b1h5f.emailsp.com Open in urlscan Pro
13.32.99.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://customer21856.musvc3.net/e/r?q=Qt%3dAzQuL_xxXs_98_wtYw_79_xxXs_8CgTnbk.8s8nEyM.hHs_OVvV_Yk9_xxXs_8CwGr.8xI4_OVvV_Yk_KWzU_...
Effective URL:
https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=u...
Submission: On November 18 via manual (November 18th 2022, 1:42:54 pm UTC) from IN — Scanned from DE

Summary HTTP 21 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 13.32.99.108, located in United States and belongs to AMAZON-02, US. The main domain is b1h5f.emailsp.com.
TLS certificate: Issued by Amazon on August 1st 2022. Valid for: a year.

This is the only time b1h5f.emailsp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.48.186.95 52.48.186.95	16509 (AMAZON-02) (AMAZON-02)
3	13.32.99.108 13.32.99.108	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
8	18.66.112.118 18.66.112.118	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:340... 2a02:26f0:3400::1703:5828	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:b400:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
21	9

2 52.48.186.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-186-95.eu-west-1.compute.amazonaws.com

customer21856.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-108.fra60.r.cloudfront.net

b1h5f.emailsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.112.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-118.fra56.r.cloudfront.net

customer21856.img.musvc3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3400::1703:5828 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.email.telepass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:b400:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

data.pendo-pro.beefree.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	musvc3.net 1 redirects customer21856.musvc3.net customer21856.img.musvc3.net	495 KB
3	beefree.io data.pendo-pro.beefree.io — Cisco Umbrella Rank: 656171	3 KB
3	emailsp.com b1h5f.emailsp.com	16 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 3500	807 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 854	134 KB
1	telepass.com image.email.telepass.com	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1021 B
21	8

	Domain	Requested by
8	customer21856.img.musvc3.net	b1h5f.emailsp.com
3	data.pendo-pro.beefree.io	cdn.pendo.io
3	b1h5f.emailsp.com	b1h5f.emailsp.com
2	fonts.gstatic.com	fonts.googleapis.com
2	track.adform.net	1 redirects b1h5f.emailsp.com
2	customer21856.musvc3.net	1 redirects b1h5f.emailsp.com
1	cdn.pendo.io	b1h5f.emailsp.com
1	image.email.telepass.com	b1h5f.emailsp.com
1	fonts.googleapis.com	b1h5f.emailsp.com
21	9

This site contains links to these domains. Also see Links.

Domain
customer21856.musvc3.net
artigianoinfiera.it

Subject Issuer	Validity	Valid
emailsp.com Amazon	`2022-08-01` - `2023-08-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.musvc1.net Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
san-5-s10.tlsprovisioning.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-18` - `2023-03-21`	a year	crt.sh
*.musvc0.net Amazon	`2022-06-21` - `2023-07-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
data.pendo-pro.beefree.io GTS CA 1D4	`2022-11-06` - `2023-02-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM
Frame ID: 451BE1ADF47CE7FDBB955C96613295F3
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scopri l'app TBusiness per le trasferte della tua azienda

Page URL History Show full URLs

https://customer21856.musvc3.net/e/r?q=Qt%3dAzQuL_xxXs_98_wtYw_79_xxXs_8CgTnbk.8s8nEyM.hHs_OVvV_Yk9_xxXs_8CwG... HTTP 301
https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

95 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

684 kB
Transfer

986 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://customer21856.musvc3.net/e/t?q=8%3d6TJZ0%26E%3dEe%26r%3dYJbB%26H%3dCcAYHZD%26N%3dtOxI5_MUvb_Xe_KcxT_Ur_MUvb_WjM46gD.m9jH4H.r86_MUvb_Wjf_4vWs_DA_vteu_79nI_vteu_77GbDXJ6e4md7Z%26p%3dHyL887.GqO%26mL%3dCdDTG
Title: TBusiness fa muovere la tua azienda

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=3%3dMUBUQ%26F%3d7Z%269%3dZBWS%26I%3d5XRZ0UU%26O%3dlJEJw_HlwT_Sv_LUsk_Vj_HlwT_R1Nv1xE.e41IvC.99x_HlwT_R1g_vqnt_66_CuWp_N0fD_CuWp_N89WUYB1v5eYNa%26h%3dCFMz3N.HiJ%264M%3d5YUU9

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=0%3dMYMbQ%26J%3dHg%269%3ddMdS%26M%3dFeRdKbU%26S%3dwQEN8_Ol1e_Zv_Pfzk_Zu_Ol1e_Y1R78xI.pA1M7J.9C9_Ol1e_Y1k_7xnx_GC_Cyhw_NDqK_Cyhw_NBJdUcM8v9pfNe%26s%3dJFQA0N.LtQ%264Q%3dFfUYJ

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=4%3dFT8VJ%26E%3d3a%262%3dY8XL%26H%3d1YKY6VN%26N%3dhK8Is_IevP_To_KQtd_Uf_IevP_StMr2qD.a5tHrD.28t_IevP_Stf_rrgs_27_6tSq_G9bE_6tSq_G75XNX82o4aZGZ%26d%3dD9Lv4G.GeK%26wL%3d1ZNT5
Title: scopri di più

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=7%3dFVUYJ%26G%3dPd%262%3daUaL%26J%3dNbKaSYN%26P%3d5N8KF_Lexm_Wo_Mnwd_W3_Lexm_VtRJQ.t6z9pJBE.qJ0_Lexm_VtO2FsKxM7_Mnwd_W3%268%3d1PFPqX.A98%26DF5o6x%3dUMeNY

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=6%3dKVIXO%26G%3dDc%267%3daIZQ%26J%3dBaPaGXS%26P%3dsMCK4_Kjxa_Vt_Mbvi_Wq_Kjxa_UyR8P.2I4MtB346.8zF_Avds_KA585014BN_3tlu_C9%26w%3dH6LE8D.GxO%26t4t6lL%3dJdKTN

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=6%3dFQRXJ%26B%3dMc%262%3dVRZL%26E%3dKaKVPXN%26K%3d2M8FC_Kesj_Vo_Hkvd_Rz_Kesj_UtMGP.z98Ds43G.qE7_Kesj_Ut39F418R_6qms_F6D8z5047I%26x%3dF9IF6G4o1u.DyM%26wI%3dKbNQO

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/t?q=0%3dJSGbN%26D%3dBg%266%3dXGdP%26G%3d0eOXEbR8s3j%26M%3dqQBH2_OiuY_Zs_JZzh_To_OiuY_YxO6T.B7uB832P.uGv_OiuY_Yx%266%3dvRANlZ.673%26FA%3dSHgIW
Title: www.telepass.com

Search URL Search Domain Scan URL

URL: https://artigianoinfiera.it/privacy-policy/privacy-policy-it.pdf
Title: https://artigianoinfiera.it/privacy-policy/privacy-policy-it.pdf

Search URL Search Domain Scan URL

URL: https://customer21856.musvc3.net/e/r?q=M5%3dD2M6O_ztiv_A4_8was_HB_ztiv_09rWpXv.Au4yH1I.sKu_KgyX_UvB_ztiv_095K3.49L6_KgyX_Uv_NYvf_YncJ_NYvf_YlNEU2LE_WHWt-En_KgyX_VtL0_KgyX_Uv_NYvf_XDQ_8was_I0xO_8was_HbC_KgyX_ULT_ztiv_A76R_ztiv_0Yt_NYvf_YlPFQ3V_8was_I7D8N_NYvf_Yl_KgyX_Vqe3X0_NYvf_YiaF_OG_a_7V4L_Ge7R_J-a2H6XGMCS8qSrU%266%3dHWFXL%260%3duN9RkV.4A2%26B9%3dWGcGa%26t%3dVP%26J4q7i%3dDaMd%26w%3dTNcDYKf%262%3dUGfDXPW0bJ
Title: Clicca quì per cancellarti

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://customer21856.musvc3.net/e/r?q=Qt%3dAzQuL_xxXs_98_wtYw_79_xxXs_8CgTnbk.8s8nEyM.hHs_OVvV_Yk9_xxXs_8CwGr.8xI4_OVvV_Yk_KWzU_VlDiC_xxXs_9AwS1P5O_xxXs_8C4_KWzU_Vg8mC_xxXs_9AvP99na_xxXs_9Ax_KWzU_UlU5RAB0_KWzU_UBU_wtYw_87vS_wtYw_7Y-_xxXs_9AEaq_OVvV_YAQ_xxXs_9AuO_xxXs_8cA6CEE9E_OVvV_Zf6_xxXs_8c3_KWzU_VjMu_KWzU_UBS39Fc0W.k_OVvV_Yk_KWzU_UBU_wtYw_87vS_w8f4gtYw_7YAA_wtYw_871W_wtYw_79uOSfRt%26h%3dU7e0Y%26j%3dJzL208.GkQ%26nL%3d7fETA%26I%3d8c%26t%3dcCZD%26L%3d6aCcAXF%26Q%3d-6X8eAW8gAa&mupckp=mupAtu4m8OiX0wt HTTP 301
https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://track.adform.net/adfserve/?bn=57058937;1x1inv=1;srctype=3;ord=[timestamp] HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=57058937;1x1inv=1;srctype=3;ord=[timestamp]

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
b1h5f.emailsp.com/f/rnl.aspx/
Redirect Chain

https://customer21856.musvc3.net/e/r?q=Qt%3dAzQuL_xxXs_98_wtYw_79_xxXs_8CgTnbk.8s8nEyM.hHs_OVvV_Yk9_xxXs_8CwGr.8xI4_OVvV_Yk_KWzU_VlDiC_xxXs_9AwS1P5O_xxXs_8C4_KWzU_Vg8mC_xxXs_9AvP99na_xxXs_9Ax_KWzU_...
https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

46 KB
14 KB

2383ms
2308ms

Document
text/html

13.32.99.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-108.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e986bb4127d49a82d154edf381202c90e9d758f62b5465da71850d01a1d866d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-length: 13699
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 13:42:48 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-id: OUh2M8isWWRu229_Ztoo_AT0jNabYlpVSuAuhXaMvC38-kmy7Xa_-A==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 197
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 13:42:47 GMT
location: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM
x-request-id: fde04634-e393-429f-ab87-0b72586a13e7

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1021 B 90ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,700

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a48738a9f10e29da7866fc1dea34e02b815e77540363655c79825ef608f9b26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Nov 2022 13:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 13:14:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Nov 2022 13:42:49 GMT

GET
H/1.1 200
OK t-business-166.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 5 KB
5 KB 364ms
278ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/t-business-166.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4b071a003b4442d59d9ea395829d7e9e1cccd6148881bea7245c8b53ff38a44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Fri, 18 Nov 2022 13:42:49 GMT
Via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:55 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 12264
X-Powered-By: ASP.NET
ETag: "24a626ff1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4738
X-Amz-Cf-Id: HacqzyPutSeVYZVZXG4-l3YZK41Dl3kkrO0QRILPy40vy26uFwlj1g==

GET
H/1.1 200
OK visore_600.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 406 KB
406 KB 335ms
278ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/visore_600.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ae3941ff50d9867cce3492bf39eaea8df1d721e66fdaf700ed7a1d74b7e10e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Fri, 18 Nov 2022 13:42:49 GMT
Via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:55 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 27353
X-Powered-By: ASP.NET
ETag: "746b4aff1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 415322
X-Amz-Cf-Id: 5pY6zcycqyNDb3az49pWw6nO9ddZp5ao8-D7CfU8RfGFwP0UCDvwfg==

GET
H/1.1 200
OK bullet_25.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 357 B
881 B 334ms
277ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/bullet_25.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ac2dd67851bab4019df586d530d183f40dcc7442485cf5975168ab19e04813c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Fri, 18 Nov 2022 13:42:49 GMT
Via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:54 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 16513
X-Powered-By: ASP.NET
ETag: "e79275fe1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 357
X-Amz-Cf-Id: VsRMj1uDwBDSrGFl3p2C3TzAdsepXnkUfc7A3xI_5apzn1yQT4m2JQ==

GET
H/1.1 200
OK separatore.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 15 KB
15 KB 335ms
279ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/separatore.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

32e4f586365b9c2133790fa1ebcf2f836b8a7cd7c3c7e50e7fa7c18bccf8dd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Fri, 18 Nov 2022 13:42:49 GMT
Via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:55 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 12264
X-Powered-By: ASP.NET
ETag: "283111ff1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15033
X-Amz-Cf-Id: bd2_DgEU_IjjuHltbFe-JcuEXa93fVwP8kiIXcgqKQv20hPK4Hr9vA==

GET
H/1.1 200
OK dispositivi-350.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 63 KB
64 KB 341ms
284ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/dispositivi-350.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fee5185044038b6ac071fc31929150c9324f6b2b7448ad6fcbf1df8bc3558f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Fri, 18 Nov 2022 13:42:49 GMT
Via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:54 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 19078
X-Powered-By: ASP.NET
ETag: "356aafe1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64524
X-Amz-Cf-Id: mEOw1DMDEEdtZepA1NYsVWoaSdJa8hcBnxKVBBS32gJFD48vjSAIvQ==

GET
H/1.1 200
OK 6b6a1795-9fd0-4b87-90f8-f00b47704ab0.png
image.email.telepass.com/lib/fe3915707564047e721275/m/4/ 18 KB
19 KB 1247ms
773ms Image
image/png 2a02:26f0:3400::1703:5828
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.email.telepass.com/lib/fe3915707564047e721275/m/4/6b6a1795-9fd0-4b87-90f8-f00b47704ab0.png
Requested by: Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1703:5828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8c8ff71005b85b51b68221f7fa54d77a20f024828c37f2523cf0ad14159c1b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 18 Nov 2022 13:42:50 GMT
Last-Modified: Tue, 12 Apr 2022 15:06:31 GMT
Server: AkamaiNetStorage
ETag: "fd8339c9525865697ad22d70ffe17e95:1649775991.904119"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18927

GET
H/1.1 200
OK fb-34.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 529 B
1 KB 366ms
310ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/fb-34.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ad474f0405a4ebe3e948e77813275b731eeaa76d124863335ac62ecc0c4ad2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Fri, 18 Nov 2022 13:42:49 GMT
Via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:54 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 51525
X-Powered-By: ASP.NET
ETag: "6d8c2fe1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 529
X-Amz-Cf-Id: _-ICGaRca0rkWr_sD2IG3xzpzjcAPMscjDhRT3uCoUq4k3Hrvi4KfA==

GET
H/1.1 200
OK ig-34.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 715 B
1 KB 248ms
23ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/ig-34.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0fecdde9d1e1225a0152ac4a0c2c7cb2b963f56fab53ed7a0dbb4de760f80416

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Thu, 17 Nov 2022 21:51:51 GMT
Via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:55 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 57058
X-Powered-By: ASP.NET
ETag: "4a8ddfe1ccd81:0"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 715
X-Amz-Cf-Id: LnRQOSFj1HuTgmwzqByfio8LsRIS9cQhWstf0aqorK2eWIORCUZJ4g==

GET
H/1.1 200
OK in-34.png
customer21856.img.musvc3.net/static/21856/images/13/Telepass/ 577 B
1 KB 250ms
25ms Image
image/png 18.66.112.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://customer21856.img.musvc3.net/static/21856/images/13/Telepass/in-34.png

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-118.fra56.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f82c7f418ce44418a02c2c9b910902620d3d829e30450f4146d6988e0529ccc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000
Date: Thu, 17 Nov 2022 23:24:04 GMT
Via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Sep 2022 08:29:55 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: FRA56-P5
Age: 51525
ETag: "292af3fe1ccd81:0"
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 577
X-Amz-Cf-Id: wiqeZdDdgWtwG22i6qD2STTYnYMarKSvCFitb2FzhW2LEf2p23AoxA==

GET
H2

200

/
track.adform.net/adfserve/
Redirect Chain

https://track.adform.net/adfserve/?bn=57058937;1x1inv=1;srctype=3;ord=[timestamp]
https://track.adform.net/adfserve/?CC=1&bn=57058937;1x1inv=1;srctype=3;ord=[timestamp]

35 B
396 B

54ms
53ms

Image
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=57058937;1x1inv=1;srctype=3;ord=[timestamp]

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 13:42:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 13:42:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=57058937;1x1inv=1;srctype=3;ord=[timestamp]
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 c
customer21856.musvc3.net/e/ 74 B
191 B 49ms
48ms Image
image/png 52.48.186.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer21856.musvc3.net/e/c?q=A%3dDRIcH%26C%3dDh%26z%3dWIeJ%26F%3dBfIWGcL9m2l%269%3dpCE5HCpY-G0L4-EdGR-l0JX-oDmSBaL6CgLW%26tQ%3dCZKYG%265%3dxS5Mna.z65%26R%3dFVGaFaIYJ
Requested by: Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.186.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-186-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:42:49 GMT
cache-control: no-cache
x-request-id: 0a361b4d-90d4-4ef7-afa9-4109311273e2
content-type: image/png

GET
H2 200 frontendPendoLoader.js Show response
b1h5f.emailsp.com/js/ 2 KB
2 KB 89ms
86ms Script
application/javascript 13.32.99.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b1h5f.emailsp.com/js/frontendPendoLoader.js

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-108.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 13:42:49 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-length: 1270
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 14:14:40 GMT
server: Microsoft-IIS/10.0
etag: "0486fee8efad81:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1200
accept-ranges: bytes
x-amz-cf-id: vKS-R3EP76oVPvgqyAXFLyY8JLaSCfCahRDG1_DJG_Go3LSL-_g1TA==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 103ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://b1h5f.emailsp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 152225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:25:44 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 105ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://b1h5f.emailsp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 152276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:24:53 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/ 406 KB
134 KB 160ms
30ms Script
application/javascript 2600:9000:21f3:b400:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js
Requested by: Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/js/frontendPendoLoader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 359d99a4fdc1369c27f8e3b9d5e9d979699f90eff2655269c168afbe40a5b204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:35:21 GMT
content-encoding: gzip
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 448
x-guploader-uploadid: ADPycdsMlPdllGlSAG4ljbuxzzXm-n8WEi5NnEoUBpIt4mhAmPu-Z_AxxkZAzvkNhUk3oeIidPnajo7oBaj2sYk-TDZSyg
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 136749
last-modified: Thu, 17 Nov 2022 19:12:49 GMT
server: UploadServer
etag: W/"81ae5b8a488327400584179de486814c"
vary: Accept-Encoding
x-goog-generation: 1668712369478804
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=x/56yQ==, md5=ga5bikiDJ0AFhBed5IaBTA==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 136749
accept-ranges: bytes
x-amz-cf-id: phMhvMI4rQm476HI4B-fdIgjDb59D9q7mEi6vnDwb3nZOZrQbq32SA==
expires: Fri, 18 Nov 2022 13:42:51 GMT

POST
H2 200 GetPendoSettings Show response
b1h5f.emailsp.com/frontend/webMethods/Console.asmx/ 59 B
481 B 134ms
134ms XHR
application/json 13.32.99.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b1h5f.emailsp.com/frontend/webMethods/Console.asmx/GetPendoSettings

Requested by

Host: b1h5f.emailsp.com
URL: https://b1h5f.emailsp.com/js/frontendPendoLoader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-108.fra60.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0bc4dff06ece9e0f53471e8e6394bb2c952ec697fcf5a956f626a4ffa950edf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b1h5f.emailsp.com/f/rnl.aspx/?gdj=rzuszv/y:ahj=qw3bi8=s/xzy5e5&x=pv&-=08k&x=pv&6c7h0f9:c&x=pp&vxf0654.e/&x=pv&5d=uz/orNCLM
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

strict-transport-security: max-age=15768000
date: Fri, 18 Nov 2022 13:42:48 GMT
x-content-type-options: nosniff
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA60-P3
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
content-length: 59
x-xss-protection: 1; mode=block
x-amz-cf-id: Kwk6k3L4-PrTSNsML2qGxRc9JNiHUJ8Emfi6PJ8fv3dIfUmYB564bw==

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/ptm.gif/ 42 B
104 B 330ms
200ms Image
image/gif 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo-pro.beefree.io/data/ptm.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?v=2.161.1_prod&ct=1668778970784&jzb=eJzVkk9vmzAYxr-LDzllGMcBAxKapm2HTVuzLF03dZqQg01wazC1TQKp8t1rL1HUTVO1Sw_l9P6F53l__LwHduw4yIBgvLWiGsEUrLXaGa4LKxrXQXGcEJKkJCSETMFWGGGVLgRzS6GbpmWp-tYeCzOURLEr9lq6rLa2MxmEa1RHVcAbKqTpglI1sIK6lQE13QBfb9hNrve92W_hmNH6Jr_b4bVIcgOH_RjxaDLk3XbyKg-T22MYl6QOqzQrfdpNtkMVxtE84PDYjlje76HSF28_fXZSOq06A7J7oCQr_lBffHl_8W5RXBZ0yWtBmVoterfg5_5p6n-sH9wHqXanvKTrD67c9lJOgT0moBquryRZ3i1Jilaqrd07Kk0b_ruZLnZiZ_DH7_OvV_LH7bUnMVrutM8RPkzPpBpu6ZOUkpdM6aTch2fxkrabnm68ed4W31b-yidD57m_zv_m3HYlRq3fRQlECM7C2czD5NoI1frNAMUoQIWTwJ6JH44e8ZOKsif5pS-Zn3d38oRjggKc-id2inHo_uJnuC7G5PDrAaRhhDU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:42:51 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2 Show response
data.pendo-pro.beefree.io/data/guide.js/ 4 KB
3 KB 283ms
154ms Script
application/javascript 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo-pro.beefree.io/data/guide.js/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?id=4&jzb=eJw9j0FPhDAQhf9LD5y0Q3GL2KQxxpOJejGeN10o0BXa2hZkMfz3LRK5zTdv3subXzQqr4JxLxViKEU3SJSlGXT444wUNI-7wXWR2hCsZwAn0tIay16ozltcmh5qcLrDwtsJHpvqzN08-HmECxPtmX__3J1UwT1M84VKmkzcjsktT4uvbczL-zatH1i5ok3GqU5zesASNplWfJjBuPfn17dYpZdBVCIIxPbq66j-63dCN4NoZESpj58faNlf2u-2t6JghZM6PO1yXMXs1UsKIASyNMti5iidV0avTkxygsnROlOhZbkCjPRkCw&v=2.161.1_prod&ct=1668778970786

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c537405254c70837c08bc401e81a89cabb54498d79df81e33ad2f9bd09856fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
access-control-max-age: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

GET
H2 200 da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2
data.pendo-pro.beefree.io/data/guide.gif/ 42 B
280 B 267ms
139ms Image
image/gif 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo-pro.beefree.io/data/guide.gif/da1c8b4e-431b-48c0-5e7e-69e9d34ca1b2?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1668778970786&v=2.161.1_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b1h5f.emailsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:42:50 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pendo

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
b1h5f.emailsp.com/	1969-12-31 23:59:59	Name: BIGipServercu_front_80_pool Value: !nfaaPz/SzYGREIWw3X+Ij125lRrIFxEN9xO1X6LsjpGsr6aaKJlQlgTO3iqACUG64zh7doGE+tZ3CWo=
.adform.net/	1970-01-20 08:16:10	Name: C Value: 1
.adform.net/	1970-01-20 08:59:22	Name: uid Value: 8329534225363064494

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b1h5f.emailsp.com
cdn.pendo.io
customer21856.img.musvc3.net
customer21856.musvc3.net
data.pendo-pro.beefree.io
fonts.googleapis.com
fonts.gstatic.com
image.email.telepass.com
track.adform.net
13.32.99.108
18.66.112.118
2600:9000:21f3:b400:1f:aa31:7740:93a1
2a00:1450:4001:809::200a
2a00:1450:4001:812::2013
2a00:1450:4001:828::2003
2a02:26f0:3400::1703:5828
37.157.4.28
52.48.186.95
0bc4dff06ece9e0f53471e8e6394bb2c952ec697fcf5a956f626a4ffa950edf6
0fecdde9d1e1225a0152ac4a0c2c7cb2b963f56fab53ed7a0dbb4de760f80416
32e4f586365b9c2133790fa1ebcf2f836b8a7cd7c3c7e50e7fa7c18bccf8dd99
359d99a4fdc1369c27f8e3b9d5e9d979699f90eff2655269c168afbe40a5b204
4b071a003b4442d59d9ea395829d7e9e1cccd6148881bea7245c8b53ff38a44a
72e7604a33ce72c290a6cb35836b003b3bdc8ccde6eed349e42d1ef5efc5eaa7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c8ff71005b85b51b68221f7fa54d77a20f024828c37f2523cf0ad14159c1b7f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a48738a9f10e29da7866fc1dea34e02b815e77540363655c79825ef608f9b26a
ac2dd67851bab4019df586d530d183f40dcc7442485cf5975168ab19e04813c0
ad474f0405a4ebe3e948e77813275b731eeaa76d124863335ac62ecc0c4ad2f2
ae3941ff50d9867cce3492bf39eaea8df1d721e66fdaf700ed7a1d74b7e10e59
c537405254c70837c08bc401e81a89cabb54498d79df81e33ad2f9bd09856fb6
e986bb4127d49a82d154edf381202c90e9d758f62b5465da71850d01a1d866d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5cab90299f9aa539d5f99d4f7e87a70f57e37f138da9d18cadbb230bde3ccd0
f82c7f418ce44418a02c2c9b910902620d3d829e30450f4146d6988e0529ccc2
fee5185044038b6ac071fc31929150c9324f6b2b7448ad6fcbf1df8bc3558f9a

b1h5f.emailsp.com Open in urlscan Pro 13.32.99.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

56 %IPv6

8 Domains

9 Subdomains

9 IPs

4 Countries

684 kBTransfer

986 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

b1h5f.emailsp.com Open in urlscan Pro
13.32.99.108 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

684 kB
Transfer

986 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions