recordedfuture.vlg.me Open in urlscan Pro
52.141.221.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://recordedfuture.vlg.me/
Effective URL:
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-...
Submission: On August 19 via manual (August 19th 2022, 6:25:17 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 7 countries across 12 domains to perform 48 HTTP transactions. The main IP is 52.141.221.30, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is recordedfuture.vlg.me.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 8th 2022. Valid for: a year.

This is the only time recordedfuture.vlg.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 26	52.141.221.30 52.141.221.30	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	13.41.31.80 13.41.31.80	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:ea:... 2a02:26f0:ea::1706:7049	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
48	13

26 52.141.221.30 (Des Moines, United States) 4 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

recordedfuture.vlg.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wefightboredom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.wefightboredom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.31.80 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-31-80.eu-west-2.compute.amazonaws.com

reveal.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea::1706:7049 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	vlg.me 2 redirects recordedfuture.vlg.me	1 MB
5	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 466 fonts.googleapis.com — Cisco Umbrella Rank: 54	130 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	40 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	35 KB
3	wefightboredom.com 2 redirects wefightboredom.com www.wefightboredom.com	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 6010	167 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	60 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	443 B
1	gstatic.com fonts.gstatic.com	38 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1419	63 KB
1	clearbit.com reveal.clearbit.com — Cisco Umbrella Rank: 21426	1021 B
48	12

	Domain	Requested by
23	recordedfuture.vlg.me	2 redirects www.wefightboredom.com code.jquery.com recordedfuture.vlg.me code.createjs.com
4	storage.googleapis.com	www.wefightboredom.com recordedfuture.vlg.me storage.googleapis.com
3	cdnjs.cloudflare.com	recordedfuture.vlg.me
3	cdn.jsdelivr.net	recordedfuture.vlg.me storage.googleapis.com
2	www.google-analytics.com	recordedfuture.vlg.me
2	pro.fontawesome.com	recordedfuture.vlg.me pro.fontawesome.com
2	code.jquery.com	recordedfuture.vlg.me
2	www.wefightboredom.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	recordedfuture.vlg.me
1	code.createjs.com	recordedfuture.vlg.me
1	reveal.clearbit.com	recordedfuture.vlg.me
1	wefightboredom.com	1 redirects
48	14

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
www.recordedfuture.com

Subject Issuer	Validity	Valid
wefightboredom.com Go Daddy Secure Certificate Authority - G2	`2021-09-03` - `2022-09-03`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.vlg.me Go Daddy Secure Certificate Authority - G2	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
clearbit.com Amazon	`2022-07-28` - `2023-08-26`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
Frame ID: 8896182ED0DC31298B329071B0FDCEC5
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tee Off With Recorded Future

Page URL History Show full URLs

http://recordedfuture.vlg.me/ HTTP 302
http://wefightboredom.com/fff?domain=recordedfuture.vlg.me HTTP 301
https://www.wefightboredom.com/fff?domain=recordedfuture.vlg.me HTTP 301
http://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me HTTP 307
https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me Page URL
https://recordedfuture.vlg.me/CreateTarget HTTP 302
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777... Page URL
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Clearbit Reveal (Analytics) Expand

Overall confidence: 100%
Detected patterns

reveal\.clearbit\.com/v[(0-9)]/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

90 %
HTTPS

83 %
IPv6

12
Domains

14
Subdomains

13
IPs

7
Countries

1918 kB
Transfer

4760 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/privacy-policy?__hstc=233546881.37c51b88c43feb7b4d2edea622bfe0d2.1644012949909.1644012949909.1644012949909.1&__hssc=233546881.9.1644012949909&__hsfp=3094949200
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://recordedfuture.vlg.me/ HTTP 302
http://wefightboredom.com/fff?domain=recordedfuture.vlg.me HTTP 301
https://www.wefightboredom.com/fff?domain=recordedfuture.vlg.me HTTP 301
http://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me HTTP 307
https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me Page URL
https://recordedfuture.vlg.me/CreateTarget HTTP 302
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3 Page URL
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://recordedfuture.vlg.me/ HTTP 302
http://wefightboredom.com/fff?domain=recordedfuture.vlg.me HTTP 301
https://www.wefightboredom.com/fff?domain=recordedfuture.vlg.me HTTP 301
http://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me HTTP 307
https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me

