urlscan.io logo urlscan.io
SecurityTrails logo

sentinal.decotawealth.com Open in urlscan Pro
2606:4700:3036::ac43:87f1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cw-trk.dl4nv.us/ga/click/2-37160848-2009-2006-4024-2666-dc375805e2-1cf0f99b35
Effective URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup...
Submission Tags: falconsandbox
Submission: On November 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3036::ac43:87f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is sentinal.decotawealth.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time sentinal.decotawealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
16 199.241.143.100 53340 (FIBERHUB)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
25 6
1    2606:4700:3034::ac43:cce5 (United States)

ASN13335 (CLOUDFLARENET, US)
cw-trk.dl4nv.us
1    2606:4700:3036::ac43:87f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sentinal.decotawealth.com
16    199.241.143.100 (United States)

ASN53340 (FIBERHUB, US)
PTR: standard01.standardiqtest.info
wedeez.com
3    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
1    2606:4700:3033::ac43:d097 (United States)

ASN13335 (CLOUDFLARENET, US)
mtp.capitalrtv.com
Domain Requested by
16 wedeez.com sentinal.decotawealth.com
wedeez.com
3 fonts.googleapis.com sentinal.decotawealth.com
wedeez.com
2 cdn.by.wonderpush.com sentinal.decotawealth.com
cdn.by.wonderpush.com
2 cdnjs.cloudflare.com sentinal.decotawealth.com
cdnjs.cloudflare.com
1 mtp.capitalrtv.com sentinal.decotawealth.com
1 sentinal.decotawealth.com
1 cw-trk.dl4nv.us 1 redirects
25 7

This site contains links to these domains. Also see Links.

Domain
mtp.capitalrtv.com
norge.bestefinansiere.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
wedeez.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
wonderpush.com
Cloudflare Inc ECC CA-3		 2021-10-01 -
2021-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Frame ID: 0D69266BC00AAA4BFE80883629672D0F
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Migros

Page URL History Show full URLs

  1. https://cw-trk.dl4nv.us/ga/click/2-37160848-2009-2006-4024-2666-dc375805e2-1cf0f99b35 HTTP 302
    https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.k... Page URL

Page Statistics

25
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

865 kB
Transfer

1241 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cw-trk.dl4nv.us/ga/click/2-37160848-2009-2006-4024-2666-dc375805e2-1cf0f99b35 HTTP 302
    https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%% Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s0f5_3w
sentinal.decotawealth.com/
Redirect Chain
  • https://cw-trk.dl4nv.us/ga/click/2-37160848-2009-2006-4024-2666-dc375805e2-1cf0f99b35
  • https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:87f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
c0b96999cfba668f9924a937dccd54e1979c2bef4a878ca39930ef950ee1979f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Tue, 16 Nov 2021 07:43:57 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.14
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0jrANJdTigI4ICtwwMtgUvo8F2BLxX0Kjw0nDn4ERWLxH4Ng0QHePHuFfXoJtF%2FIggidxdF%2FlJ1MW1YeTbF6P%2FDD7W6Dao2R88NcK395J2VTNHHRp2ql7L1%2BjpJE1p2EKW6AGvJT5uHZTq9tcavBwI6BV0d4eMY"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aef17568f5f5830-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 16 Nov 2021 07:43:55 GMT
content-type
text/html; charset=utf-8
status
302 Found
x-request-id
efb8d0f56c58dfb86b629815c82c4d60
x-rack-cache
miss
cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.018686
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by
Phusion Passenger 6.0.4
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nouM0IB9JVceGw%2Byw7sJt52GBLlkh5n%2F%2BTHpxaUHKxjNyh%2B67J09KIbSlj7s4MmK%2FH%2FV%2FNor83QeWBPBhGUgIUXS3X1uEndU05RpYqc7mBma65R9CqlAhR71i6WmaHXP9vlJdKnn2N8NLYkhhj4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6aef17505b5c56ce-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
wedeez.com/eml/CH-Migros-Multi-Oct21/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/bootstrap.min.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:57 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:33 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"1d970-5cf7d3b1f4ec1"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
121200
css
fonts.googleapis.com/ 		1 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Economica:700,400italic
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91293fa8880737f1415e3848f3e28b408b01a00f21f0e79b3abc8ac343960d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 07:43:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Nov 2021 07:43:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Nov 2021 07:43:57 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
909261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4972
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JUZ0SdfZgDEHNRyK9jkCbsnQhkoE5Uv%2B18TFzdD5GxN%2BDkZ45XmG8lcDSomZ4HzPq%2BVh8X4aI%2FPNcma6Epiikyioc7SIy4C5Ja9f1qzR8KazhSvQ5vhY07utuFfzH3ZaOn2bzke3DGG96NpVoBDn7yP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aef1760ac6b59d4-IAD
expires
Sun, 06 Nov 2022 07:43:57 GMT
animate.css
wedeez.com/eml/CH-Migros-Multi-Oct21/css/ 		56 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/animate.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:57 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:33 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"df07-5cf7d3b1ed5a9"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
57095
custom.css
wedeez.com/eml/CH-Migros-Multi-Oct21/css/ 		32 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/custom.css
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
bebf83b9df0c7d14dc63050369f72a216058edae312051150d4dcf5729c78bb8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:57 GMT
Last-Modified
Fri, 29 Oct 2021 12:55:23 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"80f5-5cf7d571e32da"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33013
jquery.min.js
wedeez.com/eml/CH-Migros-Multi-Oct21/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/js/jquery.min.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:57 GMT
Last-Modified
Fri, 29 Oct 2021 12:48:21 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"1538e-5cf7d3dfc9dc6"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86926
bootstrap.min.js
wedeez.com/eml/CH-Migros-Multi-Oct21/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/js/bootstrap.min.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:57 GMT
Last-Modified
Fri, 29 Oct 2021 12:48:21 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"90b5-5cf7d3dfccca5"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37045
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59ba2cbbbcd1a8c68fd2b66ada34ec96c63933be5ba5064c3e1dedca333eb8c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:43:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
64519
x-cache
Miss from cloudfront
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
493
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 13:48:07 GMT
server
cloudflare
etag
"e7448cd6e079fa412ff7d76aed41dedded6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 1bd7d779bed244375679d82e1821cc3d.cloudfront.net (CloudFront)
cache-control
public,max-age=86400
x-amz-cf-pop
IAD89-P2
accept-ranges
bytes
cf-ray
6aef1763cda15d74-IAD
x-amz-cf-id
pwtMFmW1qCKL5CjdPNcvWdC4gsWJEsQyfmlwu6EdYq-f100Nnt6lBw==
chf-flag.png
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/chf-flag.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
a1536d821f788b72cc858ce7fd5a8c36e4ff2f3b35a5a7a6fd705f3e462c590f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:58 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"5b1a-5cf7d3ca285d6"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
23322
logo.svg
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/logo.svg
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
c71e97b5668f9081fa9c65474aa7720207f2646ca56aa6a015d8e0592e19dd52

