a0a0e1.emailsp.com Open in urlscan Pro
13.32.99.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tr.wobi.com/e/r?q=Qr%3d8tQsI_rxVp_38_uqSw_56_rxVp_2CdZaghQ.eJd9lPs.3oJ_uqSw_56f_OTsP_YiHnI.dIpU_uqSw_56_rxVp...
Effective URL:
https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
Submission: On October 21 via api (October 21st 2022, 7:05:02 am UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 13.32.99.57, located in United States and belongs to AMAZON-02, US. The main domain is a0a0e1.emailsp.com.
TLS certificate: Issued by Amazon on August 1st 2022. Valid for: a year.

This is the only time a0a0e1.emailsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	18.66.97.75 18.66.97.75	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.57 13.32.99.57	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	108.138.7.18 108.138.7.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:3c00:1f:aa31:7740:93a1	() ()
3	2a00:1450:400... 2a00:1450:4001:831::2013	15169 (GOOGLE) (GOOGLE)
18	6

3 18.66.97.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-75.fra56.r.cloudfront.net

tr.wobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.tr.wobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net

a0a0e1.emailsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-18.fra56.r.cloudfront.net

d15k2d11r6t6rl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3c00:1f:aa31:7740:93a1 (United States)

ASN- ()

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

data.pendo-pro.beefree.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	4 KB
3	beefree.io data.pendo-pro.beefree.io — Cisco Umbrella Rank: 849732	3 KB
3	emailsp.com a0a0e1.emailsp.com	12 KB
3	wobi.com 1 redirects tr.wobi.com — Cisco Umbrella Rank: 788400 img.tr.wobi.com	1 KB
2	cloudfront.net d15k2d11r6t6rl.cloudfront.net	251 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 842	134 KB
18	6

	Domain	Requested by
7	fonts.googleapis.com	a0a0e1.emailsp.com
3	data.pendo-pro.beefree.io	cdn.pendo.io
3	a0a0e1.emailsp.com	a0a0e1.emailsp.com
2	d15k2d11r6t6rl.cloudfront.net	a0a0e1.emailsp.com
2	tr.wobi.com	1 redirects a0a0e1.emailsp.com
1	cdn.pendo.io	a0a0e1.emailsp.com
1	img.tr.wobi.com	a0a0e1.emailsp.com
18	7

This site contains links to these domains. Also see Links.

Domain
tr.wobi.com

Subject Issuer	Validity	Valid
emailsp.com Amazon	`2022-08-01` - `2023-08-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
tr.wobi.com Amazon	`2021-12-16` - `2023-01-14`	a year	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
data.pendo-pro.beefree.io GTS CA 1D4	`2022-09-09` - `2022-12-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
Frame ID: 9C2FC32A6D49E73738711692F1BF262E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LET US SHOW YOU THE WAY TO SUCCESS

Page URL History Show full URLs

https://tr.wobi.com/e/r?q=Qr%3d8tQsI_rxVp_38_uqSw_56_rxVp_2CdZaghQ.eJd9lPs.3oJ_uqSw_56f_OTsP_YiH... HTTP 301
https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

404 kB
Transfer

698 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://tr.wobi.com/e/t?q=8%3dEgLeIX%267%3dVH%26K%3dSWKe%260%3dWIgMdN6o8v%26R%3d3O8MD_Mezk_Xo_Olxd_Y1_Mezk_WtTHR.wKG07Qx628y6.q8_Cvgw_MA%26r%3d%26FD%3dWLZTZ

