urlscan.io logo urlscan.io
SecurityTrails logo

app.sendx.io Open in urlscan Pro
54.86.61.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Submission: On November 25 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 54.86.61.14, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.sendx.io. The Cisco Umbrella rank of the primary domain is 368711.
TLS certificate: Issued by Amazon on September 11th 2022. Valid for: a year.
This is the only time app.sendx.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 54.86.61.14 14618 (AMAZON-AES)
8 2600:9000:236... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 4
Apex Domain
Subdomains		 Transfer
11 sendx.io
app.sendx.io — Cisco Umbrella Rank: 368711
cdn.sendx.io — Cisco Umbrella Rank: 411770
83 KB
1 gstatic.com
fonts.gstatic.com
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
3 KB
13 3
Domain Requested by
8 cdn.sendx.io app.sendx.io
cdn.sendx.io
client
3 app.sendx.io app.sendx.io
cdn.sendx.io
1 fonts.gstatic.com cdn.sendx.io
1 cdnjs.cloudflare.com cdn.sendx.io
13 4

This site contains links to these domains. Also see Links.

Domain
cannabismarijuanamarketing.com
google.com
sendx.io
Subject Issuer Validity Valid
*.sendx.io
Amazon		 2022-09-11 -
2023-10-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Frame ID: D65DC9B647FC2EF642937ED436870211
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FACTURA

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • mustache(?:\.min)?\.js

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

116 kB
Transfer

324 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request subscribe
app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.61.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-61-14.compute-1.amazonaws.com
Software
openresty /
Resource Hash
b25419c5fd62e5ddb772749a6ed1069fd3bf1febd87b53f814567b447f1ffc50
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Expose-Headers
*
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4698
Content-Security-Policy
default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Content-Type
text/html; charset=utf-8
Date
Fri, 25 Nov 2022 14:13:24 GMT
Referrer-Policy
same-origin
Server
openresty
Strict-Transport-Security
max-age=315360000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
cjikDUSDp2TBVMvkcU484f.js
cdn.sendx.io/prod/ 		124 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Requested by
Host: app.sendx.io
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b037db8b8fd17ac3443dc287db9a6aaed390be4304dddcf70994b3c122f65973

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:25 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Fri, 18 Nov 2022 08:49:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"906a98cefa98ffa4fdeec331a7b09da7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
_hfBVmtfK7I7yvbKcp4p4a3yiLObFAN9n0UdnWkucCS62ja0O0-16w==
mustache.min.js
cdnjs.cloudflare.com/ajax/libs/mustache.js/3.0.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mustache.js/3.0.1/mustache.min.js
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b873fedd063ab995199af21b6e0c543c850d8669bd41f6f9d9c9f056e91a2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2149095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2600
last-modified
Mon, 04 May 2020 16:13:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f29-26e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAv9pbrqvxqe3jPNqny2UZQditin5vaNs02uynDyVPm9K3RKyaL8cQO1HkfWgWH%2FIhypJvIFxs5neZOqE1RcErQxqH20Oem28hvdD2UCa%2BO5lsHO68gs8o82OYJvnJxLnZM%2FccsS%2BcZ630uVNAhfN0Qb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76fafc20fe4576f3-LHR
expires
Wed, 15 Nov 2023 14:13:25 GMT
cleanslate.min.css
cdn.sendx.io/prod/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/prod/css/cleanslate.min.css
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4a24372572e336039c3c85dfaa6d1a397a5ead055d514591749aaf24a23d900

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:05 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2017 13:41:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
25
etag
W/"f23bc8a19c159e845f3e5ed170602b96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
nfd2STjDpCv5-ziCeXxBn4Zs7YEJwu40mXBpavPjwghkpIZRfSIUlQ==
animate.min.css
cdn.sendx.io/prod/css/ 		56 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/prod/css/animate.min.css
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8964eaabfdb399568ea0a04ee0ce2396656bb8a40541bda7811640350dd43f94

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:25 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2017 13:41:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
7
etag
W/"81f23169e872e955c1db7835c7a5e5bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
J16JLhEQPuRHMnN-T1MR0z4HLCn4KrQoQLH-gzph2_Qjc08mEMjcRw==
Lato.css
cdn.sendx.io/fonts/ 		218 B
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/fonts/Lato.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e764c95f535df1ed26f6234e4ecd7a1c9ed2a605441a6a0e2551b093739f067b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:25 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:45:51 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412772/atime:1532414438/md5:55d1ce2cdd691c5e830df2780c310daf/ctime:1532412772
x-amz-cf-pop
FRA60-P1
age
52
etag
"55d1ce2cdd691c5e830df2780c310daf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
218
x-amz-cf-id
o0dX5bVd9wa57s9N0l7Ld-E6EoH3W4Yc6I9h7v7VSeE-FMN3Ou5hrg==
Arimo.css
cdn.sendx.io/fonts/ 		223 B
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/fonts/Arimo.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bb643c7451a152a9085a3ce93ec0a7568ad774e538cd7eec724e5064c16b75f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:26 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:43:01 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412609/atime:1532414437/md5:46638146c0ab6b299e0157ecff2e7659/ctime:1532412609
x-amz-cf-pop
FRA60-P1
etag
"46638146c0ab6b299e0157ecff2e7659"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
223
x-amz-cf-id
74TKN8MMv4KI2onuYfiE2ThA9Laqy1Ifgb-qvyWjyTLTRO1EyA5MtQ==
PT%20Sans%20Narrow.css
cdn.sendx.io/fonts/ 		251 B
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/fonts/PT%20Sans%20Narrow.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5590ac38a4230c96a31c19d874ce00bcb6d2b219d13dc882f0155432ac43c5c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:25 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:47:06 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412828/atime:1532414517/md5:3dbdfe5959d52b12e8d198e06428f193/ctime:1532412828
x-amz-cf-pop
FRA60-P1
age
16
etag
"3dbdfe5959d52b12e8d198e06428f193"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
251
x-amz-cf-id
T6yjQ-aGelVyGlY3vLlb3ko0R6SGXKI1iW-9SK270HpcYg-dm6-F9A==
PT%20Sans.css
cdn.sendx.io/fonts/ 		223 B
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendx.io/fonts/PT%20Sans.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d12cb248aa500dc28b99afbdb79961dd9cc64318de27c19f2e2108d438c8eb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:26 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 06:47:07 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:wheel/uname:agnibha/gid:0/mode:33188/mtime:1532412827/atime:1532414517/md5:76271aaaa990c198067aff4c057e3f66/ctime:1532412827
x-amz-cf-pop
FRA60-P1
etag
"76271aaaa990c198067aff4c057e3f66"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
223
x-amz-cf-id
aLlREVC8TYl485Ao_fQscknBXRzfn-A1PfjXf8DOp-nziA3CQBvlwA==
full.png
cdn.sendx.io/prod/upload/img/22/11/18/16/14841/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sendx.io/prod/upload/img/22/11/18/16/14841/full.png
Requested by
Host: app.sendx.io
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5400:2:af8b:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2530f634a1ccf08f6c158bd047cdf8e5e771cca1d920358279d0efa6a1756d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 14:13:26 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Fri, 18 Nov 2022 08:41:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"38501cbcef271f615c8e3576c7364fc8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
19444
x-amz-cf-id
k8vqozZTK3mBf5mC0EaPeL5ZpTbeJq3KU6wdpI9CpS8RNI9cgyND3A==
subscribe
app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Requested by
Host: app.sendx.io
URL: https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.61.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-61-14.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Content-Encoding
gzip
Referrer-Policy
same-origin
Date
Fri, 25 Nov 2022 14:13:25 GMT
Server
openresty
Strict-Transport-Security
max-age=315360000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Expose-Headers
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4698
X-Xss-Protection
1; mode=block
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/ 		59 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/fonts/Lato.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.sendx.io/
Origin
https://app.sendx.io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30035
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:23:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 00:27:29 GMT
bf6HxPrpNGTT8y9W3okmmV
app.sendx.io/api/v1/js/track/popup/impression/ 		82 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sendx.io/api/v1/js/track/popup/impression/bf6HxPrpNGTT8y9W3okmmV?teamId=cjikDUSDp2TBVMvkcU484f&url=https%3A%2F%2Fapp.sendx.io%2Fpopup%2Fbf6HxPrpNGTT8y9W3okmmV%2Fsubscribe&callback=SendX_280312004
Requested by
Host: cdn.sendx.io
URL: https://cdn.sendx.io/prod/cjikDUSDp2TBVMvkcU484f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.61.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-61-14.compute-1.amazonaws.com
Software
openresty /
Resource Hash
f728a7076055fa73671ae97423b2e382e5ec662ea7903ba2ae14d6cdf5150596

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.sendx.io/popup/bf6HxPrpNGTT8y9W3okmmV/subscribe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 14:13:26 GMT
Content-Encoding
gzip
Server
openresty
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Authorization,Access-Control-Allow-Origin
Content-Length
89

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _popupData object| _scq object| _scs object| _sendxConfig number| _sendxInstances function| SendXLukesLazyLoader object| _sendx string| data object| qparams undefined| cid undefined| tid object| Mustache function| SendX_280312004

4 Cookies

Domain/Path Name / Value
app.sendx.io/ Name: sendx_sess
Value: cd4d8644526b15e4466e6964e455aa05
app.sendx.io/ Name: lang
Value: ZW4tVVM=|1669385604302785374|eddec02b5b63f05bfd8c893aee97a30dda383049
.app.sendx.io/ Name: sendxNumTimesShownbf6HxPrpNGTT8y9W3okmmV
Value: 1
.app.sendx.io/ Name: sendxFrequencybf6HxPrpNGTT8y9W3okmmV
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' app.sendx.io sendx.io *.sendx.io facebook.com *.facebook.com intercom.io *.intercom.io *.intercomcdn.com *.intercomusercontent.com *.youtube.com player.vimeo.com fast.wistia.net intercom.help *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.stripe.com *.webflow.com heapanalytics.com *.heapanalytics.com googletagmanager.com *.googletagmanager.com google-analytics.com *.google-analytics.com facebook.net *.facebook.net *.cloudflare.com fonts.gstatic.com 'unsafe-inline' 'unsafe-eval' http: https: wss: blob:
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block