preferencepage.kensciomail.com Open in urlscan Pro
64.227.160.60  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request redirect.php Show response preferencepage.kensciomail.com/	19 KB 4 KB	584ms 191ms	Document text/html	64.227.160.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.227.160.60 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.54 (Ubuntu) / PHP/8.1.7-1ubuntu3.5 Resource Hash 82bc27496b71c4fc0754d063602011796eabf69ddb6d740c86acbf3e24173668 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 3882 Content-Type text/html; charset=UTF-8 Date Wed, 03 Jul 2024 09:43:50 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.54 (Ubuntu) Vary Accept-Encoding X-Powered-By PHP/8.1.7-1ubuntu3.5
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	35ms 7ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: preferencepage.kensciomail.com URL: https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 06:17:58 GMT content-encoding gzip x-content-type-options nosniff age 12352 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Jul 2025 06:17:58 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 552 B	42ms 18ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Muli:400,600,700&display=swap Requested by Host: preferencepage.kensciomail.com URL: https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2bf7e42a349117e57a187fbbedfbffe23947d59f1840b15597312e5a914d3654 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 03 Jul 2024 09:43:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 03 Jul 2024 09:43:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 03 Jul 2024 09:43:50 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	40ms 16ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:400,600,700&display=swap Requested by Host: preferencepage.kensciomail.com URL: https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 03 Jul 2024 09:43:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 03 Jul 2024 09:43:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 03 Jul 2024 09:43:50 GMT
GET H/1.1	200 OK	get_region.php Show response preferencepage.kensciomail.com/	71 B 482 B	288ms 288ms	XHR text/html	64.227.160.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://preferencepage.kensciomail.com/get_region.php?client_id=55 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.227.160.60 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.54 (Ubuntu) / PHP/8.1.7-1ubuntu3.5 Resource Hash 017d3bf25e4083b31f2adeab7b567664e5be42dc63d80eca5ac636a198b2ea49 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Referer https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Wed, 03 Jul 2024 09:43:50 GMT Content-Encoding gzip Server Apache/2.4.54 (Ubuntu) X-Powered-By PHP/8.1.7-1ubuntu3.5 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 86 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	radio_unchecked_dark.svg assets-in.bmscdn.com/mailers/images/01072022/mailer/	235 B 778 B	309ms 7ms	Image image/svg+xml	2600:9000:2724:6600:16:b4fc:3fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-in.bmscdn.com/mailers/images/01072022/mailer/radio_unchecked_dark.svg Requested by Host: preferencepage.kensciomail.com URL: https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2724:6600:16:b4fc:3fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 6f33f0fb8520fe11164406ae5009c0f5293e57e513b63a44bbbc1bda40ec227e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:33:24 GMT via 1.1 e23d0cd26e88be416569e15d7299b25c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P12 age 6588626 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 235 x-request-id 385428ad-21fe-4cee-9bb9-758b811f5d8e last-modified Sun, 07 Apr 2024 01:36:35 GMT etag "56d9c7ebc612376cb0fe2392178ab40c" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=31536000, must-revalidate x-server ImageKit.io timing-allow-origin * access-control-allow-headers * x-amz-cf-id wbghR9_n8PhXlga1h9sMyf6QXIaSaB0_ur0l00om_tP2Qd5MrVxKcg==
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v26/	38 KB 39 KB	277ms 249ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://preferencepage.kensciomail.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 14:46:11 GMT x-content-type-options nosniff age 68259 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39124 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:02:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 14:46:11 GMT
GET H2	200	7Auwp_0qiz-afTLGLQ.woff2 fonts.gstatic.com/s/muli/v29/	32 KB 32 KB	290ms 263ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Muli:400,600,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://preferencepage.kensciomail.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 15:02:00 GMT x-content-type-options nosniff age 67310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32796 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:41:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Jul 2025 15:02:00 GMT
GET H/1.1	200 OK	clevertap.min.js Show response d2r1yp2w7bby2u.cloudfront.net/js/	125 KB 35 KB	36ms 8ms	Script text/javascript	13.225.78.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js Requested by Host: preferencepage.kensciomail.com URL: https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.78.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-94.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 274a9ec24c52683e5bd16ca5e0141c75d93801ffa88330c67b49b36ae00e71ff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 12:06:15 GMT Content-Encoding gzip Via 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront) Last-Modified Tue, 18 Jun 2024 13:49:41 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C2 Age 77855 x-amz-server-side-encryption AES256 ETag W/"92a580f82655ffaae45032f86d4f5f6e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id 65Tz2FcUe3FJvc8-TnHVQW7AGQWokAw-J2ZC4YSs9DpK1RkaYD6YKQ==
GET H/1.1	404 Not Found	favicon.ico preferencepage.kensciomail.com/	293 B 509 B	234ms 234ms	Other text/html	64.227.160.60 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://preferencepage.kensciomail.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 64.227.160.60 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache/2.4.54 (Ubuntu) / Resource Hash ed383ebe89caf2a45826522f0556307547458ca3746fbc6eafb75b626d873610 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/redirect.php?param1=55&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&encoded=true&wzrk_ex=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 03 Jul 2024 09:43:51 GMT Server Apache/2.4.54 (Ubuntu) Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 293 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	e Show response in1.clevertap-prod.com/	203 B 803 B	955ms 308ms	Script text/plain	2600:9000:2634:c800:8:d483:80c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in1.clevertap-prod.com/e?r=1&e=ZmxlcwUJAAZubE16YGtrcgoGCQxjRWB7ZW5ifAIDLkI2NyEieSw3J1NXUHQjKDMlJC88Il1eH1c4Nw%3D%3D&d=N4IglgJiBcIGwE4BKBaAWgg7CgHJuaIANCAK4B2AzqQEYDiATgPakAOlMA2gLoC%2BQAA%3D&p=LHg7IlYSCxQseHYlIjcwLkB8XloweGhrdW9meQQEBgd1J35rdTM2JRAKEU91fjw%2BOjg3OX5fX1N1YHJpYm5gfQYHAhYqdnJpJzMkJEYSCxR1LSg5PAU2LlRRRFgjeH5rdTkHOGsSCxQseHYlIjcwLkB8XloweGhrdWpwNk8%3D&tries=1&useIP=false&r=1719999832505 Requested by Host: d2r1yp2w7bby2u.cloudfront.net URL: https://d2r1yp2w7bby2u.cloudfront.net/js/clevertap.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2634:c800:8:d483:80c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 81f481c813de2fe8579b83bb1c6e630503f279fb764de29e787a0ef1e8d97f24 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://preferencepage.kensciomail.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 03 Jul 2024 09:43:53 GMT Strict-Transport-Security max-age=31536000;includeSubDomains;preload Content-Encoding gzip Via 1.1 5de6a028df4eb308aab30c20c3edc602.cloudfront.net (CloudFront) X-Amz-Cf-Pop HYD57-P4 Transfer-Encoding chunked X-Cache Miss from cloudfront Connection keep-alive Pragma no-cache Server CloudFront X-Frame-Options SAMEORIGIN Vary Accept-Encoding, User-Agent Content-Type text/plain;charset=utf-8 Cache-Control no-cache, no-store, no-cache, no-store X-Amz-Cf-Id VMDRqi3jtmaqIpqGAmqiv6FI8L6YCyJFtzdKPBwjAWll8qMhY2SPqA== Expires 0