Search URL Search Domain Scan URL

URL: https://tr.wobi.com/e/t?q=5%3dMZLbQQ%267%3dSP%26D%3dSTSX%260%3dTQZMaV%26K%3d3LFFD_Jmsk_Uw_Hlul_R1_Jmsk_T2MHO.FHv6130E99DK5E97D.7x.5w_Hlul_R1AF17Q-5JvD55_Csop_M8A61Ay5-wMD5vM_Dqnr_N64Fz5I.3EFI_Jmsk_U2BvF3_Hlul_Sy707_Csop_MXA61Ay5_Csop_N6nohg_Dqnr_NV_23_Dqnr_O4M.TR3w1vSNaPUN.SQZRTMWQXV.QQXQVTSSSQ-XQYOYOVLa.MVQSQRSZPZ%26y%3d%26AE%3dRSUUU
Title: Trade Commissioner Service office in Rome, Italy

Search URL Search Domain Scan URL

URL: https://tr.wobi.com/e/t?q=A%3dAe3hEV%26n%3dYD%26I%3d0ZGc%26q%3dZEe4gJ9k6c%26P%3djR4Ku_PaxR_ak_MS1Z_Wh_PaxR_ZpRyU.sIxC3Oe9x6f9.m6_tycu_4D7C1-GxQgQ4%269%3d%26kQ%3dBc5gE
Title: INVESTCANADA.CA/WHY-INVEST

Search URL Search Domain Scan URL

URL: https://tr.wobi.com/e/t?q=3%3dFdNZJU%269%3dQI%26H%3dURLb%26B%3dRJdOYO1p5x%26O%3d5J9JF_Hfwm_Sp_Lnse_V3_Hfwm_RuQJM.xHI58Nz13511.r5_Eqht_O6%26s%3d%26CF%3dRMWVU

Search URL Search Domain Scan URL

URL: https://tr.wobi.com/e/r?q=Mv%3dF3MwQ_1tZx_B4_yybs_9D_1tZx_A9hhjclY.nFhGuLw.AxF_yybs_9Do_KX1Y_UmMxN.hQyQ_yybs_9D_1tZx_B9F-_PZvW_amH__vTCQjf_1tZx_B4FKn_KX1Y_VkU4QF-_PZvW_ZEQ_yybs_0ByO_yybs_9do_KX1Y_VkWxM9VkXkf_1tZx_B7-B_PZvW_ZEQ_yybs_0ByO_yybs_9d1P2Y5Z3QxQ7XEJze5Q5Y9_T_yybs_9d7_KX1Y_VkN5_KX1Y_UCdAU-A_W6WUkUp%26j%3dYITGc0%267%3d%26pQ%3dAa0gD%26E%3d8b%26w%3da9e4h9jG%26H%3d9cIUFh%263%3d-ZAYBb8cFV
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tr.wobi.com/e/r?q=Qr%3d8tQsI_rxVp_38_uqSw_56_rxVp_2CdZaghQ.eJd9lPs.3oJ_uqSw_56f_OTsP_YiHnI.dIpU_uqSw_56_rxVp_3CiCc_OTsP_ZgNvTrSwbdYdK_uqSw_64nW_uqSw_56-d8_uqSw_64uU1Kx_OTsP_Y9N_rxVp_3AsL_rxVp_2c-C-_HQzS_Sa_OTsP_ZgR00_uqSw_5V504Y7Ig4d0_uqSw_5Vx_OTsP_ZgFp_OTsP_Y9G4b6Ua0l0a_OTsP_Yi_HQzS_Sa.D_uqSw_569ap_HQzS_SdL5JvOQcLt%26f%3dQ0XCU1%26A%3d%26l8d1aI%3d2e6Y5%26I%3d4T%26n%3de5W8%26L%3d5U0YBZ%26t%3d-XBY7d7Q0f4&mupckp=mupAtu4m8OiX0wt HTTP 301
https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
a0a0e1.emailsp.com/f/rnl.aspx/
Redirect Chain

https://tr.wobi.com/e/r?q=Qr%3d8tQsI_rxVp_38_uqSw_56_rxVp_2CdZaghQ.eJd9lPs.3oJ_uqSw_56f_OTsP_YiHnI.dIpU_uqSw_56_rxVp_3CiCc_OTsP_ZgNvTrSwbdYdK_uqSw_64nW_uqSw_56-d8_uqSw_64uU1Kx_OTsP_Y9N_rxVp_3AsL_rx...
https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

28 KB
10 KB

413ms
321ms

Document
text/html

13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

58d4d3d965bb808507e763a7d42de75221c72f74b7227913748cb15d5735a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-length: 9346
content-type: text/html; charset=utf-8
date: Fri, 21 Oct 2022 07:04:57 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id: x0dj8OjJLZ0mNPijby7dl130u4-yYvM6uI4yysUpNS-4slk0rVb0_Q==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 181
content-type: text/html; charset=utf-8
date: Fri, 21 Oct 2022 07:04:57 GMT
location: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-id: VCAcyCTJo4m-dJApuSCm_sqUMlm1ZWIqL-F2tQ5veuijQNgxhI6prQ==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-request-id: c16e0d28-3180-4454-9ed1-8d0675abc0e7

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 137ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 06:09:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 664 B
429 B 161ms
70ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 06:14:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
601 B 140ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 05:37:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 395 B
386 B 140ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Permanent+Marker

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 07:04:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
596 B 146ms
56ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 06:52:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
446 B 146ms
57ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abril+Fatface

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 06:14:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
595 B 159ms
69ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731b7179500596455906cca88663e99ccd87c340ebb2c14f170294898a9fc13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 06:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Oct 2022 07:04:58 GMT

GET
H2 200 4bc8223d-ded6-4e72-a13e-8ccc890e7a54.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/53601_618875/editor_images/ 171 KB
171 KB 130ms
43ms Image
image/png 108.138.7.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/53601_618875/editor_images/4bc8223d-ded6-4e72-a13e-8ccc890e7a54.png
Requested by: Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ffc94420a6c5a8ae79d9d0a102e7e5963266fd01dded2b6d04ed79be7cc2ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 06:00:48 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified: Thu, 14 Oct 2021 16:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 3851
etag: "ad5b165b55fc61d912d4e3e308f66354"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 174827
x-amz-cf-id: pNtlM-6_DS3kmENuE4rVSaSmMVGG_fA5PJe2CThiK23iu8WnFm5Fvw==

GET
H2 200 Invest%20footer.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/53601_618875/ 79 KB
79 KB 220ms
133ms Image
image/png 108.138.7.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/53601_618875/Invest%20footer.png
Requested by: Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-18.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 200f1bb22af3456cfe9dfd0a5279c12376d2adc9e20771ab7cc8fe4a26d69416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 06:00:48 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified: Thu, 14 Oct 2021 17:12:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 3851
etag: "560f0ec5fc631e74ca92cdbb7f48b046"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 80876
x-amz-cf-id: jo2lOBxF_YQjR48T1vR39vn7vYRWRniOFsUhCrZ-XfZbUcmaOaPlcQ==

GET
H2 200 trans.gif
img.tr.wobi.com/static/101051/images/footer/ 43 B
412 B 59ms
37ms Image
image/gif 18.66.97.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tr.wobi.com/static/101051/images/footer/trans.gif

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-75.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
date: Fri, 21 Oct 2022 07:01:26 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified: Mon, 02 Nov 2015 14:04:11 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-P2
age: 223
x-powered-by: ASP.NET
etag: "807f10597715d11:0"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-amz-cf-id: rvJEUcLN48nPN29pInvAIo4xwos-hvbCJS0uIJBZUtm5d0Tr-dDOXg==

GET
H2 200 c
tr.wobi.com/e/ 74 B
348 B 68ms
67ms Image
image/png 18.66.97.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.wobi.com/e/c?q=6%3d5e4c9V%26o%3dT8%26I%3dAUAc%26r%3dU9e5bD4e6d%26C%3dg8iVCaAd-8Y6W-758a-BUA6-84i7e5h98aD9%26lL%3d6c6b9%269%3d%26w%3dbAcBW9a9Y
Requested by: Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-75.fra56.r.cloudfront.net
Software: /
Resource Hash: f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:04:58 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache
x-amz-cf-id: uZWq7npdwGb1Wh2YG_k1rSNkpX-mJkeZ2ZUmJv01Z6l_XSZgN3y60A==
x-request-id: 44d8557c-d03b-4bb5-9062-f1f613280ebc

GET
H2 200 frontendPendoLoader.js Show response
a0a0e1.emailsp.com/js/ 2 KB
2 KB 91ms
90ms Script
application/javascript 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a0a0e1.emailsp.com/js/frontendPendoLoader.js

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
date: Fri, 21 Oct 2022 07:04:57 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-length: 1270
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 07:30:28 GMT
server: Microsoft-IIS/10.0
etag: "0c28cd355e4d81:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1200
accept-ranges: bytes
x-amz-cf-id: IR0i_DuhEihs4aMOwMNroHIQsEKKdJ4fleL7tZ3d4F1UtdvkRQDmyQ==

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/ 405 KB
134 KB 129ms
42ms Script
application/javascript 2600:9000:223f:3c00:1f:aa31:7740:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by: Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/js/frontendPendoLoader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:1f:aa31:7740:93a1 , United States, ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: cefe0ee4be7c3f2cb93e7d92f764549d409b353f5af3219ec93d5366349705e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 06:58:37 GMT
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 409
x-guploader-uploadid: ADPycduYKgc9ShHs8CQsgJvdasgDr4t2GU70-NCC4eQxjWIoGVsXFLp9MjKZRMkQkTVPM2DgpWh_utnr0guPjoqSsyy2-dqTn50l
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 136258
last-modified: Thu, 20 Oct 2022 18:19:45 GMT
server: UploadServer
etag: "da7f1eb995d15e83f1d416759a178226"
vary: Accept-Encoding
x-goog-generation: 1666289985632806
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=sqkkpA==, md5=2n8euZXRXoPx1BZ1mheCJg==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 136258
accept-ranges: bytes
x-amz-cf-id: 8CeWc5SEg2uUB7uNgshkdNXbyY5NBHjMa1wzG3Ntew9IcLqLy2uQ8A==
expires: Fri, 21 Oct 2022 07:05:39 GMT

POST
H2 200 GetPendoSettings Show response
a0a0e1.emailsp.com/frontend/webMethods/Console.asmx/ 60 B
484 B 175ms
175ms XHR
application/json 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a0a0e1.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Requested by

Host: a0a0e1.emailsp.com
URL: https://a0a0e1.emailsp.com/js/frontendPendoLoader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fc5c57b638fac91dc8ab654d5d4fb022bb2998e6c1fcef684adf51e74b45b981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a0a0e1.emailsp.com/f/rnl.aspx/?fmc=xvwo3w5a9dn=nz/-da=uxxux&x=pv&-0-:=20c&5c197ldddc&x=pp&q4535acija/:.g/94m=o2tvrNCLM
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=15768000
date: Fri, 21 Oct 2022 07:04:57 GMT
x-content-type-options: nosniff
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
content-length: 60
x-xss-protection: 1; mode=block
x-amz-cf-id: HBPJINXQDscauG6WQ8bdODV2krlKx8YpaU6J4OC2wTzLFmXsNOk-Og==

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/ptm.gif/ 42 B
104 B 336ms
212ms Image
image/gif 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo-pro.beefree.io/data/ptm.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?v=2.157.1_prod&ct=1666335898494&jzb=eJzVkV9P2zAUxb-LH_rUxnb-tEmkaEKEjWms3QabGNMUubFbDI6d2U6agvrdsUdVsQnxxgNvuefeG59zf7_ugd22DOSAUyYtX23BGCy12himK8sb18HT6TSKkjRL43Q2Bj033CpdceqWkJsmda06aR8FjDBKsFM7LVx5bW1rcggJIojhgDWEC9MGtWrgCmopAmLaAb5bNXUx9BsVbRKSUVnIOzihpOiGoRtGQ9H2owma5EWI6lFS42wmKKW1b7SjP3ESJaTmNwTmwRpmcVOo0PZ6fnz22dlotWoNyO-BErT6x3r15WReLqqLKrn6Vp4tPt0t3n9wC37u-URPt9HzsXfuQaLdHS_I8qPTZSfEGNjHAkTLGTo_urwxV1_LH7Scu3-uNGnY3-bp6fXP7LY8KS9Nc3vMrcewtcx5jzHajQ-YGmbJi4jSN4tob9t_HpwLItcdWfvkTFbfz_2J92kOc_8f_-jQdxIl1i-HGGIEQxSGniTThivp5QAnswBXzgN9JXpR9ISeUIS-SC97s_R8tH2gFMevcssIZ7vfD092eSE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:04:58 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2 Show response
data.pendo-pro.beefree.io/data/guide.js/ 4 KB
3 KB 285ms
163ms Script
application/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo-pro.beefree.io/data/guide.js/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJw9j09PxCAUxL8Lh54s_3bJpk2IMZ5M1IvxvHkBtmIoIKVdoul3X2q0t_ebgcnMD1rsZHNITxr1iKI7BEqF2edfZpRRwao4J1fxI-c49YQABWoYNiNYN0WswkguJHmHYYqF3F9GJctyDYergE576b9Jq0HOpcylKTIuTUvbXnKqGqFYd3Jaa7UZsfk6ioMAZT-B9Hgg3XGUgeclvT4-v9Qao8mgIQPq997baf-7O_DDDIOpaPz5_Q2t-5793d-m6kRIxueH3a9SDd8-c0YYJZxyXkMXkyYb_CZjJk6YnWMKGq3rDdR3Ykk&v=2.157.1_prod&ct=1666335898496

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

08cc132c74edf8c3a3d34c5e973fcd04f84897e8420afd46f67bc4d0e46fdc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
access-control-max-age: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/guide.gif/ 42 B
280 B 273ms
152ms Image
image/gif 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo-pro.beefree.io/data/guide.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1666335898496&v=2.157.1_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0a0e1.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:04:58 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			a0a0e1.emailsp.com/	1969-12-31 23:59:59	Name: BIGipServercu_front_80_pool Value: !jkASe7P3Y86GT1+w3X+Ij125lRrIF6BAANo4rz9370TvMcdgoHMVNDJNXWmzC/4m+Ck5dMNhSeQLLIM=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0a0e1.emailsp.com
cdn.pendo.io
d15k2d11r6t6rl.cloudfront.net
data.pendo-pro.beefree.io
fonts.googleapis.com
img.tr.wobi.com
tr.wobi.com
108.138.7.18
13.32.99.57
18.66.97.75
2600:9000:223f:3c00:1f:aa31:7740:93a1
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2013
08cc132c74edf8c3a3d34c5e973fcd04f84897e8420afd46f67bc4d0e46fdc44
200f1bb22af3456cfe9dfd0a5279c12376d2adc9e20771ab7cc8fe4a26d69416
58d4d3d965bb808507e763a7d42de75221c72f74b7227913748cb15d5735a192
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
731b7179500596455906cca88663e99ccd87c340ebb2c14f170294898a9fc13d
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
9ffc94420a6c5a8ae79d9d0a102e7e5963266fd01dded2b6d04ed79be7cc2ac0
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
cefe0ee4be7c3f2cb93e7d92f764549d409b353f5af3219ec93d5366349705e9
e6d91eb2f38a9f08227d73aa307bffdcbf5a0623366e513f9652691f4185f54c
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0
fc5c57b638fac91dc8ab654d5d4fb022bb2998e6c1fcef684adf51e74b45b981
ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

a0a0e1.emailsp.com Open in urlscan Pro 13.32.99.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

404 kBTransfer

698 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

a0a0e1.emailsp.com Open in urlscan Pro
13.32.99.57 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

404 kB
Transfer

698 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions