URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Submission: On November 17 via manual from GB — Scanned from GB

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 54.86.61.14, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.sendx.io. The Cisco Umbrella rank of the primary domain is 374554.
TLS certificate: Issued by Amazon on September 11th 2022. Valid for: a year.
This is the only time app.sendx.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 54.86.61.14 14618 (AMAZON-AES)
8 2600:9000:224... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 4
Apex Domain
Subdomains
Transfer
11 sendx.io
app.sendx.io — Cisco Umbrella Rank: 374554
cdn.sendx.io — Cisco Umbrella Rank: 433037
391 KB
1 gstatic.com
fonts.gstatic.com
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
3 KB
13 3
Domain Requested by
8 cdn.sendx.io app.sendx.io
cdn.sendx.io
client
3 app.sendx.io app.sendx.io
cdn.sendx.io
1 fonts.gstatic.com cdn.sendx.io
1 cdnjs.cloudflare.com cdn.sendx.io
13 4

This site contains links to these domains. Also see Links.

Domain
cannabismarijuanamarketing.com
google.com
sendx.io
Subject Issuer Validity Valid
*.sendx.io
Amazon
2022-09-11 -
2023-10-10
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Frame ID: 2EF5E6646418F4DFFE512BCD8669BE34
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

+44 1325 390 174

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • mustache(?:\.min)?\.js

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

424 kB
Transfer

631 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request subscribe
app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/
20 KB
6 KB
Document
General
Full URL
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.61.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-61-14.compute-1.amazonaws.com
Software
openresty /
Resource Hash
209f642403d57bb602971d7f8b0628870c72ff652eb7230b9f89a929a312bc13
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Expose-Headers
*
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4653
Content-Security-Policy
default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Nov 2022 17:04:00 GMT
Referrer-Policy
same-origin
Server
openresty
Strict-Transport-Security
max-age=315360000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
cjikDUSDp2TBVMvkcU484f.js
cdn.sendx.io/prod/
124 KB
26 KB
Script
General
Full URL
https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Requested by
Host: app.sendx.io
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d44f57cf89d918f030cc22ae11ba9a326b403bbcbb2119c1064de756042346a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:02 GMT
content-encoding
gzip
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 14:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"d04819208d45194dde972da5c189e71d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
181cCQQIAoPN3soOVn-PtvqcGOtAlMBI6ynfU9D3pDflg-qwkJA7rg==
mustache.min.js
cdnjs.cloudflare.com/ajax/libs/mustache.js/3.0.1/
10 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mustache.js/3.0.1/mustache.min.js
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b873fedd063ab995199af21b6e0c543c850d8669bd41f6f9d9c9f056e91a2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1468131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2600
last-modified
Mon, 04 May 2020 16:13:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f29-26e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub8JTI1vBdXg5AV6evWEhtpIZcF1qdwad5sIRTMA6aEQa2oFh4TEhYUA5EO1MEMOStf23a29%2BI8bbtfFMS2mBrEe0PRYjTWb3xuKbzspkyncZ2uGUsd8%2BaV7O9b%2BmBrgCZaUhDBJTFoSMU1ikqqs48Mw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76ba0b090ff77729-LHR
expires
Tue, 07 Nov 2023 17:04:01 GMT
cleanslate.min.css
cdn.sendx.io/prod/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://cdn.sendx.io/prod/css/cleanslate.min.css
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4a24372572e336039c3c85dfaa6d1a397a5ead055d514591749aaf24a23d900

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:02 GMT
content-encoding
gzip
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2017 13:41:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"f23bc8a19c159e845f3e5ed170602b96"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-cf-id
IQ2zrUE3KolwRjLENW7J24NKwQIMaANfx2DeOjXT-FsxaoIegpmRzw==
animate.min.css
cdn.sendx.io/prod/css/
56 KB
4 KB
Stylesheet
General
Full URL
https://cdn.sendx.io/prod/css/animate.min.css
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8964eaabfdb399568ea0a04ee0ce2396656bb8a40541bda7811640350dd43f94

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:02 GMT
content-encoding
gzip
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2017 13:41:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"81f23169e872e955c1db7835c7a5e5bc"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-cf-id
Frffu-kpI9qIUFhpUbmng6dRKaJ1IQDV8x_JsNklfmFWbrrwxYB4VQ==
Lato.css
cdn.sendx.io/fonts/
218 B
674 B
Stylesheet
General
Full URL
https://cdn.sendx.io/fonts/Lato.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e764c95f535df1ed26f6234e4ecd7a1c9ed2a605441a6a0e2551b093739f067b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:03 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:45:51 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412772/atime:1532414438/md5:55d1ce2cdd691c5e830df2780c310daf/ctime:1532412772
x-amz-cf-pop
FRA60-P1
etag
"55d1ce2cdd691c5e830df2780c310daf"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
218
x-amz-cf-id
sREwvSGgYz7YwPZpbzBEOfJLaymTcXiAxKLdNBW2BpH8dAh0FEX8lw==
Arimo.css
cdn.sendx.io/fonts/
223 B
680 B
Stylesheet
General
Full URL
https://cdn.sendx.io/fonts/Arimo.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bb643c7451a152a9085a3ce93ec0a7568ad774e538cd7eec724e5064c16b75f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:03 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:43:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412609/atime:1532414437/md5:46638146c0ab6b299e0157ecff2e7659/ctime:1532412609
x-amz-cf-pop
FRA60-P1
etag
"46638146c0ab6b299e0157ecff2e7659"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
223
x-amz-cf-id
QNeHiKhRjwxW_bRzQnhq2gI4S_rI_RKYKc6CT893KgvnyRMSsNK57A==
PT%20Sans%20Narrow.css
cdn.sendx.io/fonts/
251 B
710 B
Stylesheet
General
Full URL
https://cdn.sendx.io/fonts/PT%20Sans%20Narrow.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5590ac38a4230c96a31c19d874ce00bcb6d2b219d13dc882f0155432ac43c5c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:01 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:47:06 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412828/atime:1532414517/md5:3dbdfe5959d52b12e8d198e06428f193/ctime:1532412828
x-amz-cf-pop
FRA60-P1
age
36
etag
"3dbdfe5959d52b12e8d198e06428f193"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
251
x-amz-cf-id
YeuRLj3UtvsvgX_eSe6zeYjuZ7vp06mJAw1OCs2hqvf-0qhRL9NCVQ==
PT%20Sans.css
cdn.sendx.io/fonts/
223 B
680 B
Stylesheet
General
Full URL
https://cdn.sendx.io/fonts/PT%20Sans.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d12cb248aa500dc28b99afbdb79961dd9cc64318de27c19f2e2108d438c8eb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:01 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:47:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412827/atime:1532414517/md5:76271aaaa990c198067aff4c057e3f66/ctime:1532412827
x-amz-cf-pop
FRA60-P1
age
36
etag
"76271aaaa990c198067aff4c057e3f66"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
223
x-amz-cf-id
lUkXSCUppurLx8euW81sCyRp0KllTjz3DUrbwW8jkf8kl00lgGeVXQ==
full.png
cdn.sendx.io/prod/upload/img/22/11/15/21/14835/
328 KB
328 KB
Image
General
Full URL
https://cdn.sendx.io/prod/upload/img/22/11/15/21/14835/full.png
Requested by
Host: app.sendx.io
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8800:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5a0bda0996bbe9fe4ddd025d9c38969e483021b176baa060b8a22e6f5a9eb7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 17:04:03 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Tue, 15 Nov 2022 12:39:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"1ac516075736fa09e9f7611b3093c974"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
335385
x-amz-cf-id
b-7RbCKOpG_7mjcSFaRN9t_3ojG-SXQ0Yz2cB5Hn7RLqH2E0HcNZbg==
subscribe
app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/
20 KB
20 KB
Image
General
Full URL
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Requested by
Host: app.sendx.io
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.61.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-61-14.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Content-Encoding
gzip
Referrer-Policy
same-origin
Date
Thu, 17 Nov 2022 17:04:01 GMT
Server
openresty
Strict-Transport-Security
max-age=315360000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Expose-Headers
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4653
X-Xss-Protection
1; mode=block
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/
59 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/fonts/Lato.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.sendx.io/
Origin
https://app.sendx.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 00:27:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30035
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:23:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 00:27:12 GMT
bf6HxPrpNGTT8y9W3okmmV
app.sendx.io/api/v1/js/track/popup/impression/
82 B
572 B
Script
General
Full URL
https://app.sendx.io/api/v1/js/track/popup/impression/bf6HxPrpNGTT8y9W3okmmV?teamId=cjikDUSDp2TBVMvkcU484f&url=https%3A%2F%2Fapp.sendx.io%2Fpopup%2Fbf6HxPrpNGTT8y9W3okmmV%2Fsubscribe&callback=SendX_547182843
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.61.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-61-14.compute-1.amazonaws.com
Software
openresty /
Resource Hash
3b601810e7ff110d16e92d716877425e8a16250497ecc30b641388ab275bcd79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 17:04:02 GMT
Content-Encoding
gzip
Server
openresty
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Authorization,Access-Control-Allow-Origin
Content-Length
90

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _popupData object| _scq object| _scs object| _sendxConfig number| _sendxInstances function| SendXLukesLazyLoader object| _sendx string| data object| qparams undefined| cid undefined| tid object| Mustache function| SendX_547182843

4 Cookies

Domain/Path Name / Value
app.sendx.io/ Name: sendx_sess
Value: 4bf9f1d87196dd5f2b74c918791dcef0
app.sendx.io/ Name: lang
Value: ZW4tVVM=|1668704640621823900|a68c7479c15ece4e2c35e517895e4ef5bb9e76a6
.app.sendx.io/ Name: sendxNumTimesShownbf6HxPrpNGTT8y9W3okmmV
Value: 1
.app.sendx.io/ Name: sendxFrequencybf6HxPrpNGTT8y9W3okmmV
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block