mon, 29 Nov 2021 15:31:25 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Odk4Jf5imOW00JqPCA778VupthzsAEZq8rcG56tSGYCNauxpekbDzg==

Redirect headers

date: Mon, 29 Nov 2021 15:31:24 GMT
content-type: text/html; charset=utf-8
content-length: 201
location: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
cache-control: no-cache
x-request-id: fecdc0a2-6e3a-48c5-ba9e-10c19e60726f

GET
H/1.1 200
OK logo-fondazione-web7-150.jpg
customer38571.img.musvc1.net/static/38571/images/1/ 6 KB
7 KB 36ms
7ms Image
image/jpeg 13.35.253.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer38571.img.musvc1.net/static/38571/images/1/logo-fondazione-web7-150.jpg
Requested by: Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-46.fra6.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a91558b30c66f3bc84b206fd501053d64b4626bc46bf27bbdc266eca5af380cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 21:35:39 GMT
Via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jun 2018 12:09:02 GMT
Server: Microsoft-IIS/10.0
Age: 64546
X-Powered-By: ASP.NET
ETag: "aa18e6d3fcfbd31:0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 6500
X-Amz-Cf-Id: qSx2dYMOGlyDgHFSCSsLFHB3dZsRWWo7hhCFrIUU3Cw9o8hpy3Sg3w==

GET
H/1.1 200
OK copertina%20sottsass2.jpg
customer38571.img.musvc1.net/static/38571/images/1/layout%202/ 239 KB
240 KB 37ms
8ms Image
image/jpeg 13.35.253.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer38571.img.musvc1.net/static/38571/images/1/layout%202/copertina%20sottsass2.jpg
Requested by: Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-46.fra6.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d574c2c9badb6f13cfb996766b5038f4de2faacba1bfc7d0eadc047a6e5ca10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 14:17:26 GMT
Via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Last-Modified: Sat, 27 Nov 2021 12:00:09 GMT
Server: Microsoft-IIS/10.0
Age: 9361
X-Powered-By: ASP.NET
ETag: "4454995386e3d71:0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 244825
X-Amz-Cf-Id: huKJSHJSTqkr5nIi_ND3GEfKftCGGsofkEqgrLB1CRQESV-sWXNBlw==

GET
H/1.1 200
OK fb_galleria.jpg
customer38571.img.musvc1.net/static/38571/images/1/ 9 KB
9 KB 36ms
8ms Image
image/jpeg 13.35.253.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer38571.img.musvc1.net/static/38571/images/1/fb_galleria.jpg
Requested by: Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-46.fra6.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: efcad15a694c0459d034105e8fe12d6ce09e9e264e1e91e7c0b093f27811dc94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 16:28:57 GMT
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified: Tue, 31 May 2016 17:05:57 GMT
Server: Microsoft-IIS/10.0
Age: 82947
X-Powered-By: ASP.NET
ETag: "ba71c7b25ebbd11:0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 8921
X-Amz-Cf-Id: _rKq9ZgL5CbImAQMyjyvEztbohd_uqoZBq0HId3v5X3IFPRQVOIF5g==

GET
H/1.1 200
OK insta_galleria.jpg
customer38571.img.musvc1.net/static/38571/images/1/ 9 KB
10 KB 36ms
8ms Image
image/jpeg 13.35.253.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer38571.img.musvc1.net/static/38571/images/1/insta_galleria.jpg
Requested by: Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-46.fra6.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 93a53f4889e68da35365ba2e690fac81282673892c996ed82b2aa9aa28425f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 23:06:48 GMT
Via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
Last-Modified: Tue, 31 May 2016 17:05:56 GMT
Server: Microsoft-IIS/10.0
Age: 59077
X-Powered-By: ASP.NET
ETag: "89cb89b25ebbd11:0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 9484
X-Amz-Cf-Id: NDN2Jf5qtVKiYzOSeQO7Fza5ar3PSlm7cx68k_7dWyYflF79jh1D0A==

