urlscan.io logo urlscan.io
SecurityTrails logo

link.qmuniforms.com Open in urlscan Pro
217.175.192.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251238400037341&URLID=33&ESV=10.0.6.3447&IV=5071309AA5A578B98D059A83C3349...
Effective URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Submission: On March 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 217.175.192.43, located in Austria and belongs to NEXTLAYER-AS, AT. The main domain is link.qmuniforms.com.
TLS certificate: Issued by R3 on February 24th 2021. Valid for: 3 months.
This is the only time link.qmuniforms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 4.16.47.153 3356 (LEVEL3)
21 217.175.192.43 1764 (NEXTLAYER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 3
Domain Requested by
19 link.galls.com link.qmuniforms.com
2 fonts.googleapis.com link.qmuniforms.com
2 link.qmuniforms.com link.qmuniforms.com
1 fonts.gstatic.com fonts.googleapis.com
1 es.sonicurlprotection-sjl.com 1 redirects
24 5

This site contains no links.

Subject Issuer Validity Valid
link.qmuniforms.com
R3		 2021-02-24 -
2021-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Frame ID: 7327787850424BDBE7B260E5DD9727A7
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251238400037341&URLID=33&ESV=10.0.6.3447&IV=5071309AA... HTTP 302
    https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

24
Requests

17 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

640 kB
Transfer

676 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251238400037341&URLID=33&ESV=10.0.6.3447&IV=5071309AA5A578B98D059A83C3349149&TT=1616675921630&ESN=scB0Bg%2FD%2Fqe8pietgDB7JKldH2r4yfhmF8mwbbNVKSI%3D&KV=1536961729279&ENCODED_URL=https%3A%2F%2Flink.qmuniforms.com%2Fu%2Fgm.php%3Fprm%3Doru0QsmteG_794431736_1467289_4981&HK=1C08D3EEDC315613231E85298173FDDF0C727F52795D366B4F7790BEB654CB2B HTTP 302
    https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gm.php
link.qmuniforms.com/u/
Redirect Chain
  • https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251238400037341&URLID=33&ESV=10.0.6.3447&IV=5071309AA5A578B98D059A83C3349149&TT=1616675921630&ESN=scB0Bg%2FD%2Fqe8pietgDB7JKldH2r4yfhmF8...
  • https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
20 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
cb4c05786e0f97c8f84fc48e63be3205e04a47bfa1453d2ee6902eaabb0f9ec8
Security Headers
Name Value
Content-Security-Policy sandbox allow-popups allow-popups-to-escape-sandbox;

Request headers

Host
link.qmuniforms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

server
nginx
date
Fri, 26 Mar 2021 17:14:35 GMT
content-type
text/html; charset=utf-8
content-length
3583
content-security-policy
sandbox allow-popups allow-popups-to-escape-sandbox;
vary
Accept-Encoding
content-encoding
gzip
x-af
suite34-web3
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
x-fe
suite34-web3
x-hf
suite-haproxy01d

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Fri, 26 Mar 2021 17:14:34 GMT
Content-Type
text/html; charset=utf-8
Content-Length
355
Connection
keep-alive
Location
https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Mar 2021 15:29:15 GMT
server
ESF
date
Fri, 26 Mar 2021 17:14:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Mar 2021 17:14:35 GMT
css
fonts.googleapis.com/ 		7 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300italic,700
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
baa958ba0ada2db95b0047a3822df13589ef19dec86ecf7c0a9f46600b28d2f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Mar 2021 15:43:56 GMT
server
ESF
date
Fri, 26 Mar 2021 17:14:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Mar 2021 17:14:35 GMT
Quartermaster-BW-1040.jpg
link.galls.com/custloads/794526205/Galls/2019/05-May/02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2019/05-May/02/Quartermaster-BW-1040.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
5d9fd27acdb2b69e5b51b7b5cd6c93441152df193eaebc9d109af38a55f608f9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Apr 2019 17:14:44 GMT
server
nginx
etag
"5cc09984-6635"
content-type
image/jpeg
x-hf
suite-haproxy01c
x-fe
suite34-web2
accept-ranges
bytes
content-length
26165
2021-03-25-PUBLIC-hero1_01.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-hero1_01.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
20ff0d4824f3a0fcc3f835786bb7871b813109155c2d0eeedab4fc29e5e12095

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:44 GMT
server
nginx
etag
"605b4030-1f96c"
content-type
image/jpeg
x-hf
suite-haproxy01a
x-fe
suite34-web2
accept-ranges
bytes
content-length
129388
spacer.jpg
link.galls.com/custloads/794526205/Galls/2019/10-Oct/24/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2019/10-Oct/24/spacer.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
c84e150e43ec4b3f10ac2c8afebd93ad48851006dd2f2876629a2906bb5ebc19

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 23 Oct 2019 18:25:40 GMT
server
nginx
etag
"5db09b24-512"
content-type
image/jpeg
x-hf
suite-haproxy01d
x-fe
suite34-web2
accept-ranges
bytes
content-length
1298
2021-03-25-PUBLIC-hero1_02.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-hero1_02.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
ebb28d1532f62fc54a4ee806ce19ef3e47a45eeac0cc560fb9b338de8ab2d62b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:44 GMT
server
nginx
etag
"605b4030-66b0"
content-type
image/jpeg
x-hf
suite-haproxy01f
x-fe
suite34-web4
accept-ranges
bytes
content-length
26288
2021-03-25-PUBLIC-items1_01.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_01.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
a6f8a7f4cf4ec1eb09b2f6016accce0646dc9a65d0ff2016bb87e5f43a69a61b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:45 GMT
server
nginx
etag
"605b4031-68a9"
content-type
image/jpeg
x-hf
suite-haproxy01b
x-fe
suite34-web4
accept-ranges
bytes
content-length
26793
2021-03-25-PUBLIC-items1_02.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_02.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
dff6fcf98ddb9fe838f595550704ecf419cb3ebb54b4cd6be32ef8fa0e54e425

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:45 GMT
server
nginx
etag
"605b4031-6d57"
content-type
image/jpeg
x-hf
suite-haproxy01e
x-fe
suite34-web4
accept-ranges
bytes
content-length
27991
2021-03-25-PUBLIC-items1_03.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_03.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
3a7113bfd558aff221261137b6a4588eef754edb58ce9cf48e57ede140331a18

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:45 GMT
server
nginx
etag
"605b4031-c930"
content-type
image/jpeg
x-hf
suite-haproxy01d
x-fe
suite34-web5
accept-ranges
bytes
content-length
51504
2021-03-25-PUBLIC-items1_04.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_04.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
056d2571ff84f657e39e7bdeda36a07cccf24818a562ba052ea1096801be8cb2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:46 GMT
server
nginx
etag
"605b4032-7b5c"
content-type
image/jpeg
x-hf
suite-haproxy01c
x-fe
suite34-web5
accept-ranges
bytes
content-length
31580
2021-03-25-PUBLIC-items1_05a.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_05a.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
d1184d4f94587a2d660333302d01c73efc8044642404e52fd0aa70d786de6f63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 20:16:08 GMT
server
nginx
etag
"605b9e08-ab6d"
content-type
image/jpeg
x-hf
suite-haproxy01f
x-fe
suite34-web2
accept-ranges
bytes
content-length
43885
2021-03-25-PUBLIC-items1_06.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_06.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
33b9b9a85204830d431409404e402f81a40f9d9cf24968bd6e8293001d81d8ba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:46 GMT
server
nginx
etag
"605b4032-9a6a"
content-type
image/jpeg
x-hf
suite-haproxy01c
x-fe
suite34-web2
accept-ranges
bytes
content-length
39530
2021-03-25-PUBLIC-items1_07.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_07.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
9cb461c4d537d106802c8529a9304a76013706d1e8091607a63f41ff85f5f3f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:47 GMT
server
nginx
etag
"605b4033-ee6c"
content-type
image/jpeg
x-hf
suite-haproxy01b
x-fe
suite34-web1
accept-ranges
bytes
content-length
61036
2021-03-25-PUBLIC-items1_08.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-items1_08.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
d8de12a7156a3a591ec7158dd4a0cad69814b64bd6353e5ea73f2f91f16651f6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:47 GMT
server
nginx
etag
"605b4033-6b5f"
content-type
image/jpeg
x-hf
suite-haproxy01e
x-fe
suite34-web1
accept-ranges
bytes
content-length
27487
2021-03-25-PUBLIC-hero1_03.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/25/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/25/2021-03-25-PUBLIC-hero1_03.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
505b175a73e3fe992ea33db4b92b7296b2988fa333c8bdf20b0a70e4426c18a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 24 Mar 2021 13:35:45 GMT
server
nginx
etag
"605b4031-1660"
content-type
image/jpeg
x-hf
suite-haproxy01e
x-fe
suite34-web3
accept-ranges
bytes
content-length
5728
2021-03-23-PUBLIC-hero1_04.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/23/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/23/2021-03-23-PUBLIC-hero1_04.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
2ad8d084c27b5843b576c509137c43dd1d8eefb952b96bbf84e498447e6c134e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Mon, 22 Mar 2021 15:46:34 GMT
server
nginx
etag
"6058bbda-4e11"
content-type
image/jpeg
x-hf
suite-haproxy01d
x-fe
suite34-web3
accept-ranges
bytes
content-length
19985
2020-03-pages-deals-valsetz.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/22/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/22/2020-03-pages-deals-valsetz.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
255c8d64e893710f4677cfd2430ed2a50ece995da128e551ffe8a07dbad3fb3b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 17 Mar 2021 20:32:28 GMT
server
nginx
etag
"6052675c-6ee4"
content-type
image/jpeg
x-hf
suite-haproxy01b
x-fe
suite34-web3
accept-ranges
bytes
content-length
28388
2021-02-pages-deals-IC1081.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/22/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/22/2021-02-pages-deals-IC1081.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
a76485a9cf330dce9f78e25805e2a9abcab9199f47101c1dc7c20d5129e3e535

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 17 Mar 2021 20:32:29 GMT
server
nginx
etag
"6052675d-601a"
content-type
image/jpeg
x-hf
suite-haproxy01e
x-fe
suite34-web5
accept-ranges
bytes
content-length
24602
2020-02-pages-deals-BG219.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/22/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/22/2020-02-pages-deals-BG219.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
2fad744971f611531c71fc800f39dee36c8a3a8387db3f2a700da2cdacb9cda3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 17 Mar 2021 20:32:28 GMT
server
nginx
etag
"6052675c-7afd"
content-type
image/jpeg
x-hf
suite-haproxy01a
x-fe
suite34-web1
accept-ranges
bytes
content-length
31485
2020-12-pages-deals-knives.jpg
link.galls.com/custloads/794526205/Galls/2021/03-March/22/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/22/2020-12-pages-deals-knives.jpg
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
f212cf5ffebe089c784d4f67fe9a6bd12e79f4b7993da775e5e05152c73ad5b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Wed, 17 Mar 2021 20:32:28 GMT
server
nginx
etag
"6052675c-6230"
content-type
image/jpeg
x-hf
suite-haproxy01f
x-fe
suite34-web5
accept-ranges
bytes
content-length
25136
spacer.gif
link.galls.com/custloads/794526205/Galls/2021/03-March/06/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.galls.com/custloads/794526205/Galls/2021/03-March/06/spacer.gif
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
c4db7a995aeb5a6dcd6894b145c2834efc3b22f326a0022305e21b6afba40821

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
last-modified
Thu, 04 Mar 2021 15:28:55 GMT
server
nginx
etag
"6040fcb7-455"
content-type
image/gif
x-hf
suite-haproxy01c
x-fe
suite34-web3
accept-ranges
bytes
content-length
1109
oru0QsmteG_794431736_1467289_4981_2081469.gif
link.qmuniforms.com/mo/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.qmuniforms.com/mo/oru0QsmteG_794431736_1467289_4981_2081469.gif
Requested by
Host: link.qmuniforms.com
URL: https://link.qmuniforms.com/u/gm.php?prm=oru0QsmteG_794431736_1467289_4981
Protocol
HTTP/1.1
Server
217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 17:14:35 GMT
x-hf
suite-haproxy01b
last-modified
Wed, 01 Aug 2018 13:00:37 GMT
x-fe
openfe01
content-length
43
server
nginx
content-type
image/gif
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 07:39:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
120903
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Fri, 25 Mar 2022 07:39:32 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy sandbox allow-popups allow-popups-to-escape-sandbox;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

es.sonicurlprotection-sjl.com
fonts.googleapis.com
fonts.gstatic.com
link.galls.com
link.qmuniforms.com
217.175.192.43
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
4.16.47.153
056d2571ff84f657e39e7bdeda36a07cccf24818a562ba052ea1096801be8cb2
20ff0d4824f3a0fcc3f835786bb7871b813109155c2d0eeedab4fc29e5e12095
255c8d64e893710f4677cfd2430ed2a50ece995da128e551ffe8a07dbad3fb3b
2ad8d084c27b5843b576c509137c43dd1d8eefb952b96bbf84e498447e6c134e
2fad744971f611531c71fc800f39dee36c8a3a8387db3f2a700da2cdacb9cda3
33b9b9a85204830d431409404e402f81a40f9d9cf24968bd6e8293001d81d8ba
3a7113bfd558aff221261137b6a4588eef754edb58ce9cf48e57ede140331a18
505b175a73e3fe992ea33db4b92b7296b2988fa333c8bdf20b0a70e4426c18a6
5d9fd27acdb2b69e5b51b7b5cd6c93441152df193eaebc9d109af38a55f608f9
5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cb461c4d537d106802c8529a9304a76013706d1e8091607a63f41ff85f5f3f2
a6f8a7f4cf4ec1eb09b2f6016accce0646dc9a65d0ff2016bb87e5f43a69a61b
a76485a9cf330dce9f78e25805e2a9abcab9199f47101c1dc7c20d5129e3e535
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
baa958ba0ada2db95b0047a3822df13589ef19dec86ecf7c0a9f46600b28d2f2
c4db7a995aeb5a6dcd6894b145c2834efc3b22f326a0022305e21b6afba40821
c84e150e43ec4b3f10ac2c8afebd93ad48851006dd2f2876629a2906bb5ebc19
cb4c05786e0f97c8f84fc48e63be3205e04a47bfa1453d2ee6902eaabb0f9ec8
d1184d4f94587a2d660333302d01c73efc8044642404e52fd0aa70d786de6f63
d8de12a7156a3a591ec7158dd4a0cad69814b64bd6353e5ea73f2f91f16651f6
dff6fcf98ddb9fe838f595550704ecf419cb3ebb54b4cd6be32ef8fa0e54e425
ebb28d1532f62fc54a4ee806ce19ef3e47a45eeac0cc560fb9b338de8ab2d62b
f212cf5ffebe089c784d4f67fe9a6bd12e79f4b7993da775e5e05152c73ad5b8