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:58 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"c3e-5cf7d3ca29d46"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3134
3.jpg
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/3.jpg
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
a9aa3045c1f68dfeacd024e5d66333b84e7715f2eaf6d8fe815f5ff015eef4b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:47 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"a31-5cf7d3bfc1d0f"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2609
gift-box.png
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/gift-box.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
bag.webp
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/bag.webp
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
7a5c56705fa79d24900c5015e0e81a4004410b90806afca64fbc4c0be9f8a32c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:52 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"15fd6-5cf7d3c40808c"
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
90070
lander_lp
mtp.capitalrtv.com/ 		0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mtp.capitalrtv.com/lander_lp?lp=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller@zehndergroup.com
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:43:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhHBqNwLspnJUfcTXtmVXq3HntTSAJHWcLvknbvzHEoekhthqX72b1fjNl%2Bq%2FUWXWTPlhGqPq22PmavAWrCqFgtd5A74Q8AIiihG9d9KNwlPOruvczXt3O9ezc%2Fly%2FP0r9sv5gquvK5uQTT4jDXVz%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6aef1763bc7156ce-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
13.jpg
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/13.jpg
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
84caca28b1b77e8145a8d694aa1ee44d3946a6973af2e9b9b5502a9f49420527

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:47 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"200d-5cf7d3bfc8e56"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8205
mac.png
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/mac.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
a462a53ab767e7f11dd84d5568f2e89bfb0634c1499eaf3ebf2ad9c750cb28a1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:48:08 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"d972-5cf7d3d34b6ee"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
55666
tv.jpg
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/tv.jpg
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
27344768d8dcbd95b42f9df9f50a5cc18266a7ffb6ee9dad118d828c24a20cbf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:48:07 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"5bf2-5cf7d3d28b4c5"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
23538
card.png
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/card.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
7a2470f766f5ca8f79fca549dd2d1be795e1e45880a5181860c2e8106457d699

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:55 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"1da6-5cf7d3c6ca907"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7590
app.png
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/app.png
Requested by
Host: sentinal.decotawealth.com
URL: https://sentinal.decotawealth.com/s0f5_3w?CMZ_r9=ZH12jnFncWNfn6-imG-Ua2Jze3qtwKuTZmdfpn1xkGhjbWJ-hg/marianne.keller%40zehndergroup.com&s3=%%First_Name%%&s4=%%Last_Name%%
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
0fb842af102c0ab6b6f6ffe8039cab727f85903a0643d30aaf6a4970cc6325a9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:51 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"d95-5cf7d3c39d974"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3477
css
fonts.googleapis.com/ 		981 B
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bevan&subset=latin-ext,vietnamese
Requested by
Host: wedeez.com
URL: https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c80bcb2b629547a2d47ebfc6215bc29630a3222f00b2b4a5fd384e8c72d072a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wedeez.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 07:43:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Nov 2021 07:43:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Nov 2021 07:43:57 GMT
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Requested by
Host: wedeez.com
URL: https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wedeez.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 06:06:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Nov 2021 07:43:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Nov 2021 07:43:57 GMT
bnr.jpg
wedeez.com/eml/CH-Migros-Multi-Oct21/img/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/bnr.jpg
Requested by
Host: wedeez.com
URL: https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.241.143.100 , United States, ASN53340 (FIBERHUB, US),
Reverse DNS
standard01.standardiqtest.info
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1g /
Resource Hash
17b1a22f73e7f7fe9dc1079bd2d2db7eaaa11319d2694d4bb0aba8547969f02a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://wedeez.com/eml/CH-Migros-Multi-Oct21/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 07:43:58 GMT
Last-Modified
Fri, 29 Oct 2021 12:47:55 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1g
ETag
"22221-5cf7d3c6db68e"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
139809
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://sentinal.decotawealth.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:43:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1732583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66624
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqZCz726Khy2uLlCTtNR3%2Fx%2FuUfMFvA7842dRpbeAVf18INc2k6ynAg9Ye04G2Qh5mfZbNIwqEHR3pjyFrB9fEzHuSgikEYUKnLKMoPnc7K%2BJUPmiGQHqgGMOUf69jrtfpp8shpHHtGM2YOmSqx36VYE"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aef17639ec15a52-IAD
expires
Sun, 06 Nov 2022 07:43:58 GMT
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.31.0/ 		427 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.31.0/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2cecefc6998438527e5dcb8dda0ea0eaf00f1446549be91b324d7d6bb75072b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://sentinal.decotawealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 07:43:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
582929
x-cache
Miss from cloudfront
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
104311
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 13:48:02 GMT
server
cloudflare
etag
"b0f9621ecd6d706821112294ba41deaded6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET
content-type
application/javascript
via
1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
IAD89-P2
accept-ranges
bytes
cf-ray
6aef1763fdd05d74-IAD
x-amz-cf-id
h-T1zlpFZzjx5QEA3mJf1tpure3ZlX9fEUsMHe5hrpSZyL4tDnzNhw==

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| WonderPush function| chkvali function| partstep function| toSimpleJson object| d number| minutes string| hours string| ampm object| months object| days object| o object| two object| three object| four object| five function| startTimer number| srt string| _wp_loaderScriptUrl

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://wedeez.com/eml/CH-Migros-Multi-Oct21/img/gift-box.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
cw-trk.dl4nv.us
fonts.googleapis.com
mtp.capitalrtv.com
sentinal.decotawealth.com
wedeez.com
199.241.143.100
2606:4700:3033::ac43:d097
2606:4700:3034::ac43:cce5
2606:4700:3036::ac43:87f1
2606:4700::6810:135e
2606:4700::6812:13b7
2607:f8b0:4006:80c::200a
0fb842af102c0ab6b6f6ffe8039cab727f85903a0643d30aaf6a4970cc6325a9
17b1a22f73e7f7fe9dc1079bd2d2db7eaaa11319d2694d4bb0aba8547969f02a
27344768d8dcbd95b42f9df9f50a5cc18266a7ffb6ee9dad118d828c24a20cbf
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5c8e2b63593c31e87391f96f1a9b4b1c19b67966e560256a40cea1ac6c51307b
7a2470f766f5ca8f79fca549dd2d1be795e1e45880a5181860c2e8106457d699
7a5c56705fa79d24900c5015e0e81a4004410b90806afca64fbc4c0be9f8a32c
84caca28b1b77e8145a8d694aa1ee44d3946a6973af2e9b9b5502a9f49420527
91293fa8880737f1415e3848f3e28b408b01a00f21f0e79b3abc8ac343960d39
a1536d821f788b72cc858ce7fd5a8c36e4ff2f3b35a5a7a6fd705f3e462c590f
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a2cecefc6998438527e5dcb8dda0ea0eaf00f1446549be91b324d7d6bb75072b
a462a53ab767e7f11dd84d5568f2e89bfb0634c1499eaf3ebf2ad9c750cb28a1
a9aa3045c1f68dfeacd024e5d66333b84e7715f2eaf6d8fe815f5ff015eef4b1
b59ba2cbbbcd1a8c68fd2b66ada34ec96c63933be5ba5064c3e1dedca333eb8c
bebf83b9df0c7d14dc63050369f72a216058edae312051150d4dcf5729c78bb8
c0b96999cfba668f9924a937dccd54e1979c2bef4a878ca39930ef950ee1979f
c71e97b5668f9081fa9c65474aa7720207f2646ca56aa6a015d8e0592e19dd52
c80bcb2b629547a2d47ebfc6215bc29630a3222f00b2b4a5fd384e8c72d072a9
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c