GET
H2 200 c
customer38571.musvc1.net/e/ 74 B
190 B 29ms
28ms Image
image/png 18.203.76.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer38571.musvc1.net/e/c?q=0%3d7c0d5%26G%3d6%26K%3dCXA%26L%3d5c8a5%26C%3dC8e6fb9ZBB98-Dfj9-9a70-gcfZ-fB7bAfeafACd%26nP%3d0ZDY%26h%3dHzPz86.KiO%26y%3deAb8YCXAb
Requested by: Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.76.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-76-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:31:25 GMT
cache-control: no-cache
x-request-id: e8c00225-e356-4b1f-91f0-d22c00f074cd
content-type: image/png

GET
H2 200 frontendPendoLoader.js Show response
c8e7a.emailsp.com/js/ 2 KB
2 KB 132ms
132ms Script
application/javascript 13.35.253.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c8e7a.emailsp.com/js/frontendPendoLoader.js

Requested by

Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-19.fra6.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-powered-by: ASP.NET
x-cache: RefreshHit from cloudfront
content-length: 1118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Fri, 26 Nov 2021 15:47:08 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "0e63ddedce2d71:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
cache-control: max-age=1200
accept-ranges: bytes
x-amz-cf-id: FgGOT_L2xdhaeSQ1jx6E4sxSHvTf9Tdnn6bUMGDKdux9kjQ6SPHDag==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/ 437 KB
136 KB 47ms
10ms Script
application/javascript 13.35.253.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by: Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/js/frontendPendoLoader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-31.fra6.r.cloudfront.net
Software: UploadServer /
Resource Hash: 1b48a78842c63927d7df6812532833800ad73eb4df0d6464889484e3712fd6bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 15:26:55 GMT
Content-Encoding: gzip
Age: 279
X-GUploader-UploadID: ADPycdvlFZu98rmClsswKhjtL7pn3Mdn3rXTmIS8nzppUPZdtasLzdTlSHIQFlt1FP1D6z3UhmBmEyaTB3wMDCND1iALtfAP0Q
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 138365
Access-Control-Allow-Origin: *
Last-Modified: Fri, 19 Nov 2021 19:09:05 GMT
Server: UploadServer
ETag: "3c398d62e0534bb35d56a5a17168740d"
Vary: Accept-Encoding
x-goog-hash: crc32c=HBdYcA==, md5=PDmNYuBTS7NdVqWhcWh0DQ==
x-goog-generation: 1637348945327007
Via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 138365
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: z8Vy5xQkEvdsVPmo_dCkJa3-TRZRo7VCakfr4kClaa1UzeWLcoVMBQ==
Expires: Mon, 29 Nov 2021 15:34:16 GMT

POST
H2 200 GetPendoSettings Show response
c8e7a.emailsp.com/frontend/webMethods/Console.asmx/ 59 B
449 B 118ms
118ms XHR
application/json 13.35.253.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c8e7a.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Requested by

Host: c8e7a.emailsp.com
URL: https://c8e7a.emailsp.com/js/frontendPendoLoader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-19.fra6.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

19194162762d14bbe8fac67aaf23af97d0c38571c34044a9745d913297b4c5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c8e7a.emailsp.com/f/rnl.aspx/?hkg=turxr2:&ki=tx.k&=/pu39d1&d=b7c&cd6-3ji.&x=pv&b&x=pp&x_m.680f&x=pv&777f-za8j=st1sNCLM
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Mon, 29 Nov 2021 15:31:25 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA6-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
content-length: 59
x-xss-protection: 1; mode=block
x-amz-cf-id: F4E3LUPyIiOAumzFVdfzVvfvMDSRlSWswDRSUkz2LrPQD3b3YYD_1Q==

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/ptm.gif/ 42 B
115 B 415ms
258ms Image
image/gif 2a00:1450:4001:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo-pro.beefree.io/data/ptm.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?v=2.114.1_prod&ct=1638199885844&jzb=eJzdUl1r2zAU_S968FMqW3ZiKQEzwrqxr7Rha9nYGEKW5ESNP4Qkd_ZK_nultjMtlL1sL9uT7HPugXPuud9ugBu1BCughGydqkYwA6XpflhpqFONZ1CeEbRcErIg2XwGrpVVrjNUCS9K_DTjvOtbdw9kZIGRB3tT-7-9c9qu4pgTiRmUDVO11ZB3TVzFpq0hs3qIX-wPu8L1ZjDpKjqowg3wEBWx7rOlQJEoSswjLvKT7ErBaCj0dVSGR0cDbWBOkuoexBhXJz8ZuSqsQ_bs5YeNt6FNpy1Y3YCuFvSJc7p9dXZ6Ti8oP704r96v0ec294Iw92ygx-Lk2dDHGXCsfBuAN3yDx69k-3HDalwurNdXhjXyjrzcf0nGcfuOuzXe5fvXYeGjk95mRshxNhXSSMd-W0b-r5bx4Dp8TsZr1u56tgvBZUsvP4V1PoSZ5qY9a2b8sa4n2kOCuaBNlzFCcZqkd51JY1XXBhgiNIeIegviLxQ1R-mjouqOif-zqJDsV54k98f5xxeeJMfvt5rvZA8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:31:26 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2 Show response
data.pendo-pro.beefree.io/data/guide.js/ 2 KB
2 KB 315ms
160ms Script
application/javascript 2a00:1450:4001:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo-pro.beefree.io/data/guide.js/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJw9j7FuwyAURf-FgamBuFaDawlVVadKbZeqc_QC2CG2MYJHhBr530Ma1dPj3Mtw7oWcbbQ4h3dNWrIlDwSUmpPDP66bJ1GVLIWx0BHRx5Zz1RgBzExgx-iZmife8eBGBtFn_nIceokp5PDY0sFKzGygkvtUP-uKankQiiq929Qny2iW_kwPt-Np3k9s12y7eyiE6Da_0JxkxCp-vX18Fo3JIGhAIO2qfXvaf_URXJ-gNwWN2_98k2Wds_67TyqFh2Acvq71sixXD61V7g&v=2.114.1_prod&ct=1638199885846

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

919ded04d8c139a78633c44bcfcb7934fec3584e8cea198bc0a6a1395aa82ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c8e7a.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			c8e7a.emailsp.com/	1969-12-31 23:59:59	Name: BIGipServercu_front_80_pool Value: !XAGNpIyNEUwIwN+cnSAI+Z1ZFq7MImLGLMP/5yfiudX9fbupZOSfwCCRnzWNg/WHjsTmwoIDekwY4uw=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c8e7a.emailsp.com
cdn.pendo.io
customer38571.img.musvc1.net
customer38571.musvc1.net
data.pendo-pro.beefree.io
13.35.253.19
13.35.253.31
13.35.253.46
18.203.76.113
2a00:1450:4001:802::2013
19194162762d14bbe8fac67aaf23af97d0c38571c34044a9745d913297b4c5bf
1b48a78842c63927d7df6812532833800ad73eb4df0d6464889484e3712fd6bb
645f86c69a7430f777794e42b82a99ab1b353d9efc1bcc6cf0b0bd00009f9744
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
919ded04d8c139a78633c44bcfcb7934fec3584e8cea198bc0a6a1395aa82ef2
93a53f4889e68da35365ba2e690fac81282673892c996ed82b2aa9aa28425f79
a91558b30c66f3bc84b206fd501053d64b4626bc46bf27bbdc266eca5af380cb
d574c2c9badb6f13cfb996766b5038f4de2faacba1bfc7d0eadc047a6e5ca10b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcad15a694c0459d034105e8fe12d6ce09e9e264e1e91e7c0b093f27811dc94
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

c8e7a.emailsp.com Open in urlscan Pro 13.35.253.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

409 kBTransfer

712 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

c8e7a.emailsp.com Open in urlscan Pro
13.35.253.19 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

409 kB
Transfer

712 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions