a9e0g.emailsp.com Open in urlscan Pro
13.32.99.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsb...
Effective URL:
https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Submission Tags: falconsandbox
Submission: On May 22 via api (May 22nd 2022, 8:46:40 am UTC) from US — Scanned from IT

Summary HTTP 26 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 26 HTTP transactions. The main IP is 13.32.99.90, located in United States and belongs to AMAZON-02, US. The main domain is a9e0g.emailsp.com.
TLS certificate: Issued by Amazon on March 16th 2022. Valid for: a year.

This is the only time a9e0g.emailsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	109.168.30.185 109.168.30.185	5602 (AS-IRIDEO...) (AS-IRIDEOS-KP)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	99.80.207.214 99.80.207.214	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
7	88.198.151.113 88.198.151.113	24940 (HETZNER-AS) (HETZNER-AS)
1	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:8000:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
26	9

10 109.168.30.185 (Melzo, Italy) 1 redirects

ASN5602 (AS-IRIDEOS-KP, IT)
PTR: net-109-168-30-185.cust.vodafonedsl.it

urlsand.esvalabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.207.214 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-207-214.eu-west-1.compute.amazonaws.com

customer19507.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

a9e0g.emailsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 88.198.151.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-151-113.clients.your-server.de

fcvezd.stripocdn.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

customer19507.img.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8000:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

data.pendo-pro.beefree.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	esvalabs.com 1 redirects urlsand.esvalabs.com — Cisco Umbrella Rank: 150732	404 KB
7	stripocdn.email fcvezd.stripocdn.email	1 MB
3	emailsp.com a9e0g.emailsp.com	14 KB
3	musvc3.net 1 redirects customer19507.musvc3.net customer19507.img.musvc3.net	972 B
2	beefree.io data.pendo-pro.beefree.io	2 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1145	142 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
26	8

	Domain	Requested by
10	urlsand.esvalabs.com	1 redirects urlsand.esvalabs.com
7	fcvezd.stripocdn.email	a9e0g.emailsp.com
3	a9e0g.emailsp.com	urlsand.esvalabs.com a9e0g.emailsp.com
2	data.pendo-pro.beefree.io	cdn.pendo.io
2	customer19507.musvc3.net	1 redirects a9e0g.emailsp.com
1	cdn.pendo.io	a9e0g.emailsp.com
1	customer19507.img.musvc3.net	a9e0g.emailsp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	urlsand.esvalabs.com
26	9

This site contains links to these domains. Also see Links.

Domain
customer19507.musvc3.net

Subject Issuer	Validity	Valid
esvalabs.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.emailsp.com Amazon	`2022-03-16` - `2023-04-13`	a year	crt.sh
*.stripocdn.email Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-09`	a year	crt.sh
*.musvc1.net Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
*.musvc0.net Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
data.pendo-pro.beefree.io GTS CA 1D4	`2022-05-16` - `2022-08-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Frame ID: 4084CC35669E38342E3D8B4BE3157A77
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cristalplant® Bio Active: discover the new colours

Page URL History Show full URLs

https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3... HTTP 302
https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3... Page URL
https://customer19507.musvc3.net/e/r?q=L4%3dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87I... HTTP 301
https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g... Page URL

Page Statistics

26
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1694 kB
Transfer

2038 kB
Size

1
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://customer19507.musvc3.net/e/t?q=7%3d1ZNd7%26C%3dOX%26n%3dXMa8%26F%3dNY0ZNU%26u%3d9CNpJ_AuSq_L5_rrlt_27_AuSq_K0f25JeI.2N_rrlt_27xH_rrlt_27_AuSq_L0uK6_MoLA7e_IjwP_Tw8eD-5a2txH_rrlt_2WDNm_Dx8iL6_LQti_Wd665iC_AuSq_KZuK6_7aD95i87_LQti_Wd5xG2SSW2S-xH%26d%3dDDMv4L.HeK%262M%3d4RRa3

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=3%3dDcAZJ%26F%3dBT%261%3da0WK%26I%3dAUMcAQ%268%3dBzJ3M_xqft_91_5uYp_E0_xqft_86s5rFrL.oJ_5uYp_E0kD_5uYp_E0iHvMz1yJr11N-h92-5iJvPk-DrQ-iEyI1H6_LWsc_Vl_HdwV_SsOzC_6I1Hp9_xqft_94q9s-51_LWsc_VBK7G_s5qC1C_5uYp_F8kCnCr_HdwV_RIOzC_p5sFnCmD_5uYp_1n5gF8j5zV8ZFV8-51%268%3dsK6PiS.19z%2696%3dX7YJW

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=5%3dKbHbQ%26E%3dIV%268%3dZGYR%26H%3dHWTbHS%26E%3dA7L0L_5sms_F3_Btfr_L9_5sms_E8z4yHyK.vL_Btfr_L9rF_Btfr_L9p3D4yG1L_5sms_E8_Btfr_M98L7_L2MB6r_Jkvc_Ux7rE-yG_5sms_EXEMz_Ey7vM7_Kduj_Vq774vD_Btfr_LY8L7_6nE04v98_Kduj_Vq6yFETTVET-yG%26q%3dEEL95M.GrL3u4n%263L%3dGSSZF
Title: DOWNLOAD THE NEW CATALOGS

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=6%3dGY7cM%26B%3d8W%264%3dW6ZN%26E%3d7XPY7T%26A%3d8vM6I_ttip_54_8qUs_H6_ttip_49v1nIuH.kM_8qUs_H6gG_8qUs_H6eKyIv42Fn44J-dB5-1eMyLg-GuM-eH2EwK9_HSvf_Rh_KgsR_VvKvF_9EwKs5_ttip_57t5o-84_HSvf_R8N0C_o8t9wF_8qUs_I4gFq9n_KgsR_ULKvF_s1oIq9iG_8qUs_4q1cI4f83R4cIR4-84%264%3doN9LeV.45v%26B9%3dT3bMS

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=3%3dMaRZS%26D%3dST%260%3dYQWT%26G%3dRUVaRQ%26G%3d0GJBK_Eqor_P1_Dspp_N8_Eqor_O6239F1J.6J_Dspp_N8JF-yGAJ1FG_Hmum_R2MCBA31I_Dspp_N8OZNT_Eqor_O6VT_Eqor_O6b39F1J_Z1F_h6D5LHH1_h6D5K55E_TWRN.H16_Dspp_O8HJ9_KBKD52_Hmum_Sz62C-1F_Eqor_OVGL0_C166K9_Jnsl_U15936B_Dspp_NXHJ9_5xCB3670_Jnsl_U141EORVUOR-1F_Eqor_OS07J_Jw4_Eqor_P656_Eqor_P4YhP%264%3d1w3x9MFLyU.A5F%26AF%3dTMaTS
Title: DISCOVER ALL THE NEW FINISHES

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=7%3dNg8dT%26J%3d9X%26A%3de7aU%26M%3d8YWg8U%26H%3dFwNCQ_uupx_65_EyVt_OD_uupx_5039oJ2P.lN_EyVt_ODhH_EyVt_OD_uupx_60HRp_MBSu72_PTwm_ag82K-5x9dhH_EyVt_OdxN0_Kh86Sp_Ln1S_W1Cp56J_uupx_5ZHRp_7xKs56Eq_Ln1S_W1BhGOZCWOZ-hH%261%3dKxMIA6.H2R%26lM%3dQYBaP

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=5%3dLcObR%26F%3dPV%269%3daNYS%26I%3dOWUcOS%26F%3dBDLAM_Bsnt_M3_Cumr_M0_Bsnt_L8156HzL.3L_Cumr_M0yF_Cumr_M0_Bsnt_M8FN7_K0OB5z_Lkuk_Wx6zG-3v5uyF_Cumr_MZEL8_Gy64O7_Jlwj_Uy9734F_Bsnt_LXFN7_5vG034A8_Jlwj_Uy8yEMVTUMV-yF%26y%3dGEKG7M.FzN%263K%3dOUSYN
Title: HOME

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=7%3dEZPdK%26C%3dQX%262%3dXOaL%26F%3dPYNZPU%269%3d9EN4J_Cugq_N5_6rnt_F7_Cugq_M0t27JsI.4N_6rnt_F7zH_6rnt_F7AL350N80_Cugq_M0_6rnt_G7FN1_J0O64z_Letk_Wr5zG-sE_Cugq_MZ9K8_Gs54O1_Ilwd_Ty9124F_6rnt_FWFN1_4vG424A2_Ilwd_Ty8sDMVNTMV-sE%26y%3dG9JG7G.EzN5o2v%26wJ%3dOUMXN
Title: PRODUCTS

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=3%3dJZDZP%26C%3dET%267%3dXCWQ%26F%3dDUSZDQ%26D%3d93J9J_1qlq_B1_Arbp_K7_1qlq_A6y2uFxI.rJ_Arbp_K7nD_Arbp_K7m5tCnH-5Fl1CF1-6tCy5A_IZsi_So_HjtY_SyL3C_BF4Hv6_1qlq_B4w6v-57_IZsi_SEKCD_v5w04C_Arbp_L5nCt0u_HjtY_ROL3C_v2vFt0pD_Arbp_L5m56SAZLSA-571t2j%265%3dvKBMlS.763%269B%3dU0YPT
Title: STORES

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=9%3dKd6fQ%26G%3d7Z%268%3db5cR%26J%3d6aTd6W%26E%3dCuP0N_swmu_47_BvTv_LA_swmu_3BGRx.Bu8f89Jl.99H_swmu_3BZ6mLyMEACDhJ_BvTv_MAvP7_NpQB8f_NkxQ_Yx9fI-yI_swmu_3bEOn_Iy9jQ7_MRyj_XeA76jH_BvTv_LavP7_8bI06jC8_MRyj_Xe0yH3XTX3X-yI%26e%3dIENw9M.IfP%263N%3d5WS7u6bb4

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=6%3d6eKcB%26H%3dLW%26s%3dcJZC%26K%3dKXEeKT%26z%3dD0MuO_8tXv_I4_wwis_7B_8tXv_H92SC.BsO04lNqF.hK3_KVyf_UkBqEuA87jOy0s_NgvU_Xv_KVyf_VkQ0F_xKAKhA_8tXv_I7iA3-8s_NgvU_XLNyI_38iEAF_wwis_80uFfE2_KVyf_UAQ0F_h73IfEwG_wwis_80t8rXHc8XH-8s%260%3d3NxRsV.s4f7qA0%26Bx%3dZGbBY

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=5%3d3eSb9%26H%3dTV%26p%3dcRY0%26K%3dSWBeSS%26w%3dDHLrO_FsUv_Q3_twqr_4B_FsUv_P8ySK.HkJH7tAGL.kP_FsUv_P8h70HgN27uE5F_twqr_4B_1Jg7H7f_NouR_X4_JSyn_UhQHE_uKIJeA_FsUv_Q6fAA-7p_NouR_XTMvI_A7fEIE_twqr_503EcE0_JSyn_T8QHE_e7AHcE5F_twqr_5027oXPb5X3c7yP-7p%260%3dAMuR1U.pAH%26Au%3dZOa9Y

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=9%3d4YOf0%26B%3dPZ%26q%3dWNcA%26E%3dOaCYOW%26x%3d8DPsI_BwVp_M7_uqmv_56_BwVp_LBzMG.HlD5Ag98.9rC_BwVp_LBfE7LdDI_NTsj_Xi6uHs5B-OuB_BwVp_LB_uqmv_66EPp_I9Qu3y_NTsj_Yg4yI-hD_BwVp_LbxJ7_Ih43Qp_HkyS_SxAp13H_uqmv_5VEPp_3uIs13Cq_HkyS_Sx0hCLXCSLX-h7d1uD%26x%3dIxIF96.DyP%26lI%3dNWBWM

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=6%3dJaOcP%26D%3dPW%267%3dYNZQ%26G%3dOXSaOT%26D%3d0DM9K_Btlr_M4_Asms_K8_Btlr_L9y36IxJ.3M_Asms_K8yG_Asms_K8_Btlr_M9DL7_L8MB6x_Jkvi_Ux7xE-4t3uyG_Asms_KXEM6_Ey72M7_Kjuj_Vw7742D_Btlr_LYDL7_6tE04298_Kjuj_Vw6yFKTTVKT-yG%26w%3dEELE5M.GxL%263L%3dMSSZL
Title: www.falper.it

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/r?q=O8%3dAzO9L_xvls_96_AtYu_K9_xvls_8Atbkez.8s62EyK.vHs_MjvV_Wy9xJ7MkIw_KWxi_UlKA8l0A8t8x6kIC8x.6BI4_MjvV_XyBj_MjvV_XwXAeRX7_MjvV_WOBjG2Lz_MjvV_XwY0_MjvV_WOBjI5_KWxi_VjbMZD_MjvV_WOAgN1_KWxi_VjVxYBau87-XvTg-YN8k-cJTl-WQ9AYSYiY6t4gK60%268%3dJbAeP%267%3dsPBOiX.78z%26DB%3dW7dPV%26r%3daM%26G%3dCYPa%26u%3dZNcEZJ%26M%3d7bQTBYJTFY
Title: Gestisci la tua iscrizione

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/r?q=Mz%3d9BM1J_0tdq_K4_3rks_C7_0tdq_J9lZwcr.654tCAI.nF5_Kbth_Uq7_0tdq_J9zFC.44GF_Kbth_Uq_Iiva_Txb_3rks_D2_0tdq_K77_RDS3V.L8-xB_0tdq_K74P_0tdq_J9na_0tdq_JY9_Iiva_TvI7_Iiva_SN8_3rks_D5FSALL_Kbth_Vla2a_3rks_D5Db_3rks_C7GLKZEW1_Iiva_SNKKU9SJ_Iiva_SNQ_3rks_D58O_3rks_CWLN7I.LHBa_EP_HQCV0oUoX%264%3dIbFaO%267%3dxLAOnT.685%260A%3dWBZOV%264l2sw%3dWL%26G%3dHUOa%26z%3dVMcJVI%26M%3d-BWOYEaKWGS
Title: Cancella iscrizione

Search URL Search Domain Scan URL

URL: https://customer19507.musvc3.net/e/t?q=0%3d0b8gF%26E%3d9a%26w%3dZ7dG%26H%3d8bIb8X%264%3dAwQy_KTzY_Vd_OZvS_Yo_KTzY_Ui8H8CD.nFdFuLs.0xF_uxbs_5C1_KTzY_ViR3F_vL4KfB_1tVw_B7gBv-8q8j4d_OZvS_YENwJ_v8gF4F_uxbs_6AnFdFu_KTzY_U9R3F_f8vIdFpG_uxbs_6Am8pYAc6YA-8q%26A%3dvNvSlV.qB3%26Bv%3da0b0Z
Title: MailUp®

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y HTTP 302
https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y&l=1 Page URL
https://customer19507.musvc3.net/e/r?q=L4%3dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%265%3dFdIbL%269%3d1M8QqU.308%26A8%3dYEaLX%26z%3dXI%26I%3dKVLc%263%3dWJeMWF%26O%3dEVJcITFV3p6oJT&mupckp=mupAtu4m8OiX0wt HTTP 301
https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y HTTP 302
https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y&l=1

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
urlsand.esvalabs.com/
Redirect Chain

https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW...
https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW...

5 KB
5 KB

89ms
89ms

Document
text/html

109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y&l=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

a550c5e63310780280db65e8a12129d5d4f48aec6c91b35a6f5683922a30cd9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-cache, private
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:46:35 GMT
feature-policy: fullscreen 'self'
referrer-policy: strict-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:46:35 GMT
feature-policy: fullscreen 'self'
location: //urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y&l=1
referrer-policy: strict-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 urlsandbox.css
urlsand.esvalabs.com/templates/default/css/ 184 KB
184 KB 54ms
53ms Stylesheet
text/css 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css

Requested by

Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y&l=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-2df7e"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 188286
x-content-type-options: nosniff

GET
H2 200 urlsand.css
urlsand.esvalabs.com/css/ 2 KB
2 KB 80ms
80ms Stylesheet
text/css 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/css/urlsand.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-6db"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 1755
x-content-type-options: nosniff

GET
H2 200 logo.png
urlsand.esvalabs.com/templates/default/img/ 19 KB
19 KB 80ms
80ms Image
image/png 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://urlsand.esvalabs.com/templates/default/img/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-4b25"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 19237
x-content-type-options: nosniff

GET
H2 200 polyfill.js Show response
urlsand.esvalabs.com/js/ 1 KB
2 KB 80ms
79ms Script
application/javascript 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/js/polyfill.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-4e3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 1251
x-content-type-options: nosniff

GET
H2 200 helper.js Show response
urlsand.esvalabs.com/js/ 3 KB
4 KB 80ms
79ms Script
application/javascript 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/js/helper.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-d47"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 3399
x-content-type-options: nosniff

GET
H2 200 redirect.js Show response
urlsand.esvalabs.com/js/ 2 KB
2 KB 80ms
80ms Script
application/javascript 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/js/redirect.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-71a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 1818
x-content-type-options: nosniff

GET
H2 200 urlsandbox-dark.css
urlsand.esvalabs.com/templates/default/css/ 184 KB
184 KB 80ms
80ms Stylesheet
text/css 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

https://urlsand.esvalabs.com/templates/default/css/urlsandbox-dark.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:35 GMT
referrer-policy: strict-origin
last-modified: Fri, 20 May 2022 09:45:38 GMT
server: nginx
etag: "62876342-2dec3"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 188099
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 139ms
56ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

Requested by

Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/templates/default/css/urlsandbox.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40b22b971aec653a4b043b68fecf37ad18dcd864dacd89a2cf8c4b30dcf3be03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 08:36:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 08:46:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 08:46:36 GMT

GET
H2 200 /
urlsand.esvalabs.com/ 433 B
787 B 1795ms
1795ms XHR
application/json 109.168.30.185
AS-IRIDEOS-KP

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/helper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.168.30.185 Melzo, Italy, ASN5602 (AS-IRIDEOS-KP, IT),

Reverse DNS

net-109-168-30-185.cust.vodafonedsl.it

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://urlsand.esvalabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:37 GMT
referrer-policy: strict-origin
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: no-cache, private
feature-policy: fullscreen 'self'
content-security-policy: default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://urlsand.esvalabs.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 465267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 23:32:09 GMT

GET
H2

200

Primary Request / Show response
a9e0g.emailsp.com/f/rnl.aspx/
Redirect Chain

https://customer19507.musvc3.net/e/r?q=L4%3dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu...
https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM

39 KB
12 KB

488ms
389ms

Document
text/html

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM

Requested by

Host: urlsand.esvalabs.com
URL: https://urlsand.esvalabs.com/js/redirect.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-90.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

27c5020f76fa7889c581d5a28c82811a189b129abdda7db16fc2ef3ec60301e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://urlsand.esvalabs.com/?u=https%3A%2F%2Fcustomer19507.musvc3.net%2Fe%2Fr%3Fq%3DL4%253dC8L5N_6shu_G3_7vgr_GA_6shu_F8pdsbv.013xG7H.rJ1_Jfxd_TuA_6shu_F87Iz.38KB_Jfxd_Tu_Meue_Xt81B_6shu_G6_CRFNBW_6shu_G3qC2_Jfxd_UsT5VqH-_6shu_G69TBTGZtWr8_6shu_G6J0-1YG-D2Y_7vgr_GAtW9LM_Jfxd_TKS_6shu_G65K_6shu_FXD_.8.y-9KXv4J.Yz_Jfxd_UsPA_Jfxd_TuOBpRqa%25265%253dFdIbL%25269%253d1M8QqU.308%2526A8%253dYEaLX%2526z%253dXI%2526I%253dKVLc%25263%253dWJeMWF%2526O%253dEVJcITFV3p6oJT%26mupckp%3DmupAtu4m8OiX0wt&e=d02f10fa&h=07e6fa53&f=y&p=y&l=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-length: 11867
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 08:46:38 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-id: UcUmAvicrFnZ8akG3tbVRkx1V-iw3z7a8ICSG4MeoP-LaYGDMtY8TA==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 163
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 08:46:38 GMT
location: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
x-request-id: 8a1bd8c0-2120-4c01-a589-e48b9fb97d91

GET
H2 200 logo.png
fcvezd.stripocdn.email/content/guids/CABINET_9c83745dc9dc3a5f3e115c17fe934b6c/images/ 28 KB
29 KB 214ms
99ms Image
image/png 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/guids/CABINET_9c83745dc9dc3a5f3e115c17fe934b6c/images/logo.png
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: 099aa81c5a63d1d1699bef615d4918d73abbf2c5ee114e62dce1254ad6b147b5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Thu, 18 Nov 2021 12:48:45 GMT
server: nginx
x-amz-meta-orgignalheigth: 492
etag: "3caef2a212b47bddb2c9aa102adc9fbd"
x-cache-status: HIT
x-amz-meta-stripooriginalfilename: logo.png
content-type: image/png
x-amz-meta-orgignalwidth: 1181
cache-control: max-age=31536000
content-length: 28872
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_9c83745dc9dc3a5f3e115c17fe934b6c%2Fimages%2Fstripothumbnailurllogo.png
x-amz-version-id: norki8nlwqNwn3xoWkrJU.pUCI80ldfy

GET
H2 200 falper_newsletter_cristalplant_1200x830.jpg
fcvezd.stripocdn.email/content/guids/CABINET_fb6d4de75e6788a6b56535b94fa560f6/images/ 424 KB
425 KB 263ms
149ms Image
image/jpeg 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/guids/CABINET_fb6d4de75e6788a6b56535b94fa560f6/images/falper_newsletter_cristalplant_1200x830.jpg
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: 816e20d07168487620f8263d45fdbf4e1be12637f34f2a90cdea68f1376712e8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Fri, 18 Mar 2022 15:30:47 GMT
server: nginx
x-amz-meta-orgignalheigth: 830
etag: "bd40624b87e8fcb0c92ffc9ff4e4b5cc"
x-cache-status: HIT
x-amz-meta-stripooriginalfilename: FALPER_newsletter_cristalplant_1200x830.jpg
content-type: image/jpeg
x-amz-meta-orgignalwidth: 1200
cache-control: max-age=31536000
content-length: 434156
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_fb6d4de75e6788a6b56535b94fa560f6%2Fimages%2Fstripothumbnailurlfalper_newsletter_cristalplant_1200x830_6aX.jpg
x-amz-version-id: WueRwB3Mi9ri9onPxyzmZv4L5Gzbik8h

GET
H2 200 ezgifcomgifmaker10.gif
fcvezd.stripocdn.email/content/guids/CABINET_fb6d4de75e6788a6b56535b94fa560f6/images/ 627 KB
628 KB 262ms
149ms Image
image/gif 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/guids/CABINET_fb6d4de75e6788a6b56535b94fa560f6/images/ezgifcomgifmaker10.gif
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: 43b7040bd7a8b8d5233913864cf6a19884c540c510ce36ebd64c4a11d39ff265

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Fri, 18 Mar 2022 15:30:47 GMT
server: nginx
x-amz-meta-orgignalheigth: 1200
etag: "8f6f5f3720cf3afc57f4e9516fbd9c67"
x-cache-status: HIT
x-amz-meta-stripooriginalfilename: ezgif.com-gif-maker-10.gif
content-type: image/gif
x-amz-meta-orgignalwidth: 745
cache-control: max-age=31536000
content-length: 642316
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_fb6d4de75e6788a6b56535b94fa560f6%2Fimages%2Fstripothumbnailurlezgifcomgifmaker10.gif
x-amz-version-id: cDh9aRFNf.GC1KVk_e5r5C9LugW_TyKA

GET
H2 200 facebook-logo-gray.png
fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/ 605 B
814 B 262ms
149ms Image
image/png 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/facebook-logo-gray.png
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: 902ed922cb9ba5e4062ee19683782ef412b2e2182ff0d56e1b8a7a8000c5c8c5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Fri, 03 Sep 2021 15:19:31 GMT
server: nginx
etag: "357197e9677759af1ecec7aaf7e9051b"
x-cache-status: HIT
x-amz-version-id: 4qhC_vOzyB2L02fhtbQzxoMy8KnuzxH9
cache-control: max-age=31536000
content-type: image/png
content-length: 605

GET
H2 200 instagram-logo-gray.png
fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/ 640 B
850 B 262ms
149ms Image
image/png 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/instagram-logo-gray.png
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: 025bb9bdda9b41fea991fa9ce15a4bb86d06b52c9a54c3d9b61ed7275d7ef7dc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Fri, 03 Sep 2021 15:19:38 GMT
server: nginx
etag: "b4225807ee658ab95389e00d7b015699"
x-cache-status: HIT
x-amz-version-id: uF7ch.qVJMBnybsHPShEwdw_fgFCyoOB
cache-control: max-age=31536000
content-type: image/png
content-length: 640

GET
H2 200 pinterest-logo-gray.png
fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/ 781 B
989 B 262ms
149ms Image
image/png 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/pinterest-logo-gray.png
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: b3345f9014181f7aaf29b221b29e286691d98a37fa350e47be19a4fbfe289050

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Fri, 03 Sep 2021 15:19:38 GMT
server: nginx
etag: "d34208a60c15e10badff8f7fd940f4c1"
x-cache-status: HIT
x-amz-version-id: 7i3dTX58OdUtlo4VBEqYPBrW11mrh.pi
cache-control: max-age=31536000
content-type: image/png
content-length: 781

GET
H2 200 linkedin-logo-gray.png
fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/ 401 B
610 B 122ms
121ms Image
image/png 88.198.151.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcvezd.stripocdn.email/content/assets/img/social-icons/logo-gray/linkedin-logo-gray.png
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.151.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-151-113.clients.your-server.de
Software: nginx /
Resource Hash: 4bb74669a07a48277c8e797041c1eac4be30016e86ac9a40c70f3a2ae13e1cd4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
last-modified: Fri, 03 Sep 2021 15:19:32 GMT
server: nginx
etag: "29f1b1cded1caa8ca862f525393ea4b7"
x-cache-status: HIT
x-amz-version-id: diNvA2vwckNBQV_Cp.K5.YVimZbeTh6d
cache-control: max-age=31536000
content-type: image/png
content-length: 401

GET
H/1.1 200
OK trans.gif
customer19507.img.musvc3.net/static/19507/images/footer/ 43 B
567 B 140ms
42ms Image
image/gif 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer19507.img.musvc3.net/static/19507/images/footer/trans.gif

Requested by

Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
Last-Modified: Mon, 02 Nov 2015 14:04:11 GMT
Server: Microsoft-IIS/10.0
Age: 78590
X-Powered-By: ASP.NET
ETag: "807f10597715d11:0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Date: Sat, 21 May 2022 10:56:48 GMT
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: NB5IZHGg5lxCDWUy8q8RAfpBoM34gtC72-s3R2qufuk_NU8rkp3K5A==

GET
H2 200 c
customer19507.musvc3.net/e/ 74 B
192 B 60ms
59ms Image
image/png 99.80.207.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer19507.musvc3.net/e/c?q=5%3d5b6bA%26E%3d7V%26r%3dZ5YB%26H%3d6WDb6S%263e4bl%3dTfX0Yc75-VdSe-W67i-a2Sj-U989WAXgW358%26Bt%3dV5b8U%26h%3dFvKz64.FiM%26u%3dS7W3Y9Y6T5
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.207.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-207-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:38 GMT
cache-control: no-cache
x-request-id: ff2504bd-639f-4682-a36f-909f2d97a839
content-type: image/png

GET
H2 200 frontendPendoLoader.js Show response
a9e0g.emailsp.com/js/ 2 KB
2 KB 48ms
47ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a9e0g.emailsp.com/js/frontendPendoLoader.js

Requested by

Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-90.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
age: 62
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 1118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 13:51:06 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
date: Sun, 22 May 2022 08:45:36 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
cache-control: max-age=1200
etag: "019e27f569d81:0"
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
x-amz-cf-id: qZ7v_m448al57rc5kxqbCpspVkvzQB-b4v5ywou8SVy6HcfXvqpZjA==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/ 458 KB
142 KB 150ms
49ms Script
application/javascript 2600:9000:223f:8000:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by: Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/js/frontendPendoLoader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8000:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3eaecb671292c9fbd59f443863fe35fbe02370e5b938840e3a9182e8351f336d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:44:26 GMT
Content-Encoding: gzip
Age: 234
X-GUploader-UploadID: ADPycdsORG3Rm1_f38_k_bCWqXDRtyq5cEKZ8RL29Bw2TFHiCTlZKLDRYMhZRIMzArmWWHnK95Gi0zCCrRiK7DS-sHZLaQ
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 144487
Access-Control-Allow-Origin: *
Last-Modified: Fri, 20 May 2022 20:18:39 GMT
Server: UploadServer
ETag: "ef0fe01eeffafe4185b74a515e126777"
Vary: Accept-Encoding
x-goog-hash: crc32c=Z6M4AQ==, md5=7w/gHu/6/kGFt0pRXhJndw==
x-goog-generation: 1653077919515090
Via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 144487
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: asQRxLbdrNLV9wfjK94QC8NuBQ2zGReDup8S52CKPxBp4prsI7PWew==
Expires: Sun, 22 May 2022 08:50:14 GMT

POST
H2 200 GetPendoSettings Show response
a9e0g.emailsp.com/frontend/webMethods/Console.asmx/ 59 B
480 B 172ms
172ms XHR
application/json 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a9e0g.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Requested by

Host: a9e0g.emailsp.com
URL: https://a9e0g.emailsp.com/js/frontendPendoLoader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-90.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fef9b68c5e2179c221eee57d288d33e4cd0e59ec82e95ccff5349a24b89b2317

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a9e0g.emailsp.com/f/rnl.aspx/?flg=_xw2vw2:bhn=yq4bm-=tyx225f5cc=5e-m72-in7/f5tq9&x=pp&y_.c.k-g63hb5.4l=uw/txNCLM
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=15768000
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
date: Sun, 22 May 2022 08:46:38 GMT
content-length: 59
x-xss-protection: 1; mode=block
x-amz-cf-id: eKFebvKBVQnyaK5sDe8JbE_rIHn82DvTAad77ZF6rRUraSEiWxomtg==

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/ptm.gif/ 42 B
115 B 432ms
255ms Image
image/gif 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo-pro.beefree.io/data/ptm.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?v=2.136.0_prod&ct=1653209199165&jzb=eJzVUc9v2yAY_V849JQAxiEukayp2yqtUpd1W7pDpwlhGzssGDsYJ_aq_O-FNYq6qeqth9743vc9-_34eQ_c2EqwAKqQxqlyBBOQ2WbfScudqv0mmtOYYBYxFtF4AnaqU66xXBWehP21yPOmN-4RiBjFiQd7q_20dq7tFggJJnEFZS2U7lqYNzUqkTUaiq4d0LtSVykf9mS3J4tsbdJxO8vqaerGgRBa0jxPqZzWCZkqk6CSui07G9K2PRs5zOFmWs3jdUbhTKf9Hrlh-eH6sxfQ2qbtwOIeNLrg_2jmN5fLj1_4ilfr1Xt2fafkzcwTwt2zVp6S8bN2D_53wvr4ViK78rDptZ4A9ziA-OtS_Pn945O2V5tqe7vznyytqOXfZbeTyTm-2OBvd1oN2TykPzrplc9wdJic2qmlEy82Q99eM0e94XmSrIWpelEFy9Lw2-8h26ON091_oV-c1h4qhAtcQhCmiGBCQoHSdqoxAYZRPIeYewnFK7VG6JPWdCOKF1tL3l5rwdPRCTuPXyXEOCKHXw-ovHYE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:39 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2 Show response
data.pendo-pro.beefree.io/data/guide.js/ 2 KB
2 KB 376ms
203ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo-pro.beefree.io/data/guide.js/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJw9j09vtCAYxL8Lhz1VYJ9d1mhCmqanJu17edOzQUQlRWQR_6Xxuy-2qbfnNwOTmW806UGH3r9VKEcUPSEhZT_a8MPnjNE0aqM3kdoQ3JATIjJFG6w6oc3gsOw7UhNvDRaDW8hzbRpeLDNMM-Rla_l6v5ZdwsO6ALCaScmZSroUEm1TUrNwz04Ld-60Fljir6S5XdqS4avh40zC8u_1_SMW6FQQlQgC5Ufh_dR_pY2wzSgaFVHZ4vM_2o4hx7vfMdFwwisbXg47SjF7_wtAKCNAAWLmpPyge7vL-Hy5YVo431do2x5HH2CC&v=2.136.0_prod&ct=1653209199168

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

95025ac85a8a8529f71ac4ac381af18774a75f8d1964fa0c04c7cf59c0062c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://a9e0g.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			a9e0g.emailsp.com/	1969-12-31 23:59:59	Name: BIGipServercu_front_80_pool Value: !WgcBEGh97Mn+J6NfbkUQtem4juB6NmsMU/XUFwBuW++1pJozVlHBOlMbx4TVCCQLL+QcyKVwngxFpJY=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com data: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9e0g.emailsp.com
cdn.pendo.io
customer19507.img.musvc3.net
customer19507.musvc3.net
data.pendo-pro.beefree.io
fcvezd.stripocdn.email
fonts.googleapis.com
fonts.gstatic.com
urlsand.esvalabs.com
109.168.30.185
13.32.99.90
18.66.112.118
2600:9000:223f:8000:1f:aa31:7740:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:808::2013
2a00:1450:4001:82f::2003
88.198.151.113
99.80.207.214
025bb9bdda9b41fea991fa9ce15a4bb86d06b52c9a54c3d9b61ed7275d7ef7dc
099aa81c5a63d1d1699bef615d4918d73abbf2c5ee114e62dce1254ad6b147b5
1856e9eb336c1eb373538389dd55e7063d0c7598f2b1191c37c1bd1d7697c892
27c5020f76fa7889c581d5a28c82811a189b129abdda7db16fc2ef3ec60301e1
3661b0abad108b1e162b750119e065a1bc24b379ed4371a0daf807ee3567534c
3eaecb671292c9fbd59f443863fe35fbe02370e5b938840e3a9182e8351f336d
40b22b971aec653a4b043b68fecf37ad18dcd864dacd89a2cf8c4b30dcf3be03
43b7040bd7a8b8d5233913864cf6a19884c540c510ce36ebd64c4a11d39ff265
4bb74669a07a48277c8e797041c1eac4be30016e86ac9a40c70f3a2ae13e1cd4
6b9d2b61facecada8129475b245089790d9efb851a05fabc70ee2cb42c58d46b
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
816e20d07168487620f8263d45fdbf4e1be12637f34f2a90cdea68f1376712e8
81793beb150a889b0d407981e2c19a362cd56dead1445af5d314c7117d885ffc
902ed922cb9ba5e4062ee19683782ef412b2e2182ff0d56e1b8a7a8000c5c8c5
95025ac85a8a8529f71ac4ac381af18774a75f8d1964fa0c04c7cf59c0062c5e
a550c5e63310780280db65e8a12129d5d4f48aec6c91b35a6f5683922a30cd9e
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b3345f9014181f7aaf29b221b29e286691d98a37fa350e47be19a4fbfe289050
b4b3a8838d9785f30af74c5697192dd2f05ab486e0e9ef9ea074f1e3e4829a9c
b5ddb60604ac7c649070dc629ab1729ddfc0927463b3891d0d6c7d1b18419738
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0
fb55650bbb7a33af4f2925696ef0765dc57aaeeadadad1193969554f07d0f957
fef9b68c5e2179c221eee57d288d33e4cd0e59ec82e95ccff5349a24b89b2317

a9e0g.emailsp.com Open in urlscan Pro 13.32.99.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

26 Requests

100 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

9 IPs

4 Countries

1694 kBTransfer

2038 kBSize

1 Cookies

17 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Security Headers

a9e0g.emailsp.com Open in urlscan Pro
13.32.99.90 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1694 kB
Transfer

2038 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions