Submitted URL: http://xpressus.emsmtp.com/
Effective URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Submission: On January 15 via api from US

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 217.175.192.13, located in Austria and belongs to EMARSYS-AS Emarsys eMarketing Systems AG, AT. The main domain is xpressus.emsmtp.com.
This is the only time xpressus.emsmtp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 217.175.192.13 199236 (EMARSYS-A...)
3 3 63.35.242.85 16509 (AMAZON-02)
7 2600:9000:20e... 16509 (AMAZON-02)
2 2 52.19.225.66 16509 (AMAZON-02)
2 52.218.109.48 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
22 4
Domain Requested by
7 www.google-analytics.com xpressus.emsmtp.com
7 assets.emarsys.net xpressus.emsmtp.com
assets.emarsys.net
7 xpressus.emsmtp.com 1 redirects xpressus.emsmtp.com
3 redirector.eservice.emarsys.net 3 redirects
2 ems-assets.s3.eu-west-1.amazonaws.com xpressus.emsmtp.com
2 ems-homepage-service.herokuapp.com 2 redirects
22 6

This site contains links to these domains. Also see Links.

Domain
uss.eservice.emarsys.net
ems-homepage-service.herokuapp.com
www.emarsys.com
help.emarsys.com
Subject Issuer Validity Valid
assets.emarsys.net
COMODO RSA Domain Validation Secure Server CA
2017-06-06 -
2020-06-05
3 years crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2020-12-10
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh

This page contains 1 frames:

Primary Page: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Frame ID: AD6DEED9BF9EE3D4BC287F335D7A2417
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://xpressus.emsmtp.com/ HTTP 302
    http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

22
Requests

73 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

4
IPs

4
Countries

887 kB
Transfer

2278 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xpressus.emsmtp.com/ HTTP 302
    http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://redirector.eservice.emarsys.net/ui/latest/css/services/login.css HTTP 302
  • https://assets.emarsys.net/ui/14.536.0/css/services/login.css
Request Chain 1
  • https://redirector.eservice.emarsys.net/ui/latest/js/app.js HTTP 302
  • https://assets.emarsys.net/ui/14.536.0/js/app.js
Request Chain 2
  • https://redirector.eservice.emarsys.net/upgrade-recommender-client/latest/app.js HTTP 302
  • https://assets.emarsys.net/upgrade-recommender-client/1577088406/app.js
Request Chain 7
  • https://ems-homepage-service.herokuapp.com/loginpage/banner_image/en HTTP 302
  • https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_20705700_1579083514_bannerImage_en
Request Chain 12
  • https://ems-homepage-service.herokuapp.com/loginpage/background_image/en HTTP 302
  • https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_67047100_1579083473_backgroundImage_en
Request Chain 14
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 15
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1732492381&gjid=1931507213&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&_r=1&z=1908447249 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1732492381&gjid=1931507213&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&_r=1&z=1908447249
Request Chain 16
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1698846177&gjid=1089627821&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&_r=1&z=915716937 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1698846177&gjid=1089627821&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&_r=1&z=915716937
Request Chain 17
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=536139636&gjid=1765469036&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&_r=1&z=1519498778 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=536139636&gjid=1765469036&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&_r=1&z=1519498778
Request Chain 18
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&z=1822755748 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&z=1822755748
Request Chain 19
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&z=363321182 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&z=363321182
Request Chain 20
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&z=1537246 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&z=1537246

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set bootstrap.php
xpressus.emsmtp.com/
Redirect Chain
  • http://xpressus.emsmtp.com/
  • http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
23 KB
9 KB
Document
General
Full URL
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Server
217.175.192.13 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
login.emarsys.net
Software
nginx/1.16.1 /
Resource Hash
83aed845474c77bdc331ba4b5c2534b7f578b1baea48f3ab7af3f248db22f52a

Request headers

Host
xpressus.emsmtp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Type
text/html; charset=utf-8
Content-Length
8684
Set-Cookie
login_language=en; expires=Fri, 14-Feb-2020 11:35:22 GMT login_language=en; expires=Fri, 14-Feb-2020 11:35:22 GMT login_language=en; expires=Fri, 14-Feb-2020 11:35:22 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
X-fe
suite3web4

Redirect headers

Server
nginx/1.16.1
Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Type
text/html; charset=utf-8
Content-Length
20
Location
/bootstrap.php?r=customer/Login
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
X-fe
suite3web1
login.css
assets.emarsys.net/ui/14.536.0/css/services/
Redirect Chain
  • https://redirector.eservice.emarsys.net/ui/latest/css/services/login.css
  • https://assets.emarsys.net/ui/14.536.0/css/services/login.css
218 KB
30 KB
Stylesheet
General
Full URL
https://assets.emarsys.net/ui/14.536.0/css/services/login.css
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7143143b3c7fcd7cb149a4339608591066483c0540de6bed9b4c985ba0f444f

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 14 Jan 2020 09:00:12 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 08:59:34 GMT
server
AmazonS3
age
95711
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=315360000, no-transform, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
0nFvc8ZyXbuJNIgYhz4YqGvM7ytWOyY9xRFV-afH_viHn_QeVD5YNw==
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)

Redirect headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Via
1.1 vegur
Server
Cowboy
Location
https://assets.emarsys.net/ui/14.536.0/css/services/login.css
Access-Control-Allow-Methods
GET,HEAD,PUT,POST,DELETE
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
153
app.js
assets.emarsys.net/ui/14.536.0/js/
Redirect Chain
  • https://redirector.eservice.emarsys.net/ui/latest/js/app.js
  • https://assets.emarsys.net/ui/14.536.0/js/app.js
766 KB
149 KB
Script
General
Full URL
https://assets.emarsys.net/ui/14.536.0/js/app.js
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87dc07c4960ea46ecf1e682be0795406252f086bca4f7c72074a377c346ec5a3

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 14 Jan 2020 08:59:43 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 08:59:42 GMT
server
AmazonS3
age
95740
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=315360000, no-transform, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
6k8szrV-JTY3Hxa7wC4aZYFj95wjc2RLGqoi1A9UIHzAGRrE-DCN_Q==
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)

Redirect headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Via
1.1 vegur
Server
Cowboy
Location
https://assets.emarsys.net/ui/14.536.0/js/app.js
Access-Control-Allow-Methods
GET,HEAD,PUT,POST,DELETE
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
127
app.js
assets.emarsys.net/upgrade-recommender-client/1577088406/
Redirect Chain
  • https://redirector.eservice.emarsys.net/upgrade-recommender-client/latest/app.js
  • https://assets.emarsys.net/upgrade-recommender-client/1577088406/app.js
367 KB
103 KB
Script
General
Full URL
https://assets.emarsys.net/upgrade-recommender-client/1577088406/app.js
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65ee987315d5bf6cf7f0c6b63cfa5ddf330404568f67f47076ba674ce69555f2

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 09 Jan 2020 03:21:21 GMT
content-encoding
gzip
last-modified
Mon, 23 Dec 2019 08:06:47 GMT
server
AmazonS3
age
548042
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=315360000, no-transform, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
lLjE8DyRrWqHRhoTLsiP2NwYNHlNyGfdsPKoa8aXMYOjhPlbereG3w==
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)

Redirect headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Via
1.1 vegur
Server
Cowboy
Location
https://assets.emarsys.net/upgrade-recommender-client/1577088406/app.js
Access-Control-Allow-Methods
GET,HEAD,PUT,POST,DELETE
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
173
jquery-1.7.2.min.js
xpressus.emsmtp.com/js/jquery/
93 KB
33 KB
Script
General
Full URL
http://xpressus.emsmtp.com/js/jquery/jquery-1.7.2.min.js?1579075405
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Server
217.175.192.13 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
login.emarsys.net
Software
nginx/1.16.1 /
Resource Hash
0996546f9735445fc1749688612ccdb28a0a69a4f07485c68d48e410fa2f9294

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jan 2020 08:36:53 GMT
Server
nginx/1.16.1
ETag
"64736-17279-59c299c465340"
Vary
Accept-Encoding
Content-Type
text/javascript
X-fe
suite3web1
Accept-Ranges
bytes
Content-Length
33624
jquery.cookie.js
xpressus.emsmtp.com/js/jquery/
2 KB
1 KB
Script
General
Full URL
http://xpressus.emsmtp.com/js/jquery/jquery.cookie.js?1579075405
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Server
217.175.192.13 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
login.emarsys.net
Software
nginx/1.16.1 /
Resource Hash
86ea8a4ecb7697de9f60c77193720dad657eaa54a7420dd9644ed6200ead3ad1

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jan 2020 08:36:53 GMT
Server
nginx/1.16.1
ETag
"227c0-792-59c299c465340"
Vary
Accept-Encoding
Content-Type
text/javascript
X-fe
suite3web4
Accept-Ranges
bytes
Content-Length
882
login.js
xpressus.emsmtp.com/js/login/
1 KB
729 B
Script
General
Full URL
http://xpressus.emsmtp.com/js/login/login.js?1579075405
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Server
217.175.192.13 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
login.emarsys.net
Software
nginx/1.16.1 /
Resource Hash
965b9b49c31832a616a526615d0123540711ba557cfd92b92fe7ffd539322d04

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jan 2020 08:36:53 GMT
Server
nginx/1.16.1
ETag
"644b7-4b0-59c299c465340"
Vary
Accept-Encoding
Content-Type
text/javascript
X-fe
suite3web3
Accept-Ranges
bytes
Content-Length
433
metrics.js
xpressus.emsmtp.com/js/lib/analytics/
5 KB
2 KB
Script
General
Full URL
http://xpressus.emsmtp.com/js/lib/analytics/metrics.js?1579075405
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Server
217.175.192.13 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
login.emarsys.net
Software
nginx/1.16.1 /
Resource Hash
81434b5e38199e91bc0d4442c96e9e45472c86762f3e14ee41d05482fa57ecf2

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jan 2020 08:36:53 GMT
Server
nginx/1.16.1
ETag
"64493-140f-59c299c465340"
Vary
Accept-Encoding
Content-Type
text/javascript
X-fe
suite3web3
Accept-Ranges
bytes
Content-Length
1387
0_20705700_1579083514_bannerImage_en
ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/
Redirect Chain
  • https://ems-homepage-service.herokuapp.com/loginpage/banner_image/en
  • https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_20705700_1579083514_bannerImage_en
165 KB
165 KB
Image
General
Full URL
https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_20705700_1579083514_bannerImage_en
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.109.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ae3d2a7aca086246253e0f2ad0bf12ee4ac7ae25f5fd9beb8e093cb52edc3ba3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:24 GMT
Last-Modified
Wed, 15 Jan 2020 10:18:35 GMT
Server
AmazonS3
x-amz-request-id
CA6F2E85B74D2402
ETag
"963ea82caebd4c6d2d5cbbdcc5f990bf"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, no-transform, public
Accept-Ranges
bytes
Content-Length
168757
x-amz-id-2
0sF0/V/6QHnqvaIIDIUjO0nB+SWayS0xWvWgeM1JWNDcQXuoTkvbhyFxRlQ/PaLnX9jl+cvyyfU=

Redirect headers

Date
Wed, 15 Jan 2020 11:35:23 GMT
Via
1.1 vegur
Referrer-Policy
same-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Location
https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_20705700_1579083514_bannerImage_en
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'; frame-ancestors 'self'
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
X-Xss-Protection
1; mode=block
unifiedlogin.js
xpressus.emsmtp.com/js/login/
1 KB
741 B
Script
General
Full URL
http://xpressus.emsmtp.com/js/login/unifiedlogin.js?1579075405
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Server
217.175.192.13 , Austria, ASN199236 (EMARSYS-AS Emarsys eMarketing Systems AG, AT),
Reverse DNS
login.emarsys.net
Software
nginx/1.16.1 /
Resource Hash
d5b6ff678c55ca9746604e9360951d7bf3972a204e55cebab570d8491a6f40ca

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jan 2020 08:36:53 GMT
Server
nginx/1.16.1
ETag
"2250b-4a9-59c299c465340"
Vary
Accept-Encoding
Content-Type
text/javascript
X-fe
suite3web4
Accept-Ranges
bytes
Content-Length
445
emoji.json
assets.emarsys.net/ui/14.536.0/assets/
56 KB
9 KB
XHR
General
Full URL
https://assets.emarsys.net/ui/14.536.0/assets/emoji.json
Requested by
Host: assets.emarsys.net
URL: https://assets.emarsys.net/ui/14.536.0/js/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89018fcc6986e35add6d7ef91903f711159768573d0597a58c15eff63e92828b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Origin
http://xpressus.emsmtp.com

Response headers

date
Wed, 15 Jan 2020 11:35:23 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 08:59:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
status
200
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
x-cache
Miss from cloudfront
x-amz-cf-id
e4Foj6EtoK3dzTXTIfIlx8ZuBHBOPC6XYdGqz8mbQomgX_t_7spryA==
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
svg.json
assets.emarsys.net/ui/14.536.0/assets/
264 KB
93 KB
XHR
General
Full URL
https://assets.emarsys.net/ui/14.536.0/assets/svg.json
Requested by
Host: assets.emarsys.net
URL: https://assets.emarsys.net/ui/14.536.0/js/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
488e324f87a7e2f28dc991b1d2732dc37d75520e283c3e5fbc54bb2b2a715b35

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Origin
http://xpressus.emsmtp.com

Response headers

date
Wed, 15 Jan 2020 11:35:23 GMT
content-encoding
gzip
last-modified
Tue, 14 Jan 2020 08:59:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
status
200
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
x-cache
Miss from cloudfront
x-amz-cf-id
LUSBMyMoPhKbv01SLNQhwjCsPPRYfJqAZdmZzx8P4nphvqcGGEmsZg==
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
roboto-v19-cyrillic_latin_cyrillic-ext_latin-ext-regular.woff2
assets.emarsys.net/ui/static/fonts/
50 KB
50 KB
Font
General
Full URL
https://assets.emarsys.net/ui/static/fonts/roboto-v19-cyrillic_latin_cyrillic-ext_latin-ext-regular.woff2
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://assets.emarsys.net/ui/14.536.0/css/services/login.css
Origin
http://xpressus.emsmtp.com

Response headers

date
Wed, 15 Jan 2020 11:35:24 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
content-length
51116
last-modified
Tue, 15 Oct 2019 06:44:00 GMT
server
AmazonS3
etag
"9549360090baf2eb8b25d3a9708fc19d"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
XeS2C-q5XWCYEvPshB6VkIJEcCldOWEC_WsTeSKKcs8qrmT7TAY60Q==
0_67047100_1579083473_backgroundImage_en
ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/
Redirect Chain
  • https://ems-homepage-service.herokuapp.com/loginpage/background_image/en
  • https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_67047100_1579083473_backgroundImage_en
169 KB
170 KB
Image
General
Full URL
https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_67047100_1579083473_backgroundImage_en
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.109.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
aa6ae2c66acefc98c78a8d8d09925e3cd409030726b955e2c65992d2faa29019

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 11:35:24 GMT
Last-Modified
Wed, 15 Jan 2020 10:17:54 GMT
Server
AmazonS3
x-amz-request-id
20092B357C146F83
ETag
"9dc0f8a451922cbb2300a8cbbf4a6b59"
Content-Type
image/jpeg
Cache-Control
max-age=315360000, no-transform, public
Accept-Ranges
bytes
Content-Length
173501
x-amz-id-2
KYv1kaW+Znh0uSZ3iuwqmh3HxLh057zAMwW3bySjHeGsdx3hdGLKn3DCII8xZOcUgj3Hf+acPy4=

Redirect headers

Date
Wed, 15 Jan 2020 11:35:23 GMT
Via
1.1 vegur
Referrer-Policy
same-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Location
https://ems-assets.s3.eu-west-1.amazonaws.com/loginpage-assets/0_67047100_1579083473_backgroundImage_en
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'; frame-ancestors 'self'
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
X-Xss-Protection
1; mode=block
roboto-v19-cyrillic_latin_cyrillic-ext_latin-ext-italic.woff2
assets.emarsys.net/ui/static/fonts/
54 KB
54 KB
Font
General
Full URL
https://assets.emarsys.net/ui/static/fonts/roboto-v19-cyrillic_latin_cyrillic-ext_latin-ext-italic.woff2
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33e711dbf4c115a22f489aa24013d460c188cde3fb90dd2b3b41908c69343417

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://assets.emarsys.net/ui/14.536.0/css/services/login.css
Origin
http://xpressus.emsmtp.com

Response headers

date
Wed, 15 Jan 2020 11:35:24 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
status
200
content-length
54984
last-modified
Tue, 15 Oct 2019 06:44:00 GMT
server
AmazonS3
etag
"d1f23769ca583437f310764146ec7fbc"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
2Ynftjd4RQUC2MBMDUMlgpUErglLEHaZR6ETCT1XgGOhNsMuou8cxQ==
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
7028
date
Wed, 15 Jan 2020 09:38:14 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 15 Jan 2020 11:38:14 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing...
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1732492381&gjid=1931507213&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&_r=1&z=1908447249
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 11:35:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1732492381&gjid=1931507213&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&_r=1&z=1908447249
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing...
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1698846177&gjid=1089627821&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&_r=1&z=915716937
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 11:35:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=1698846177&gjid=1089627821&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&_r=1&z=915716937
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing...
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=536139636&gjid=1765469036&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&_r=1&z=1519498778
Requested by
Host: xpressus.emsmtp.com
URL: http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jan 2020 11:35:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=310857746&t=pageview&_s=1&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAAB~&jid=536139636&gjid=1765469036&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&_r=1&z=1519498778
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Pl...
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20P...
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&z=1822755748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 04:57:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4775878
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-1&_gid=1432392074.1579088123&z=1822755748
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Pl...
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20P...
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&z=363321182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 04:57:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4775878
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-2&_gid=1432392074.1579088123&z=363321182
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Pl...
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20P...
35 B
110 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&z=1537246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xpressus.emsmtp.com/bootstrap.php?r=customer/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Nov 2019 04:57:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4775878
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j79&a=310857746&t=timing&_s=2&dl=http%3A%2F%2Fxpressus.emsmtp.com%2Fbootstrap.php%3Fr%3Dcustomer%2FLogin&ul=en-us&de=UTF-8&dt=Emarsys%20Marketing%20Platform%20customer-login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2271&pdt=1&dns=0&rrt=1150&srt=134&tcp=0&dit=1664&clt=1664&_gst=1664&_gbt=1681&_u=IEDAAAAB~&jid=&gjid=&cid=1326396109.1579088123&tid=UA-49158183-3&_gid=1432392074.1579088123&z=1537246
Non-Authoritative-Reason
HSTS

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| noLogUiFlippers object| e function| setImmediate function| clearImmediate number| assetVersion function| $ function| jQuery function| handleCookies function| GoogleAnalytics function| CookieSetzen object| regeneratorRuntime object| analytics string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
xpressus.emsmtp.com/ Name: _gat_production
Value: 1
xpressus.emsmtp.com/ Name: login_language
Value: en
xpressus.emsmtp.com/ Name: _gat_development
Value: 1
xpressus.emsmtp.com/ Name: _gat_test
Value: 1
xpressus.emsmtp.com/ Name: _gid
Value: GA1.1.1432392074.1579088123
xpressus.emsmtp.com/ Name: _ga
Value: GA1.1.1326396109.1579088123

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.emarsys.net
ems-assets.s3.eu-west-1.amazonaws.com
ems-homepage-service.herokuapp.com
redirector.eservice.emarsys.net
www.google-analytics.com
xpressus.emsmtp.com
217.175.192.13
2600:9000:20eb:8c00:1b:b6d7:fac0:93a1
2a00:1450:4001:816::200e
52.19.225.66
52.218.109.48
63.35.242.85
0996546f9735445fc1749688612ccdb28a0a69a4f07485c68d48e410fa2f9294
33e711dbf4c115a22f489aa24013d460c188cde3fb90dd2b3b41908c69343417
488e324f87a7e2f28dc991b1d2732dc37d75520e283c3e5fbc54bb2b2a715b35
65ee987315d5bf6cf7f0c6b63cfa5ddf330404568f67f47076ba674ce69555f2
81434b5e38199e91bc0d4442c96e9e45472c86762f3e14ee41d05482fa57ecf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aed845474c77bdc331ba4b5c2534b7f578b1baea48f3ab7af3f248db22f52a
86ea8a4ecb7697de9f60c77193720dad657eaa54a7420dd9644ed6200ead3ad1
87dc07c4960ea46ecf1e682be0795406252f086bca4f7c72074a377c346ec5a3
89018fcc6986e35add6d7ef91903f711159768573d0597a58c15eff63e92828b
965b9b49c31832a616a526615d0123540711ba557cfd92b92fe7ffd539322d04
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
aa6ae2c66acefc98c78a8d8d09925e3cd409030726b955e2c65992d2faa29019
ae3d2a7aca086246253e0f2ad0bf12ee4ac7ae25f5fd9beb8e093cb52edc3ba3
b7143143b3c7fcd7cb149a4339608591066483c0540de6bed9b4c985ba0f444f
d5b6ff678c55ca9746604e9360951d7bf3972a204e55cebab570d8491a6f40ca
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a