urlscan.io logo urlscan.io
SecurityTrails logo

edm.focussend.com Open in urlscan Pro
47.111.18.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://image.zxzmail.com/t/zz?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147
Effective URL: https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147
Submission: On August 24 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 47.111.18.198, located in Hangzhou, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is edm.focussend.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 10th 2022. Valid for: a year.
This is the only time edm.focussend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 183.129.245.12 58461 (CT-HANGZH...)
1 47.111.18.198 37963 (ALIBABA-C...)
2 2
Apex Domain
Subdomains		 Transfer
2 focussend.com
edm.focussend.com
app.focussend.com
146 KB
2 zxzmail.com
image.zxzmail.com — Cisco Umbrella Rank: 878281
862 B
2 2
Domain Requested by
2 image.zxzmail.com 2 redirects
1 app.focussend.com edm.focussend.com
1 edm.focussend.com
2 3

This site contains no links.

Subject Issuer Validity Valid
*.focussend.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-02-10 -
2023-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147
Frame ID: D77839CCE8CB0BE20BDDB4EDEF595CF1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Complaint

Page URL History Show full URLs

  1. http://image.zxzmail.com/t/zz?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147 HTTP 302
    http://image.zxzmail.com/t/ClickByGuid.ashx?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147 HTTP 302
    https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

146 kB
Transfer

156 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://image.zxzmail.com/t/zz?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147 HTTP 302
    http://image.zxzmail.com/t/ClickByGuid.ashx?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147 HTTP 302
    https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Complaint.aspx
edm.focussend.com/enfocussend/
Redirect Chain
  • http://image.zxzmail.com/t/zz?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147
  • http://image.zxzmail.com/t/ClickByGuid.ashx?t=F1D91A5A-174C-4626-AFA8-2ACE6183F3FB&STARID=4526178-91147
  • https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.111.18.198 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b87ed17590ccd710fea2d13777840e4f3e3c671d03b546f5beb34ec72db1fa4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
1376
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 09:21:58 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
2.0.50727
x-powered-by
ASP.NET

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
185
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Aug 2022 09:21:58 GMT
Location
https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147
Server
nginx/1.20.1
X-AspNet-Version
2.0.50727
X-Powered-By
ASP.NET
bgcontent2.jpg
app.focussend.com/enfocussend/images/ 		153 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.focussend.com/enfocussend/images/bgcontent2.jpg
Requested by
Host: edm.focussend.com
URL: https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
183.129.245.12 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx/1.20.1 / ASP.NET
Resource Hash
efbf6d97d7541ff44d184cd9f7bfa9df05360d42c63f52010c25170a54e33c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://edm.focussend.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 09:22:00 GMT
Content-Encoding
gzip
ETag
W/"0da1ab81ddd11:0"
Last-Modified
Thu, 14 Jul 2016 03:41:56 GMT
Server
nginx/1.20.1
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST,OPTIONS,PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Domain/Path Name / Value
edm.focussend.com/ Name: ASP.NET_SessionId
Value: lmtn5nzovueldv451t3ui345

1 Console Messages

Source Level URL
Text
security warning URL: https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147(Line 61)
Message:
Mixed Content: The page at 'https://edm.focussend.com/enfocussend/Complaint.aspx?s=4526178-91147' was loaded over HTTPS, but requested an insecure element 'http://app.focussend.com/enfocussend/images/bgcontent2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.focussend.com
edm.focussend.com
image.zxzmail.com
183.129.245.12
47.111.18.198
b87ed17590ccd710fea2d13777840e4f3e3c671d03b546f5beb34ec72db1fa4c
efbf6d97d7541ff44d184cd9f7bfa9df05360d42c63f52010c25170a54e33c7e