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery string| client_id string| acnt_id undefined| logo undefined| domain undefined| last_id undefined| client_name string| email string| region object| s object| clevertap object| wzrk boolean| isReEncode function| myFunction function| frmvalidate function| unsubscribe function| resubscribe function| wzrk_email_subscription function| wzrk_email_fetched object| $WZRK_WR object| $CLTP_WR object| wizrocket

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			preferencepage.kensciomail.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bf340dbb666904f788d2470d54d23708

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://preferencepage.kensciomail.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-in.bmscdn.com
d2r1yp2w7bby2u.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
in1.clevertap-prod.com
preferencepage.kensciomail.com
13.225.78.94
2600:9000:2634:c800:8:d483:80c0:93a1
2600:9000:2724:6600:16:b4fc:3fc0:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:810::200a
2a00:1450:4001:829::2003
64.227.160.60
017d3bf25e4083b31f2adeab7b567664e5be42dc63d80eca5ac636a198b2ea49
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
274a9ec24c52683e5bd16ca5e0141c75d93801ffa88330c67b49b36ae00e71ff
2bf7e42a349117e57a187fbbedfbffe23947d59f1840b15597312e5a914d3654
6f33f0fb8520fe11164406ae5009c0f5293e57e513b63a44bbbc1bda40ec227e
81f481c813de2fe8579b83bb1c6e630503f279fb764de29e787a0ef1e8d97f24
82bc27496b71c4fc0754d063602011796eabf69ddb6d740c86acbf3e24173668
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
ed383ebe89caf2a45826522f0556307547458ca3746fbc6eafb75b626d873610
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e