f5h4d.emailsp.com Open in urlscan Pro
13.32.99.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cedsdigital.musvc3.net/e/r?q=L8%3DE1L9_OXui_Zh_JjzW_Ty_OXui_Ym8NEA6.xJhA5Pw.58J_yslw_98y_OXui_YmJ7I.hK9U_yslw_98_AxZr_L...
Effective URL:
http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM
Submission Tags: falconsandbox
Submission: On September 12 via api (September 12th 2022, 12:51:22 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 13.32.99.57, located in United States and belongs to AMAZON-02, US. The main domain is f5h4d.emailsp.com.

This is the only time f5h4d.emailsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.248.135.205 34.248.135.205	16509 (AMAZON-02) (AMAZON-02)
1 4	13.32.99.57 13.32.99.57	16509 (AMAZON-02) (AMAZON-02)
4	13.224.189.5 13.224.189.5	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:6c00:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
10	5

2 34.248.135.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-135-205.eu-west-1.compute.amazonaws.com

cedsdigital.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.57 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net

f5h4d.emailsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.189.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-5.fra2.r.cloudfront.net

cedsdigital.img.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6c00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	musvc3.net 1 redirects cedsdigital.musvc3.net cedsdigital.img.musvc3.net	199 KB
4	emailsp.com 1 redirects f5h4d.emailsp.com	15 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 2707	150 KB
10	3

	Domain	Requested by
4	cedsdigital.img.musvc3.net	f5h4d.emailsp.com
4	f5h4d.emailsp.com	1 redirects f5h4d.emailsp.com
2	cedsdigital.musvc3.net	1 redirects f5h4d.emailsp.com
1	cdn.pendo.io	f5h4d.emailsp.com
10	4

This site contains links to these domains. Also see Links.

Domain
cedsdigital.musvc3.net

Subject Issuer	Validity	Valid
*.musvc1.net Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
*.musvc0.net Amazon	`2022-06-21` - `2023-07-20`	a year	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
emailsp.com Amazon	`2022-08-01` - `2023-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM
Frame ID: B72713B2F205B4F3F3850A2EB6625AB2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

💰 1 Anno a metà prezzo: scopri la promo lampo

Page URL History Show full URLs

http://cedsdigital.musvc3.net/e/r?q=L8%3DE1L9_OXui_Zh_JjzW_Ty_OXui_Ym8NEA6.xJhA5Pw.58J_yslw_98y_OXui_YmJ7I... HTTP 301
http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:... Page URL

Page Statistics

10
Requests

70 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

363 kB
Transfer

722 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://cedsdigital.musvc3.net/e/t?q=6%3d0WSW8%26D%3dL%26G%3dAWL%26H%3dAWQXCa%26F%3dAxLAL_vsns_73_CtWr_M9_vsns_68DAsH.4Ek3KSiLEBrG.4M_vsns_68w4gCEHw53HsDLb_vsns_78FMq_K0Nv54e3vz_KUuk_Vh784mD%26y%3dFyKG67.FzM%26mK%3dOc8aP

Search URL Search Domain Scan URL

URL: https://cedsdigital.musvc3.net/e/t?q=5%3dKcAVI%26J%3d4%26F%3dLc4%26G%3dLc9WNg%26x%3d09RsK_7yVr_H9_ushx_58_7yVr_GDv04N.lDv93RtRwA3M.lL_7yVr_GDe3rIwG8AkG4J4a_7yVr_HDxL2_QrM7A3p9dh_Jf1S_UsCp3xJ%26g%3dE0Qy5H.LhL%26xQ%3d7bIg8

Search URL Search Domain Scan URL

URL: https://cedsdigital.musvc3.net/e/t?q=8%3dNaTYL%26H%3dM%26I%3dOaM%26J%3dOaRZQe%26G%3dCBPBN_0wou_K7_Dvkv_NA_0wou_JBEC7L.5Gy7LUwPFD6K.5O_0wou_JBx6uGFJA94J7HMd_0wou_KBGO5_OAP096s7w1_Miyl_XvA961H%26z%3dHCOH8K.J1O%261O%3dPeLeQ

