urlscan.io logo urlscan.io
SecurityTrails logo

sentinal.decotawealth.com Open in urlscan Pro
2606:4700:3036::ac43:87f1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/
Effective URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First...
Submission: On November 20 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3036::ac43:87f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is sentinal.decotawealth.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time sentinal.decotawealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 199.241.143.100 53340 (FIBERHUB)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 7
2    2606:4700:3032::6815:555d (United States)

ASN13335 (CLOUDFLARENET, US)
ch-trck.nowtoknow.com
1    2606:4700:3036::ac43:87f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sentinal.decotawealth.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    199.241.143.100 (United States)

ASN53340 (FIBERHUB, US)
PTR: standard01.standardiqtest.info
wedeez.com
2    2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
1    2606:4700:3033::ac43:d097 (United States)

ASN13335 (CLOUDFLARENET, US)
mtp.capitalrtv.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
14 wedeez.com sentinal.decotawealth.com
wedeez.com
2 cdn.by.wonderpush.com sentinal.decotawealth.com
cdn.by.wonderpush.com
2 cdnjs.cloudflare.com sentinal.decotawealth.com
cdnjs.cloudflare.com
2 ch-trck.nowtoknow.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com wedeez.com
1 mtp.capitalrtv.com sentinal.decotawealth.com
1 sentinal.decotawealth.com
22 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
wedeez.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
wonderpush.com
Cloudflare Inc ECC CA-3		 2021-10-01 -
2021-12-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Frame ID: 26A60140EC3C2788366AF5BAB5A2364F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon

Page URL History Show full URLs

  1. http://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/ HTTP 301
    https://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/ HTTP 302
    https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40b... Page URL

Page Statistics

22
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

770 kB
Transfer

1149 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/ HTTP 301
    https://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/ HTTP 302
    https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%% Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request a3CQ_P6
sentinal.decotawealth.com/
Redirect Chain
  • http://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/
  • https://ch-trck.nowtoknow.com/ga/click/2-37593959-2031-3081-6212-3920-22c30638a8-b6d3ea7050/
  • https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:87f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
d2d1cc5c2ff4cf94977645ce63e14be3e05288de60511862549be28bc1cf475b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 20 Nov 2021 22:30:27 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.14
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njYe5JZ6tESqcR99Fu54ZJW0n1FROCh62T0BBogm6jSTaikZVBwum3FVSlvUiUfiyfQqUa50UcP5u0BD%2F7pksstioFb3f2hhE0B0fWcW8FBo8PD87aFhk%2Bl50AfW56bNfIW%2B7TukeN%2BC9dTyyTwLLzVg8ao82YZ3"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b151f717e9d59d7-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 20 Nov 2021 22:30:26 GMT
content-type
text/html; charset=utf-8
status
302 Found
x-rack-cache
miss
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
x-request-id
15a46a255fda4e0d90ab9decae165afd
location
https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.016045
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by
Phusion Passenger 6.0.4
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJjEz9M%2Fq4GvV0bPYb%2FVBPn%2B5gagQdfKUzch9GjICtNuOpIEjTqU5Y61bB1dX4UXZP3uVBYSUyPtW8iYhfpWjbVU%2Btu5SnKL%2BWCTSraGRyaiNdSrIyhjrK6W0A%2BoykYfeSN7gevjtBpLNiBOjJhOiD9JktE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b151f6cdff63749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 22:30:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2139725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4972
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=448rELG0FsKOjjJ5Mc8ndEty7iZ%2FJBUiU%2B0%2FCFT9VUmIxOoN1i2n6IYmoujZY%2FLPIpWRmp%2BD1YjEtDkkf5PGakUdkWFM8mWpsN0PaPl%2B%2Frj8tvg3s9JrPmqgCWtYZOZcDtvTrdD9vykSFnu67xc42xOI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b151f792e52f927-MXP
expires
Thu, 10 Nov 2022 22:30:28 GMT
bootstrap.min.css
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/bootstrap.min.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:28 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:32 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"1d970-5cfb4edb2f01f"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
121200
animate.css
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/ 		56 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/animate.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:28 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:32 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"df07-5cfb4edb3a3ce"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
57095
customes.css
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/ 		42 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/customes.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
f9afb38a720259dc4d67a28f3861ff2f2b6f6a6850a8091bf35239af9f5b28ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:28 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:34 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"a820-5cfb4edd4a8c7"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43040
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59ba2cbbbcd1a8c68fd2b66ada34ec96c63933be5ba5064c3e1dedca333eb8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 22:30:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
31311
x-cache
Miss from cloudfront
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
493
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 13:48:07 GMT
server
cloudflare
etag
"e7448cd6e079fa412ff7d76aed41dedded6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 54539657e1cb0d581a1136c9b6cc01a7.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
MXP63-P1
accept-ranges
bytes
cf-ray
6b151f7f6e6b0f5a-MXP
x-amz-cf-id
jGJAol7W7rQrTzVjGwpcLmNpSxamfII1YeJWAwTnXB2bEmP1nb2g6w==
logo.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/logo.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
3331b11efeba9bfb4c9e1eebfbcf9a78027fe49707ee94f23f7011e7d21e5043

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:58 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"10ce-5cfb4ef45afb4"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4302
error.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/error.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
dfcdfd6193c790878d02d6e79ef716daf05336cab89787d78170736fba23c79f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:52 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"57c2-5cfb4eee71565"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22466
icon-box.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/icon-box.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
dc08f6032e45cf82f140d6b467317ded4c6677425a3b13f921e328d7c13b31f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:55 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"71bd-5cfb4ef09a8cc"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29117
red.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/red.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
53cb2763f5eda255b22d571fbba1aadba757e9681d373a34db871ed6f53ade9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:15:01 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"4246-5cfb4ef71a567"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16966
loader-amz.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/loader-amz.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
8bc7ab4090c6a685fcd9142c183845eed3eb4c638ecca341e11f51aa81d613ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:57 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"44a0-5cfb4ef2d3a19"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
17568
product.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/product.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
ae9b46a3eb3d80400795afccbb22d69887b7496473f1dd7af2e2b55fb8955954

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:59 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"adcd-5cfb4ef50b3f6"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44493
lander_lp
mtp.capitalrtv.com/ 		0
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtp.capitalrtv.com/lander_lp?lp=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me@bluewin.ch
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 22:30:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfXXZXESHeL3%2B6Nqa2d0LUPz5Qfo6bAerBMWMjFInvbXkK9Pk6sWzMFHYw9mfzasawdIzBTDvypkgbSG625w6cG%2BCzbSCg4%2BkZOEoKUyJ92nPUH5S%2BEeNPofDZ0ZU37O%2BbUDJmxP%2FVPsJDxiq%2B3zIQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6b151f7fea6359ad-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
socialfn1.png
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/socialfn1.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
5a7038c5cee0eded8a6f21f2bf8763c3b56f83010fdc718d381e3fefe2772eea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:15:02 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"4415-5cfb4ef7798d0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
17429
jquery.min.js
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/js/jquery.min.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:28 GMT
Last-Modified
Mon, 01 Nov 2021 07:15:12 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"1538e-5cfb4f018ba0e"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
86926
wow.js
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/js/wow.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
6be7c8eb016d4564431a764b673536472756559248bbb6dbbfbaa1be4d1fe219

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:28 GMT
Last-Modified
Mon, 01 Nov 2021 07:15:15 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"4015-5cfb4f0444e1a"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16405
bootstrap.min.js
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/js/bootstrap.min.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/a3CQ_P6?aqE_Ka=ZH12jnFncWtfn69xk5xpb2Jze3qtwKuTZmVmYsBxj2phamdfgaA/ma_me%40bluewin.ch&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:28 GMT
Last-Modified
Mon, 01 Nov 2021 07:15:13 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"90b5-5cfb4f026c7a5"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
37045
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: wedeez.com
URL: https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/customes.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wedeez.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Nov 2021 22:20:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 20 Nov 2021 22:30:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Nov 2021 22:30:28 GMT
back1.jpg
wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/img/back1.jpg
Requested by
Host: wedeez.com
URL: https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/customes.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
c972781f48f631c8377856aee17fa29e3bc80f374976e1c586da7de4d9d178c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wedeez.com/eml/CH-Amazo-NoLogo-Track-Nov21/css/customes.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 20 Nov 2021 22:30:29 GMT
Last-Modified
Mon, 01 Nov 2021 07:14:50 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"9768-5cfb4eebf944d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
38760
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://sentinal.decotawealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 22:30:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
274539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66624
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8aG7WABZhNtpHQClDtBaqTbyKQ2fg8P1O6iXupklP3YZE5S4auVVRbj0kaVNi9mvuth9ls3Q4StZP9Vdk%2Fho8DWJEugsx9EaS%2BN3N%2BmqBIHDhBTg2YV5ehhMXplrOTnkJYL%2B9H1pPnm00tN9B9M24Fc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b151f7f0e17d600-MXP
expires
Thu, 10 Nov 2022 22:30:28 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sentinal.decotawealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options
nosniff
age
117506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:52:02 GMT
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.31.0/ 		427 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.31.0/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cecefc6998438527e5dcb8dda0ea0eaf00f1446549be91b324d7d6bb75072b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 22:30:29 GMT
content-encoding
gzip
cf-cache-status
HIT
age
981721
x-cache
Miss from cloudfront
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
104311
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 13:48:02 GMT
server
cloudflare
etag
"b0f9621ecd6d706821112294ba41deaded6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 377f66adf3e979e5eae2bf83298bbabf.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
MXP63-P1
accept-ranges
bytes
cf-ray
6b151f7fb84b0f66-MXP
x-amz-cf-id
QBB4-QglgDc4TuRXC-z7vcAO1OL2ruF7rXBo3H17cxz9YkW-HF_rrQ==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| WonderPush function| chkvali function| partstep string| _wp_loaderScriptUrl function| $ function| jQuery function| WOW object| wow object| d number| minutes number| hours string| ampm object| months object| o object| two object| three object| four object| five

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
ch-trck.nowtoknow.com
fonts.googleapis.com
fonts.gstatic.com
mtp.capitalrtv.com
sentinal.decotawealth.com
wedeez.com
199.241.143.100
2606:4700:3032::6815:555d
2606:4700:3033::ac43:d097
2606:4700:3036::ac43:87f1
2606:4700::6810:125e
2606:4700::6812:13b7
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
3331b11efeba9bfb4c9e1eebfbcf9a78027fe49707ee94f23f7011e7d21e5043
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53cb2763f5eda255b22d571fbba1aadba757e9681d373a34db871ed6f53ade9a
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5a7038c5cee0eded8a6f21f2bf8763c3b56f83010fdc718d381e3fefe2772eea
6be7c8eb016d4564431a764b673536472756559248bbb6dbbfbaa1be4d1fe219
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bc7ab4090c6a685fcd9142c183845eed3eb4c638ecca341e11f51aa81d613ce
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a2cecefc6998438527e5dcb8dda0ea0eaf00f1446549be91b324d7d6bb75072b
ae9b46a3eb3d80400795afccbb22d69887b7496473f1dd7af2e2b55fb8955954
b59ba2cbbbcd1a8c68fd2b66ada34ec96c63933be5ba5064c3e1dedca333eb8c
c972781f48f631c8377856aee17fa29e3bc80f374976e1c586da7de4d9d178c9
d2d1cc5c2ff4cf94977645ce63e14be3e05288de60511862549be28bc1cf475b
dc08f6032e45cf82f140d6b467317ded4c6677425a3b13f921e328d7c13b31f0
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dfcdfd6193c790878d02d6e79ef716daf05336cab89787d78170736fba23c79f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9afb38a720259dc4d67a28f3861ff2f2b6f6a6850a8091bf35239af9f5b28ed