Request Chain 2

https://recordedfuture.vlg.me/CreateTarget HTTP 302
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
www.wefightboredom.com/fff/
Redirect Chain

http://recordedfuture.vlg.me/
http://wefightboredom.com/fff?domain=recordedfuture.vlg.me
https://www.wefightboredom.com/fff?domain=recordedfuture.vlg.me
http://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me
https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me

1 KB
1 KB

149ms
149ms

Document
text/html

52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57af576eb85c11bbd7200e65e9b593cfed2e67e06eca9baaf2b5953d8f58e84e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 596
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Aug 2022 18:25:13 GMT
Expect-CT: max-age=86400, enforce
Permissions-Policy: geolocation=(), camera=()
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me
Non-Authoritative-Reason: HSTS

GET
H2 200 includes_edge_3.js Show response
storage.googleapis.com/vlg-cf/edge_includes/edgetemplate_3/ 55 KB
55 KB 72ms
18ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/vlg-cf/edge_includes/edgetemplate_3/includes_edge_3.js
Requested by: Host: www.wefightboredom.com
URL: https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c792afc446d77d447d4238ac48e03ef575e2209f75b3dbe0ffd80533339d7e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wefightboredom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 17:33:59 GMT
age: 3074
x-guploader-uploadid: ADPycdv9rLjK2trFdMG5PdN0EGcobgtckfyQfSJSQHqVxSweoBw9EWLy9hoCAmCz2D7UZPvWrOoKtzICmCGfhy1uSpyO_0Np_DYZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55847
last-modified: Thu, 26 Jul 2018 13:47:43 GMT
server: UploadServer
etag: "78c0513e8f7ca3a5211485fd708aa3ee"
x-goog-hash: crc32c=z8gEuQ==, md5=eMBRPo98o6UhFIX9cIqj7g==
x-goog-generation: 1532612863883187
cache-control: public, max-age=3600
x-goog-stored-content-length: 55847
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 19 Aug 2022 18:33:59 GMT

GET
H/1.1

200
OK

file_not_found.aspx Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/
Redirect Chain

https://recordedfuture.vlg.me/CreateTarget
https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

10 KB
4 KB

146ms
146ms

Document
text/html

52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

Requested by

Host: www.wefightboredom.com
URL: https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

980696d1d4be4fdd0b2fc1e678323bea439196c912dd49ff77f8c859f7cddaf8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wefightboredom.com/fff/?domain=recordedfuture.vlg.me
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3779
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Aug 2022 18:25:13 GMT
Expect-CT: max-age=86400, enforce
Permissions-Policy: geolocation=(), camera=()
Referrer-Policy: strict-origin-when-cross-origin
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Connection: keep-alive
Content-Length: 231
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Aug 2022 18:25:13 GMT
Expect-CT: max-age=86400, enforce
Location: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3
Permissions-Policy: geolocation=(), camera=()
Referrer-Policy: strict-origin-when-cross-origin
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 246ms
55ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://recordedfuture.vlg.me/
Origin: https://recordedfuture.vlg.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:14 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15851"
vary: Accept-Encoding
x-hw: 1660933514.dop103.fr8.t,1660933514.cds108.fr8.hn,1660933514.cds261.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 reveal Show response
reveal.clearbit.com/v1/companies/ 1 KB
1021 B 326ms
231ms Script
application/javascript 13.41.31.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reveal.clearbit.com/v1/companies/reveal?authorization=pk_0c6d2cae3692ded7769a51e1adf207fa&variable=cb_Variable

Requested by

Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.41.31.80 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-31-80.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

84fb19b104e0c95cd042cae85181d7556d4a373c0f667fed67b1e3be01d24aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-api-version: 2018-02-14
vary: Accept-Encoding
x-account-id: 0bb09db8-d99a-443e-a73d-ed162678ec71
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK CreateTargetUserFullData Show response
recordedfuture.vlg.me/service/CampaignService.asmx/ 202 B
968 B 282ms
282ms XHR
text/xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/service/CampaignService.asmx/CreateTargetUserFullData?campaignGuid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&FirstName=1660933514175&LastName=5196613054713&Phone=&email=1660933514175@undefined&Segment=Non%20Personalized&Batch=&Address=null%20null&Address2=null&City=null&State=null&Zip=null&Company=Mango%20Marketing&URLName=1660933514175&Custom1=&Custom2=&Custom3=&Custom4=&Custom5=&Custom6=&Custom7=&Custom8=&Custom9=&Custom10=&Custom11=&Custom12=&Custom13=Industry:%20Media&Custom14=Longitude:%2010.451526%20Latitude:%2051.165691&Custom15=Timezone:%20Europe/Berlin&Custom16=Email%20List:%20&Custom17=Phone%20List:%20&Custom18=Facebook:%20null%20Twitter:%20null%20LinkedIn%20company/mangomarketingde&Custom19=IP%20Address:%20193.27.14.24&Custom20=vlgcapture&StartUrl=&Title=&Country=&Fax=&EmailAddress=&EmployeeCount=&AnnualRevenue=&Industry=&OrgLevel=&Region=&SalesForceID=&TotalRunningScore=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57dd9ac14e590ce1d58195b4d132054cae15a51a36f6a9e37beb9e7012b96925

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 284
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: DENY
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/xml; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private, max-age=0
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests

GET
H/1.1 200
OK GetTargetDetails Show response
recordedfuture.vlg.me/service/CampaignService.asmx/ 10 KB
3 KB 183ms
182ms XHR
text/xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/service/CampaignService.asmx/GetTargetDetails?urlName=16609335141755196613054713&campaignGuid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

45d3bbf60a0ef6c5a8456c6a71b70dd2c10d8d0d5a459e23df88cefc62498a34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2771
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: DENY
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/xml; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private, max-age=0
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests

POST
H/1.1 200
OK SiteletWriteSurveyDataOneXML
recordedfuture.vlg.me/service/CampaignService.asmx/ 159 B
955 B 157ms
157ms XHR
text/xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/service/CampaignService.asmx/SiteletWriteSurveyDataOneXML

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Aug 2022 18:25:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 239
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: DENY
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private, max-age=0
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests

GET
H/1.1 200
OK Primary Request index.aspx Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/ 17 KB
6 KB 153ms
153ms Document
text/html 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true

Requested by

Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e7df0405dd127913dbad7920cc652fd8aa9a57ac17646c30fb0193151feea9ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/file_not_found.aspx?cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5884
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Aug 2022 18:25:14 GMT
Expect-CT: max-age=86400, enforce
Permissions-Policy: geolocation=(), camera=()
Referrer-Policy: strict-origin-when-cross-origin
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ 236 KB
63 KB 148ms
38ms Script
text/javascript 2a02:26f0:ea::1706:7049
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ea::1706:7049 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 19 Aug 2022 18:40:15 GMT

GET
H/1.1 200
OK vlg-preloader-2.js Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/ 1 KB
1 KB 139ms
138ms Script
application/x-javascript 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/vlg-preloader-2.js

Requested by

Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c60396a49723aca39ed4abfaa199d3d0d69dd74f52576265ef4a474c83289681

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 726
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:57:36 GMT
X-Frame-Options: DENY
ETag: "83877cf03e95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/x-javascript
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:300,400,500,700,900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b6146ac279c1c2b0d42147507d6b403763e9f9adc1be25c1dc5e5eb17a6c5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 18:25:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 18:25:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 18:25:15 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
26 KB 86ms
35ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9735670
x-jsd-version: 5.1.3
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-iad-kiad7000069-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXcnyYRpmrr9e%2FMUOxETR4C%2F0mGRaFCFqtuh9N2zD0pIMKd5ffVqCVqJ%2BRazz%2BJhEnCliEwKGgApwe5FQbgcqfrVWiFtQgSy3Lpq%2FuOIC%2BR5C7pHMdTUmNEEkw3Nok7m0twReRuDhBm6id0WkKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 73d4ee44fd8823af-ZRH
access-control-expose-headers: *

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.4/css/ 170 KB
33 KB 619ms
553ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css
Requested by: Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22

Request headers

Referer: https://recordedfuture.vlg.me/
Origin: https://recordedfuture.vlg.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: B2H1NWS1TD7M8XCY
x-amz-id-2: l8AKRz033H1P3MLOj0w9aCV9NczeAo+u0UdNIR0Ff6hISLOonUigSUlyhH5xDGGMPZjbgaTzQgw=
last-modified: Wed, 04 Aug 2021 20:57:37 GMT
server: cloudflare
etag: W/"21f9f9f41222c9f2acec907529ea35a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73d4ee4508c9020d-ZRH

GET
H/1.1 200
OK styles.css
recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/css/ 8 KB
2 KB 278ms
139ms Stylesheet
text/css 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/css/styles.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c554161ff6a6aa95d100cec52832cdf547ad4fb3f2bba5305a07ade9beba4ef0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1635
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 18:28:11 GMT
X-Frame-Options: DENY
ETag: "80ef9bf95395d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 26ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://recordedfuture.vlg.me/
Origin: https://recordedfuture.vlg.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:14 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15851"
vary: Accept-Encoding
x-hw: 1660933514.dop103.fr8.t,1660933514.cds108.fr8.hn,1660933514.cds261.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H/1.1 200
OK connectionspeedtest.js Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/com/ 2 KB
2 KB 415ms
141ms Script
application/x-javascript 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/com/connectionspeedtest.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f0f51110f9abd720ed235d1ea9ef0c87adca2b083805e340becec9dea7e028fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 979
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:25 GMT
X-Frame-Options: DENY
ETag: "901ec1d3f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/x-javascript
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H2 200 de_includes-latest.js Show response
storage.googleapis.com/vlg-cf/includes-2020/ 70 KB
70 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/vlg-cf/includes-2020/de_includes-latest.js
Requested by: Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8994c082cb45e8d1ac8e227798775d0d1c100c52c92a972e51271843b9ae7d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 17:34:02 GMT
age: 3072
x-guploader-uploadid: ADPycduk4k6Sx5_88ZLSOxCUcQ1c5jAWFRUJTE84bB_vnZGamEVaszqaGzA1ljLJ9Xaa3Oa9YFfZt_6av6eTJq0UQwZ837yp7iN-
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71493
last-modified: Tue, 02 Aug 2022 20:06:56 GMT
server: UploadServer
etag: "ff510982a23771e932e30581afcaac77"
x-goog-hash: crc32c=bueFSQ==, md5=/1EJgqI3ceky4wWBr8qsdw==
x-goog-generation: 1659470816925483
cache-control: public, max-age=3600
x-goog-stored-content-length: 71493
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 19 Aug 2022 18:34:02 GMT

GET
H2 200 html5_bootstrap-2019.js Show response
storage.googleapis.com/vlg-cf/includes-2019/html_includes-2019/ 2 KB
2 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/vlg-cf/includes-2019/html_includes-2019/html5_bootstrap-2019.js
Requested by: Host: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 50a01e4189395781c9a4990f7b39e5548edda73c2dae49cadc555b10a3324bd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 17:34:02 GMT
age: 3072
x-guploader-uploadid: ADPycdtezExX8A_oiYiJCNS4fCndTEx3PDl9H2M0UXuFGP-AoaIUlBuWRr9reTActZ0BZc9Xuvbp5liuSENWOdhXaCwMPbCTiIdR
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1726
last-modified: Tue, 13 Oct 2020 23:33:03 GMT
server: UploadServer
etag: "76087db443f398d580e0a3a8a5684e11"
x-goog-hash: crc32c=Fyf2/A==, md5=dgh9tEPzmNWA4KOopWhOEQ==
x-goog-generation: 1602631983755366
cache-control: public, max-age=3600
x-goog-stored-content-length: 1726
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 19 Aug 2022 18:34:02 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ 64 KB
24 KB 93ms
39ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3784933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23292
timing-allow-origin: *
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IthRxg8uo0utTRjvE10UNUE57GR7Q5fWDZQ4xRfwierTL1UJY%2B2MlAciAFNL%2FPtqNnq%2B2YdAQb%2FowGMRjzd9H09RTnE%2BBiYOJuCsl9FxbamXQuM9Kn8MQzWqCKm5bWtxJfXYAZXZNQ1wlTzbbJf9eMCN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d4ee450eb901e3-ZRH
expires: Wed, 09 Aug 2023 18:25:15 GMT

GET
H2 200 ScrollToPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ 4 KB
2 KB 100ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ScrollToPlugin.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceed8384cbce3d2a44e830e4c6d70fb1265c7ff8f6f78bbcdb5e832d674acbe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 160397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1612
timing-allow-origin: *
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-64c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx4NQnKf63XpsrWujmgHZBOdP1MzlO0Xcs008DeZ3EECyK%2FKSlpDwSd0NugFuOr8f%2BZvYjeRMVRfLceONtT8adC6xuWvH03mdAlbLCWrHmYeyGD77VIEDa1%2FQBt60Q56KgQie%2BJeANoL%2BJxYJ60X7so5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d4ee450ebb01e3-ZRH
expires: Wed, 09 Aug 2023 18:25:15 GMT

GET
H2 200 ScrollTrigger.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ 37 KB
14 KB 95ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ScrollTrigger.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eeea0ae57626a80aca153481285c67bf51f2d451d4b8a04bc7daf2e209f0f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10092975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14324
timing-allow-origin: *
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-37f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HLinJxNXKL8UDGnm4Rcfj9u2rmRk3xqb%2BNP%2FRrI%2BuS8O04vKOVLTwxx0BdaI7nBNbbKl%2FaecjdFxPfpfBcaDY777qrjfrTtvd3xNDWt%2BQZv4mD%2BN2UgqtOwK7KFF3jEOa8ujyJ5flsxZR80mZLBSRBx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73d4ee450ebd01e3-ZRH
expires: Wed, 09 Aug 2023 18:25:15 GMT

GET
H/1.1 200
OK LocalVars.js Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/com/ 118 B
825 B 412ms
138ms Script
application/x-javascript 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/com/LocalVars.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

83bebe8329a2ff97dfbfa75ccbc5ba7e1b69f87fdfb7b23d08d2e3753535dcb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 197
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:28 GMT
X-Frame-Options: DENY
ETag: "c2888df3f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/x-javascript
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H/1.1 200
OK form.js Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/com/ 8 KB
3 KB 418ms
142ms Script
application/x-javascript 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/com/form.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

206fd932c3b45dac4a7f1422d5103264974f3ab16bd1af9d37bf64bfb2882c1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2245
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 07 Aug 2022 17:34:55 GMT
X-Frame-Options: DENY
ETag: "8049cc184aad81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/x-javascript
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H/1.1 200
OK custom.js Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/js/ 9 KB
4 KB 426ms
149ms Script
application/x-javascript 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/js/custom.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3a3f118e9d2a7130f6b5b804a0e352a9388939b7aabcc04a6db34a0df64b3039

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3160
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 07 Aug 2022 17:23:51 GMT
X-Frame-Options: DENY
ETag: "80ed57682aad81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/x-javascript
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H/1.1 200
OK apple-touch-icon-57x57.png
recordedfuture.vlg.me/campaign/7776-22TOWRF/images/ 803 B
1 KB 139ms
139ms Image
image/png 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/images/apple-touch-icon-57x57.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

457982b964e7811b9ad1347295fc77c6b68129b4a4328a77a5585df103f5c3a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:11 GMT
X-Frame-Options: DENY
ETag: "a0935353f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 803
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK logo-recordedfuture.svg
recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/img/ 4 KB
2 KB 138ms
138ms Image
image/svg+xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/img/logo-recordedfuture.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

648200496c99346bbe92e2f77adc844c83bb41868f3ed3097970f4e7aaf40480

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1167
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:03 GMT
X-Frame-Options: DENY
ETag: "80376c03f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/svg+xml
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H/1.1 200
OK goldball.svg
recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/img/ 8 KB
4 KB 140ms
140ms Image
image/svg+xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/img/goldball.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

efe561b8546b7e4d7a8886e7ae9608bb6f3238f9083d8b01c5abc7aede10e9a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3311
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:03 GMT
X-Frame-Options: DENY
ETag: "80376c03f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/svg+xml
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-topgolf.svg
recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/img/ 2 KB
3 KB 142ms
141ms Image
image/svg+xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/assets/img/logo-topgolf.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

42fdf979c8a5d10accfd8dddbecb1dde198c18f5702c8861b470e838e1978c34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:03 GMT
X-Frame-Options: DENY
ETag: "885e9d03f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2221
X-Content-Type-Options: nosniff

GET
H3 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 62ms
32ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/vlg-cf/includes-2019/html_includes-2019/html5_bootstrap-2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31635
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19150-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fb0hpHbiUagX580rmC374NtNSDQGNRt6MtJ8dmDCbf5V3c%2B3%2BV6TUl4WeOcq6RXc8%2B0cqrPj%2FWYpJHXXmEqmK3xn6%2FolFczpTbWdj8%2BwY8wSk3nrpcRz7%2FJGiwu5DXVNNtAIKKxNHpomAb0M%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73d4ee48c9490225-ZRH

GET
H3 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 58ms
33ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/vlg-cf/includes-2019/html_includes-2019/html5_bootstrap-2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31917
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjw1pJ6IwcPUgfFZEnyz0kZCNFNCgPAZH6gYqqtWqH76RpeO2owdwzGwCV%2BZjnVbMgeMxxXUlsrqU9YNEtngGiN%2BW%2BkQ1YqAdgeNCBk01qqWCiIpsB%2BEsOJW2ISJLPmbPmoWjewl1CACj99VjkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73d4ee48c9480225-ZRH

GET
H3 200 GDPR.css
storage.googleapis.com/vlg-cf/includes/GDPR/ 1 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/vlg-cf/includes/GDPR/GDPR.css
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/vlg-cf/includes-2019/html_includes-2019/html5_bootstrap-2019.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9237ae0636c10302da70b85da9e413fdecffe84b4b7bdedd86c7b64ac748bd36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 17:34:03 GMT
age: 3072
x-guploader-uploadid: ADPycdt8Z-OLyl6NzJWB5DpBPLpvALTHRWZ9gK5VPAXvYYflB8h5VeXlMlLvQoivNeH_SjXdUTfdfHvxe82Z0AzhE8k1C-_Dzj2o
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1192
last-modified: Sun, 13 Dec 2020 17:07:23 GMT
server: UploadServer
etag: "17dce951b98c910b9d9e8e1cb9deddc6"
x-goog-hash: crc32c=GBA9AA==, md5=F9zpUbmMkQudno4cud7dxg==
x-goog-generation: 1607879243175969
cache-control: public, max-age=3600
x-goog-stored-content-length: 1192
accept-ranges: bytes
content-type: text/css
expires: Fri, 19 Aug 2022 18:34:03 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.15.4/webfonts/ 134 KB
134 KB 444ms
444ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.4/css/all.css
Origin: https://recordedfuture.vlg.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 18:25:16 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: B2H1FVPX6SE6PGSG
content-length: 137104
x-amz-id-2: eXO0BUlQg2rlyWNTjnPV41w8YC88+tvBlQ6r0TorFrWmdssb/tLYp9gteatMyDXkwiQlnYNeiNQ=
last-modified: Wed, 04 Aug 2021 20:59:35 GMT
server: cloudflare
etag: "dbf1fc91f1beec2915123257ea4d58ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 73d4ee48aecf020d-ZRH

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 57ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recordedfuture.vlg.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 351038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:54:37 GMT

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
17ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4995
date: Fri, 19 Aug 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Aug 2022 19:02:00 GMT

GET
H/1.1 200
OK GetTargetDetails Show response
recordedfuture.vlg.me/service/CampaignService.asmx/ 10 KB
3 KB 161ms
161ms XHR
text/xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/service/CampaignService.asmx/GetTargetDetails?urlName=16609335141755196613054713&campaignGuid=6A283E06-8E8F-4D09-8B94-9777DB366DF3

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4bc7eb7b25a26f4ceb7012db22ddf180d8c5fa2e12b562532f563b8aae221c05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2802
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: DENY
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/xml; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: private, max-age=0
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 115ms
31ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-340370-22&cid=485129577.1660933516&jid=738609990&gjid=185784083&_gid=628016967.1660933516&_u=IGBAiEABBAAAAE~&z=304172650

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://recordedfuture.vlg.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Aug 2022 18:25:15 GMT
content-type: text/plain
access-control-allow-origin: https://recordedfuture.vlg.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
16ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=783068718&t=pageview&_s=1&dl=https%3A%2F%2Frecordedfuture.vlg.me%2Fcampaign%2F7776-22TOWRF%2Findex.aspx%3Ftguid%3D1C8F7F79-48E3-455A-8096-394236AC21C0%26cguid%3D6A283E06-8E8F-4D09-8B94-9777DB366DF3%26name%3D16609335141755196613054713%26id%3D7776%26utm_source%3Dvlgcapture%26A%3Dtrue&ul=en-us&de=UTF-8&dt=Tee%20Off%20With%20Recorded%20Future&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAiEABB~&jid=738609990&gjid=185784083&cid=485129577.1660933516&tid=UA-340370-22&_gid=628016967.1660933516&z=210353194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Aug 2022 20:14:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79852
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK GetCampaignProduction Show response
recordedfuture.vlg.me/service/CampaignService.asmx/ 7 KB
3 KB 154ms
154ms XHR
text/xml 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/service/CampaignService.asmx/GetCampaignProduction

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

beb61ba96edfa3ff00dc6d047346910d55bba6f4c1bbe60bae18fa241825209e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Aug 2022 18:25:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2687
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ec44e5f4-a2d0-4b96-a3e2-1038d87f7d56
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: DENY
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Request-Context
Cache-Control: private, max-age=0
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests

GET
H/1.1 200
OK img-404-puppies.jpg Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/images/ 84 KB
85 KB 277ms
277ms XHR
image/jpeg 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/images/img-404-puppies.jpg

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

06f9fcf3d791a448fa01f109a9a30f8c08bd51cd6853c20d715515b32853c23f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:16 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:11 GMT
X-Frame-Options: DENY
ETag: "8e09f53f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86301
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK bg-ie-redirect.png Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/images/ 24 KB
25 KB 307ms
306ms XHR
image/png 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/images/bg-ie-redirect.png

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c042ce3ad37e3a95130daf602e8a88a7b604e2ded5151395123de907106081aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:16 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:11 GMT
X-Frame-Options: DENY
ETag: "3eba7953f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24738
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK connectiontest-1mb.jpg Show response
recordedfuture.vlg.me/campaign/7776-22TOWRF/images/ 1 MB
1 MB 286ms
285ms XHR
image/jpeg 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/images/connectiontest-1mb.jpg

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1cf0b344ed039d214b0cb36c542384462a1d7e086797799f55bf0a33637b03c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:16 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:12 GMT
X-Frame-Options: DENY
ETag: "af1f053f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1238091
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK connectiontest-1mb.jpg
recordedfuture.vlg.me/campaign/7776-22TOWRF/images/ 799 KB
0 277ms
277ms Image
image/jpeg 52.141.221.30
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://recordedfuture.vlg.me/campaign/7776-22TOWRF/images/connectiontest-1mb.jpg?nnn=1660933516179

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.141.221.30 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recordedfuture.vlg.me/campaign/7776-22TOWRF/index.aspx?tguid=1C8F7F79-48E3-455A-8096-394236AC21C0&cguid=6A283E06-8E8F-4D09-8B94-9777DB366DF3&name=16609335141755196613054713&id=7776&utm_source=vlgcapture&A=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 18:25:16 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Jul 2022 15:58:12 GMT
X-Frame-Options: DENY
ETag: "af1f053f95d81:0"
Expect-CT: max-age=86400, enforce
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), camera=()
Content-Security-Policy: upgrade-insecure-requests
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1238091
X-Content-Type-Options: nosniff

GET
BLOB 200
OK 88ca64be-22e3-439a-b084-0d9503ee2b4a
https://recordedfuture.vlg.me/ 24 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://recordedfuture.vlg.me/88ca64be-22e3-439a-b084-0d9503ee2b4a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c042ce3ad37e3a95130daf602e8a88a7b604e2ded5151395123de907106081aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 24738
Content-Type: image/png

GET
BLOB 200
OK 47a14caf-1c93-4732-9ff5-967f9a5723ad
https://recordedfuture.vlg.me/ 84 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://recordedfuture.vlg.me/47a14caf-1c93-4732-9ff5-967f9a5723ad
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06f9fcf3d791a448fa01f109a9a30f8c08bd51cd6853c20d715515b32853c23f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 86301
Content-Type: image/jpeg

GET
BLOB 200
OK 596168e9-dc5c-4835-bd0e-127ddc1d83e4
https://recordedfuture.vlg.me/ 1 MB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://recordedfuture.vlg.me/596168e9-dc5c-4835-bd0e-127ddc1d83e4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 1238091
Content-Type: image/jpeg

POST SiteletWriteTraffic
recordedfuture.vlg.me/service/CampaignService.asmx/ 0
0

POST SiteletWriteSurveyData
recordedfuture.vlg.me/service/CampaignService.asmx/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/service/CampaignService.asmx/SiteletWriteTraffic

Domain: recordedfuture.vlg.me
URL: https://recordedfuture.vlg.me/service/CampaignService.asmx/SiteletWriteSurveyData

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vlg.me/	1970-01-20 14:58:13	Name: _ga Value: GA1.2.485129577.1660933516
.vlg.me/	1970-01-20 05:23:39	Name: _gid Value: GA1.2.628016967.1660933516
.vlg.me/	1970-01-20 05:22:13	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.createjs.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
pro.fontawesome.com
recordedfuture.vlg.me
reveal.clearbit.com
stats.g.doubleclick.net
storage.googleapis.com
wefightboredom.com
www.google-analytics.com
www.wefightboredom.com
recordedfuture.vlg.me
13.41.31.80
2001:4860:4802:36::178
2001:4de0:ac18::1:a:3b
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6812:1634
2a00:1450:4001:80f::2010
2a00:1450:4001:82a::2003
2a00:1450:400c:c08::9a
2a00:1450:400e:80c::200a
2a02:26f0:ea::1706:7049
52.141.221.30
06f9fcf3d791a448fa01f109a9a30f8c08bd51cd6853c20d715515b32853c23f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0eeea0ae57626a80aca153481285c67bf51f2d451d4b8a04bc7daf2e209f0f31
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1cf0b344ed039d214b0cb36c542384462a1d7e086797799f55bf0a33637b03c7
206fd932c3b45dac4a7f1422d5103264974f3ab16bd1af9d37bf64bfb2882c1b
3a3f118e9d2a7130f6b5b804a0e352a9388939b7aabcc04a6db34a0df64b3039
42fdf979c8a5d10accfd8dddbecb1dde198c18f5702c8861b470e838e1978c34
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
457982b964e7811b9ad1347295fc77c6b68129b4a4328a77a5585df103f5c3a2
45d3bbf60a0ef6c5a8456c6a71b70dd2c10d8d0d5a459e23df88cefc62498a34
4bc7eb7b25a26f4ceb7012db22ddf180d8c5fa2e12b562532f563b8aae221c05
50a01e4189395781c9a4990f7b39e5548edda73c2dae49cadc555b10a3324bd5
57af576eb85c11bbd7200e65e9b593cfed2e67e06eca9baaf2b5953d8f58e84e
57dd9ac14e590ce1d58195b4d132054cae15a51a36f6a9e37beb9e7012b96925
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
648200496c99346bbe92e2f77adc844c83bb41868f3ed3097970f4e7aaf40480
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bebe8329a2ff97dfbfa75ccbc5ba7e1b69f87fdfb7b23d08d2e3753535dcb4
84fb19b104e0c95cd042cae85181d7556d4a373c0f667fed67b1e3be01d24aa4
8994c082cb45e8d1ac8e227798775d0d1c100c52c92a972e51271843b9ae7d7c
89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22
8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522
9237ae0636c10302da70b85da9e413fdecffe84b4b7bdedd86c7b64ac748bd36
980696d1d4be4fdd0b2fc1e678323bea439196c912dd49ff77f8c859f7cddaf8
9b6146ac279c1c2b0d42147507d6b403763e9f9adc1be25c1dc5e5eb17a6c5bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
beb61ba96edfa3ff00dc6d047346910d55bba6f4c1bbe60bae18fa241825209e
c042ce3ad37e3a95130daf602e8a88a7b604e2ded5151395123de907106081aa
c554161ff6a6aa95d100cec52832cdf547ad4fb3f2bba5305a07ade9beba4ef0
c60396a49723aca39ed4abfaa199d3d0d69dd74f52576265ef4a474c83289681
c792afc446d77d447d4238ac48e03ef575e2209f75b3dbe0ffd80533339d7e30
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
ceed8384cbce3d2a44e830e4c6d70fb1265c7ff8f6f78bbcdb5e832d674acbe9
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e7df0405dd127913dbad7920cc652fd8aa9a57ac17646c30fb0193151feea9ea
efe561b8546b7e4d7a8886e7ae9608bb6f3238f9083d8b01c5abc7aede10e9a3
f0f51110f9abd720ed235d1ea9ef0c87adca2b083805e340becec9dea7e028fc

recordedfuture.vlg.me Open in urlscan Pro 52.141.221.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

90 %HTTPS

83 %IPv6

12 Domains

14 Subdomains

13 IPs

7 Countries

1918 kBTransfer

4760 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

recordedfuture.vlg.me Open in urlscan Pro
52.141.221.30 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

90 %
HTTPS

83 %
IPv6

12
Domains

14
Subdomains

13
IPs

7
Countries

1918 kB
Transfer

4760 kB
Size

3
Cookies

48 HTTP transactions
1 data transactions