Search URL Search Domain Scan URL

URL: https://cedsdigital.musvc3.net/e/t?q=4%3dGY0UE%26F%3d3%26E%3dHY3%26F%3dHY8VJc%26w%3d95NrJ_3uUq_D5_trdt_47_3uUq_C0u9zJ.kCr52QpNv0yI.kK_3uUq_C0d2nEvF47jFzF3Z_3uUq_D0wKx_MqL372l5cg_IbwR_To9o2tF%26f%3dD6Mx4D.HgK%26tM%3d6aEc7
Title: Tanti vantaggi esclusivi dedicati ai nostri abbonati

Search URL Search Domain Scan URL

URL: https://cedsdigital.musvc3.net/e/r?q=M8%3d0EM9K_Ctlr_N4_Asns_K8_Ctlr_M9yW3Ww.7842DDI.vG8_Kjuk_Uy8_Ctlr_M98GF.4BHI_Kjuk_Uy_Jlvi_U1_Kjuk_UOP_Ctlr_N79N_Ctlr_MYQ_Jlvi_Uy_NEOKT__Asns_L3T4t93_Kjuk_VwK_Ctlr_M9tYw5_Asns_L6IR0_-W6_Kjuk_UO_Jlvi_UyKELKMRZRX0X_Ctlr_M9RWELCbPXAQEXII_Ctlr_MYIZJPDQMNQpXof%265%3dQXQVO%267%3d6MDOvU.98C%26AD%3dWSVTX%265%3dS%269%3dZNS%260%3dZNXPbR%26L%3dLYRVUVL4t3vaPZ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cedsdigital.musvc3.net/e/r?q=L8%3DE1L9_OXui_Zh_JjzW_Ty_OXui_Ym8NEA6.xJhA5Pw.58J_yslw_98y_OXui_YmJ7I.hK9U_yslw_98_AxZr_LCr03_OXui_ZkODU3SH_9-r0_AxZr_LAxSuHG_JjzW_UwT4JLehX-w_OXui_Zk3MHn9LDG4_AxZr_L8mV1A_yslw_9XG_OXui_ZkH9_OXui_YCPIGG9tDp0Rd_yslw_031X-_yslw_9Xz_OXui_ZkL_AxZr_KC2SDuJnf%260%3DCWQaA%266%3D6RzNvZ.u7C%26Fz%3DVSaFW%265%3DX%26u%3DYNX%26v%3DYNcBaR%26Q%3DDTSdFbS3t8ha0 HTTP 301
http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://f5h4d.emailsp.com/js/frontendPendoLoader.js HTTP 301
https://f5h4d.emailsp.com/js/frontendPendoLoader.js

Request Chain 7

http://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings HTTP 307
https://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
f5h4d.emailsp.com/f/rnl.aspx/
Redirect Chain

http://cedsdigital.musvc3.net/e/r?q=L8%3DE1L9_OXui_Zh_JjzW_Ty_OXui_Ym8NEA6.xJhA5Pw.58J_yslw_98y_OXui_YmJ7I.hK9U_yslw_98_AxZr_LCr03_OXui_ZkODU3SH_9-r0_AxZr_LAxSuHG_JjzW_UwT4JLehX-w_OXui_Zk3MHn9LDG4_...
http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

38 KB
12 KB

858ms
758ms

Document
text/html

13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

Protocol

HTTP/1.1

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

91fa0c9a2792a2ffca01297c14204bc70283c35aa6bb3dfb487f9c7337f8de7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11870
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 00:51:17 GMT
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
Via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
X-Amz-Cf-Id: KwtpT37xq6ypGroMTKqvnxBWj2gHZqxguNfN83dBqBUFG6TclDxr0A==
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 163
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 00:51:17 GMT
Location: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM
X-Request-Id: 0cfd55d2-a6c0-4582-b64a-88c1cc645192

GET
H/1.1 200
OK NL_GZ_1anno.jpg
cedsdigital.img.musvc3.net/static/65844/images/1/ 108 KB
108 KB 122ms
90ms Image
image/jpeg 13.224.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cedsdigital.img.musvc3.net/static/65844/images/1/NL_GZ_1anno.jpg

Requested by

Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-5.fra2.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

135b673dd7908a7537b3f4051604ad82d2d40efc19f1a7a71ca465e874c874cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Sep 2019 09:16:20 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: ASP.NET
ETag: "2b1ff0391475d51:0"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Date: Mon, 12 Sep 2022 00:51:18 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110329
X-Amz-Cf-Id: fobUOdy7mt9d5XBwHRsuCOk0vyT0Wc14i3TcyvULgKKZHi5sh1tfCw==

GET
H/1.1 200
OK VE_1_2a6a71adce.jpg
cedsdigital.img.musvc3.net/static/65844/images/1/ 85 KB
85 KB 85ms
70ms Image
image/jpeg 13.224.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cedsdigital.img.musvc3.net/static/65844/images/1/VE_1_2a6a71adce.jpg

Requested by

Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-5.fra2.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

17399c634cc7037243725006799eaa26ad551d08d68b2b459c09237c0123a478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 May 2018 08:20:59 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: ASP.NET
ETag: "6e9a26a96ee7d31:0"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Date: Mon, 12 Sep 2022 00:51:18 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86670
X-Amz-Cf-Id: ATIv2UT1b1Dbx4ikONsGC_3s2HeKM7c5_1oOuGUi1Re0wUG2LFBi2g==

GET
H/1.1 200
OK digital-logo-gz.png
cedsdigital.img.musvc3.net/static/65844/images/1/ 4 KB
4 KB 112ms
89ms Image
image/png 13.224.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cedsdigital.img.musvc3.net/static/65844/images/1/digital-logo-gz.png

Requested by

Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-5.fra2.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

97d907c013b9851199fd77d571e0d5f3e28d54f704adead1829848273ffe8826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 May 2018 08:20:27 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: ASP.NET
ETag: "3979ea956ee7d31:0"
X-Cache: Miss from cloudfront
Content-Type: image/png
Date: Mon, 12 Sep 2022 00:51:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3909
X-Amz-Cf-Id: 1vKs-aJQb7lUTy5yd9HKBepLZuFbe7-CGJALYDJp18kag1cyL4vFGg==

GET
H/1.1 200
OK trans.gif
cedsdigital.img.musvc3.net/static/65844/images/Modelli/ 43 B
566 B 30ms
8ms Image
image/gif 13.224.189.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cedsdigital.img.musvc3.net/static/65844/images/Modelli/trans.gif

Requested by

Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-5.fra2.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Last-Modified: Tue, 12 Nov 2013 11:26:47 GMT
Server: Microsoft-IIS/10.0
Age: 75202
X-Powered-By: ASP.NET
ETag: "807594129adfce1:0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Date: Sun, 11 Sep 2022 03:57:56 GMT
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: s2YZkT5816M5Q_FSAsECOecVVRGWB27NkdArUugqoBhLld9qhvowxA==

GET
H2 200 c
cedsdigital.musvc3.net/e/ 74 B
192 B 108ms
37ms Image
image/png 34.248.135.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedsdigital.musvc3.net/e/c?q=6%3dRZLWP%26G%3dE%26G%3dSZE%26H%3dSZJXUd%26v%3d4w6oUPXJW28q-Tyes-WOWt-5NbG-cMAM4UbGaVZs%26BE%3dYNWUZ%26r%3dFGN06O.IsM%26F%3dVFZRYNZTbM
Requested by: Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.135.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-135-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 00:51:18 GMT
cache-control: no-cache
x-request-id: 18ff0318-899c-4e33-9f28-551d0deafa88
content-type: image/png

GET
H2

200

frontendPendoLoader.js Show response
f5h4d.emailsp.com/js/
Redirect Chain

http://f5h4d.emailsp.com/js/frontendPendoLoader.js
https://f5h4d.emailsp.com/js/frontendPendoLoader.js

2 KB
2 KB

144ms
119ms

Script
application/javascript

13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f5h4d.emailsp.com/js/frontendPendoLoader.js

Requested by

Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM

Protocol

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P3
x-powered-by: ASP.NET
x-cache: RefreshHit from cloudfront
date: Mon, 12 Sep 2022 00:51:17 GMT
content-length: 1270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Thu, 08 Sep 2022 07:57:08 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
etag: "0e2df9758c3d81:0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
cache-control: max-age=1200
accept-ranges: bytes
x-amz-cf-id: y-xXeTy8HdSuzCCtcRS7_1Z85jHbKpcFm22S80pA1iszIsGdk5kOFQ==

Redirect headers

Date: Mon, 12 Sep 2022 00:51:18 GMT
Via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://f5h4d.emailsp.com/js/frontendPendoLoader.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: tVYyrKCVm3J_kXFj1q1-fBr4W5BsGCpopESxnffi6efnqfD4QJxwQA==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/ 486 KB
150 KB 75ms
12ms Script
application/javascript 2600:9000:223f:6c00:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by: Host: f5h4d.emailsp.com
URL: http://f5h4d.emailsp.com/js/frontendPendoLoader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6c00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d130380f9442625e645f2eaf92da591ecbae0793640425ea0abf8978b3ea9adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://f5h4d.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 00:51:18 GMT
Content-Encoding: gzip
Age: 248
X-GUploader-UploadID: ADPycdvPThDcgRBysAx1oOyzdjkL-oEncuqIuoKij9uTStZyqgus0rYuZauiDbNxQH2FogrXBKjDd9MhwuiWjMFFImuw-A
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 152795
Access-Control-Allow-Origin: *
Last-Modified: Thu, 08 Sep 2022 20:17:02 GMT
Server: UploadServer
ETag: "6c6eb7baed5af017a30c91ac7b69cf52"
Vary: Accept-Encoding
x-goog-hash: crc32c=00c73A==, md5=bG63uu1a8BejDJGse2nPUg==
x-goog-generation: 1662668222184454
Via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 152795
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: hPnbaXrIwcHZu3iQDJXhp0VcZ3ujZVvxghbLav0-Odcx1W3g3IQL9w==
Expires: Mon, 12 Sep 2022 00:54:40 GMT

POST

GetPendoSettings
f5h4d.emailsp.com/frontend/webMethods/Console.asmx/
Redirect Chain

http://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings
https://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

0
0

OPTIONS
H2 200 GetPendoSettings
f5h4d.emailsp.com/frontend/webMethods/Console.asmx/ 0
0 177ms
153ms Preflight 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://f5h4d.emailsp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
allow: OPTIONS, TRACE, GET, HEAD, POST
content-length: 0
date: Mon, 12 Sep 2022 00:51:18 GMT
public: OPTIONS, TRACE, GET, HEAD, POST
server: Microsoft-IIS/10.0
strict-transport-security: max-age=15768000
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id: hzxiBkcj9dXvIB0MKLdzn36WhnC6jYzuo422JVFyvJwTyaLptfT9Sg==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f5h4d.emailsp.com
URL: https://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			f5h4d.emailsp.com/	1969-12-31 23:59:59	Name: BIGipServercu_front_80_pool Value: !2rZlpE626ZIWosqw3X+Ij125lRrIFx9RlCZuvrE+K4+5eVgP+ezWIRMg01sA7ID6mhk6Rnyd52udxqk=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://f5h4d.emailsp.com/f/rnl.aspx/?khj=wuxv1y_b-kh=q1bk0=wwr38a6-d=a4kgg3g0b:f4hd&x=pp&xzj0gagih97:h1-&g=t/u1uNCLM Message: Access to XMLHttpRequest at 'https://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings' (redirected from 'http://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings') from origin 'http://f5h4d.emailsp.com' has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://f5h4d.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
cedsdigital.img.musvc3.net
cedsdigital.musvc3.net
f5h4d.emailsp.com
f5h4d.emailsp.com
13.224.189.5
13.32.99.57
2600:9000:223f:6c00:1f:aa31:7740:93a1
34.248.135.205
135b673dd7908a7537b3f4051604ad82d2d40efc19f1a7a71ca465e874c874cc
17399c634cc7037243725006799eaa26ad551d08d68b2b459c09237c0123a478
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
91fa0c9a2792a2ffca01297c14204bc70283c35aa6bb3dfb487f9c7337f8de7d
97d907c013b9851199fd77d571e0d5f3e28d54f704adead1829848273ffe8826
d130380f9442625e645f2eaf92da591ecbae0793640425ea0abf8978b3ea9adf
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

f5h4d.emailsp.com Open in urlscan Pro 13.32.99.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

70 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

363 kBTransfer

722 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

f5h4d.emailsp.com Open in urlscan Pro
13.32.99.57 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

363 kB
Transfer

722 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions