urlscan.io logo urlscan.io
SecurityTrails logo

e-ascott.crmxs.com Open in urlscan Pro
104.215.151.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=aa915c_4834_46653278_46183528&xs_name=Unsubscribe&xs_url=?xs_app=t...
Effective URL: https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Submission: On October 25 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 104.215.151.146, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is e-ascott.crmxs.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 4th 2022. Valid for: a year.
This is the only time e-ascott.crmxs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.215.151.146 8075 (MICROSOFT...)
3 1
Apex Domain
Subdomains		 Transfer
4 crmxs.com
e-ascott.crmxs.com
38 KB
3 1
Domain Requested by
4 e-ascott.crmxs.com 1 redirects e-ascott.crmxs.com
3 1

This site contains no links.

Subject Issuer Validity Valid
*.crmxs.com
GeoTrust RSA CA 2018		 2022-08-04 -
2023-09-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Frame ID: 0641C87B326B0AD8D419796F6BD5236E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Subscription Management

Page URL History Show full URLs

  1. https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=aa915c_4834_46653278_46183528&xs_name=Unsubscr... HTTP 302
    http://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_4665327... HTTP 307
    https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_4665327... Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

37 kB
Transfer

45 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=aa915c_4834_46653278_46183528&xs_name=Unsubscribe&xs_url=?xs_app=tools.unsubscribe&xs_category=7887fc_362 HTTP 302
    http://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528 HTTP 307
    https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
e-ascott.crmxs.com/
Redirect Chain
  • https://e-ascott.crmxs.com/?xs_app=tools.tracker&xs_data=aa915c_4834_46653278_46183528&xs_name=Unsubscribe&xs_url=?xs_app=tools.unsubscribe&xs_category=7887fc_362
  • http://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
  • https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.215.151.146 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b7cea19ff881f0c39475a46b79e5765bf5dabb2878245ef1315be0b730c13d99
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.e-ascott.com/ ALLOW-FROM https://*.crmxs.com/ ALLOW-FROM https://*.the-ascott.com/ ALLOW-FROM https://*.citadines.com/ ALLOW-FROM https://*.somerset.com/
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Content-Type
text/html;charset=UTF-8
Date
Tue, 25 Oct 2022 04:52:59 GMT
Expires
0
Keep-Alive
timeout=120, max=78
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM https://*.e-ascott.com/ ALLOW-FROM https://*.crmxs.com/ ALLOW-FROM https://*.the-ascott.com/ ALLOW-FROM https://*.citadines.com/ ALLOW-FROM https://*.somerset.com/
X-XSS-Protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Non-Authoritative-Reason
HSTS
/
e-ascott.crmxs.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-ascott.crmxs.com/?xs_app=tools.file&xs_file=a3cf42_225165
Requested by
Host: e-ascott.crmxs.com
URL: https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.215.151.146 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
6486d9160387eb8947ea1f34b296f34362dc21fbe02c6e0651e4136dc473ab3b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.e-ascott.com/, ALLOW-FROM https://*.crmxs.com/, ALLOW-FROM https://*.the-ascott.com/, ALLOW-FROM https://*.citadines.com/, ALLOW-FROM https://*.somerset.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
X-Content-Type-Options
nosniff
Date
Tue, 25 Oct 2022 04:52:59 GMT
Server
Apache
Transfer-Encoding
chunked
X-Frame-Options
ALLOW-FROM https://*.e-ascott.com/, ALLOW-FROM https://*.crmxs.com/, ALLOW-FROM https://*.the-ascott.com/, ALLOW-FROM https://*.citadines.com/, ALLOW-FROM https://*.somerset.com/
Content-Type
image/jpeg;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Content-Disposition
inline; filename="saved_resource.jpg"
Keep-Alive
timeout=120, max=77
X-XSS-Protection
1; mode=block
Expires
0
/
e-ascott.crmxs.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Requested by
Host: e-ascott.crmxs.com
URL: https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.215.151.146 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.e-ascott.com/, ALLOW-FROM https://*.crmxs.com/, ALLOW-FROM https://*.the-ascott.com/, ALLOW-FROM https://*.citadines.com/, ALLOW-FROM https://*.somerset.com/
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e-ascott.crmxs.com/?xs_app=tools.unsubscribe&xs_category=7887fc_362&xs_data=aa915c_4834_46653278_46183528
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Server
Apache
Date
Tue, 25 Oct 2022 04:52:59 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html;charset=UTF-8
X-Frame-Options
ALLOW-FROM https://*.e-ascott.com/, ALLOW-FROM https://*.crmxs.com/, ALLOW-FROM https://*.the-ascott.com/, ALLOW-FROM https://*.citadines.com/, ALLOW-FROM https://*.somerset.com/
Cache-Control
no-cache, no-store, must-revalidate
Keep-Alive
timeout=120, max=76
X-XSS-Protection
1; mode=block
Expires
0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| checkEmail function| verify

3 Cookies

Domain/Path Name / Value
e-ascott.crmxs.com/ Name: JSESSIONID
Value: FAE97088815EC461526E7E743BA17A06
.e-ascott.crmxs.com/ Name: ApplicationGatewayAffinity
Value: 42f996c99a07e5b878dea61cb5168db739deba45f03a6d8ee6d2e01512106180
.e-ascott.crmxs.com/ Name: ApplicationGatewayAffinityCORS
Value: 42f996c99a07e5b878dea61cb5168db739deba45f03a6d8ee6d2e01512106180

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.e-ascott.com/ https://*.crmxs.com/ https://*.the-ascott.com/ https://*.citadines.com/ https://*.somerset.com/
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.e-ascott.com/ ALLOW-FROM https://*.crmxs.com/ ALLOW-FROM https://*.the-ascott.com/ ALLOW-FROM https://*.citadines.com/ ALLOW-FROM https://*.somerset.com/
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e-ascott.crmxs.com
104.215.151.146
6486d9160387eb8947ea1f34b296f34362dc21fbe02c6e0651e4136dc473ab3b
b7cea19ff881f0c39475a46b79e5765bf5dabb2878245ef1315be0b730c13d99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855