urlscan.io logo urlscan.io
SecurityTrails logo

portal.promotexter.com Open in urlscan Pro
2606:4700:20::681a:6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.mdbx.io/click?url=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e...
Effective URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Submission: On April 06 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 26 HTTP transactions. The main IP is 2606:4700:20::681a:6, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal.promotexter.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 19th 2020. Valid for: 7 months.
This is the only time portal.promotexter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.152.219.157 14618 (AMAZON-AES)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.224.194.88 16509 (AMAZON-02)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.212.17.90 16509 (AMAZON-02)
26 6
1    54.152.219.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-219-157.compute-1.amazonaws.com
links.mdbx.io
16    2606:4700:20::681a:6 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.promotexter.com
ci-portal.promotexter.com
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    13.224.194.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-88.fra2.r.cloudfront.net
static.site24x7rum.com
6    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    34.212.17.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-17-90.us-west-2.compute.amazonaws.com
col.site24x7rum.com
Domain Requested by
14 portal.promotexter.com portal.promotexter.com
6 www.google-analytics.com 1 redirects portal.promotexter.com
2 col.site24x7rum.com static.site24x7rum.com
2 ci-portal.promotexter.com portal.promotexter.com
1 stats.g.doubleclick.net portal.promotexter.com
1 static.site24x7rum.com portal.promotexter.com
1 cdnjs.cloudflare.com portal.promotexter.com
1 links.mdbx.io 1 redirects
26 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-19 -
2020-10-09		 7 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.site24x7rum.com
Amazon		 2019-10-24 -
2020-11-24		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Frame ID: 974E873E5B11A11851F5BB5B41C518E5
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.mdbx.io/click?url=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70f... HTTP 302
    https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

26
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

1011 kB
Transfer

3258 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.mdbx.io/click?url=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410%3Fptxid%3D91a062c3-62db-4eba-b785-523497a78dd9&ptxid=91a062c3-62db-4eba-b785-523497a78dd9 HTTP 302
    https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1021633139&t=pageview&_s=1&dl=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&dp=%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&ul=en-us&de=UTF-8&dt=PTX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAAAB~&jid=1367886752&gjid=1526316887&cid=1246303886.1586149102&tid=UA-71376506-2&_gid=1325794152.1586149102&_r=1&z=1734288556 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71376506-2&cid=1246303886.1586149102&jid=1367886752&_gid=1325794152.1586149102&gjid=1526316887&_v=j81&z=1734288556

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 70ffea49150b968daebf63e1d69a9e89b061f410
portal.promotexter.com/set-password/MDvcUG/
Redirect Chain
  • http://links.mdbx.io/click?url=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410%3Fptxid%3D91a062c3-62db-4eba-b785-523497a78dd9&ptxid=91a062c3-...
  • https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / https://portal.promotexter.com
Resource Hash
a9b8129de9b11805df0db39622f161539260dcb93f5079389b3229a994062956
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
portal.promotexter.com
:scheme
https
:path
/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 04:58:21 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=db1fe272e3b25d7b1515a571a945dbd701586149101; expires=Wed, 06-May-20 04:58:21 GMT; path=/; domain=.promotexter.com; HttpOnly; SameSite=Lax session=j%3Anull; Max-Age=-0.001; Path=/; Expires=Mon, 06 Apr 2020 04:58:21 GMT
access-control-allow-origin
https://portal.promotexter.com
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
X-Requested-With, Content-Type, account-id, token, Origin, Authorization, X-Auth-Token, Accept
access-control-allow-credentials
false
cache-control
private, no-cache, no-store, must-revalidate
expires
-1
pragma
no-cache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-powered-by
https://portal.promotexter.com
last-modified
Thu, 02 Apr 2020 02:29:20 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57f8eeede9911f45-FRA
content-encoding
gzip

Redirect headers

cache-control
no-cache
Date
Mon, 06 Apr 2020 04:58:21 GMT
location
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
vary
accept-encoding
Content-Length
0
Connection
keep-alive
5dbcb85e.public-vendor.css
portal.promotexter.com/app/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/app/5dbcb85e.public-vendor.css
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32fd82235301060e68af681164c817e8a290c3973b2077306fa333ed4f1c1333

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"55237-1585794497391"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb141f45-FRA
joyride.min.css
portal.promotexter.com/bower_components/angular-joyride/dist/ 		3 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/bower_components/angular-joyride/dist/joyride.min.css
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1e26b2d5da97813dad4206411bc5afcb32daf7c294046d41a30aa1eac3aa8b

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"3148-1585794497475"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb161f45-FRA
139ef1d6.public-app.css
portal.promotexter.com/app/ 		275 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/app/139ef1d6.public-app.css
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f73b820af112d9756294552cce673c18d9b0740b63a0182fda594906c9f93ea

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"281816-1585794497379"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb181f45-FRA
d74ba90b.public-vendor.js
portal.promotexter.com/app/ 		554 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/app/d74ba90b.public-vendor.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdca5e49e2ad46862dc72362ebfcb1d29233f8b416d6b1f7f8cff9558c41197

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"567168-1585794497407"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb1a1f45-FRA
joyride.min.js
portal.promotexter.com/bower_components/angular-joyride/dist/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/bower_components/angular-joyride/dist/joyride.min.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6494d7d927001653b3b6ff0f0afcf232e495d01dc857797e0df10d03c1b104

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"6814-1585794497475"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb1c1f45-FRA
smooch.4.12.11.min.js
portal.promotexter.com/bower_components/smooch/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/bower_components/smooch/smooch.4.12.11.min.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb53c61898e73e0db1c91cdc54f9a3ef2c835dbc2e3780e66baa04f465138ec

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"8853-1585794497707"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb201f45-FRA
socket.io.min.js
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.6/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.6/socket.io.min.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba45983c9ad936278b1955d05976c2b83e022e2cbb2d5b6817a89a0218c1f12b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:21 GMT
content-encoding
br
cf-cache-status
HIT
age
28175775
cf-ray
57f8eeeedf37971e-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:26:47 GMT
server
cloudflare
etag
W/"5afd4ad7-11027"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 27 Mar 2021 04:58:21 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
6cc94a45.public-app.js
portal.promotexter.com/app/ 		452 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/app/6cc94a45.public-app.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3ec2bcaf4d6b23182236d6a7c5d7d14c82796ae1ebbdafb49f941f9a01d523

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"463336-1585794497395"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb231f45-FRA
f71a7f9d.templates.js
portal.promotexter.com/app/ 		1 MB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/app/f71a7f9d.templates.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faabe75b5f62c79c89a385b3d50f7f4d77d6a843f58557547424fbc1c1b81943

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"1365912-1585794497411"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb251f45-FRA
config.js
portal.promotexter.com/app/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/app/config.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
212e7fe845a8231d5830a7d303085debba80fb4227ce08f799df08109523841b

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:52 GMT
server
cloudflare
etag
"2874-1585794532937"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0
cf-ray
57f8eeeedb271f45-FRA
site24x7rum-min.js
static.site24x7rum.com/beacon/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=50b3bc6fc5c2765c47208e85cc9ec957
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-88.fra2.r.cloudfront.net
Software
ZGS /
Resource Hash
a96ed19a271492163fd8336611509b10a5125503598ed1ba61f8bd7b5bb9742f

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 04:50:47 GMT
Content-Encoding
gzip
Server
ZGS
Age
459
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
Connection
keep-alive
X-Amz-Cf-Id
rHM5Seip3hLSPEF0apdpo647x9kxXYTk-vCACZWx7kwzsReon1bUQA==
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1490
date
Mon, 06 Apr 2020 04:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 06 Apr 2020 06:33:32 GMT
fbd82b9b.nav_img.png
portal.promotexter.com/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.promotexter.com/assets/images/fbd82b9b.nav_img.png
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86064f721f3fc4da2635cc5ee1636c7d66e7e547b5100e6ef35a69e92b6e675

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"2830-1585794497463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
57f8eef1bf1b1f45-FRA
content-length
2830
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1021633139&t=pageview&_s=1&dl=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&dp=%2Fs...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71376506-2&cid=1246303886.1586149102&jid=1367886752&_gid=1325794152.1586149102&gjid=1526316887&_v=j81&z=1734288556
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71376506-2&cid=1246303886.1586149102&jid=1367886752&_gid=1325794152.1586149102&gjid=1526316887&_v=j81&z=1734288556
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 06 Apr 2020 04:58:22 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Apr 2020 04:58:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71376506-2&cid=1246303886.1586149102&jid=1367886752&_gid=1325794152.1586149102&gjid=1526316887&_v=j81&z=1734288556
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
420
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1021633139&t=event&_s=2&dl=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&dp=%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&ul=en-us&de=UTF-8&dt=PTX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=access-control&ea=state-change&el=%20%3D%3E%20set-password&_u=KEBAAAAB~&jid=&gjid=&cid=1246303886.1586149102&tid=UA-71376506-2&_gid=1325794152.1586149102&z=874577350
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 11 Mar 2020 00:49:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2261358
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1021633139&t=pageview&_s=3&dl=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&dp=set-password&ul=en-us&de=UTF-8&dt=PTX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAAAB~&jid=&gjid=&cid=1246303886.1586149102&tid=UA-71376506-2&_gid=1325794152.1586149102&z=883599935
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 11 Mar 2020 00:49:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2261358
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb5947d2.pt3logo.png
portal.promotexter.com/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.promotexter.com/assets/images/cb5947d2.pt3logo.png
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92083bd211d50b6d08f267b69949321ed6100358b80936977dcddb85af004c1c

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"3683-1585794497455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
57f8eef1bf1d1f45-FRA
content-length
3683
e4849fdf.material-bg.jpg
portal.promotexter.com/assets/images/ 		357 KB
357 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.promotexter.com/assets/images/e4849fdf.material-bg.jpg
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cbb6664968318746d80674cd3dc8d82eb7409fd188dfad4313c1ba6661f51d

Request headers

Referer
https://portal.promotexter.com/app/139ef1d6.public-app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"365474-1585794497463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
57f8eef1bf1f1f45-FRA
content-length
365474
8a6d7228.Material-Design-Iconic-Font.woff2
portal.promotexter.com/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.promotexter.com/assets/fonts/8a6d7228.Material-Design-Iconic-Font.woff2?v=2.1.0
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de03245050e0fb0c9eb37d8d5525985b04711c40a53c3fcf55c3f07a9042559

Request headers

Referer
https://portal.promotexter.com/app/139ef1d6.public-app.css
Origin
https://portal.promotexter.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
cf-cache-status
BYPASS
last-modified
Thu, 02 Apr 2020 02:28:17 GMT
server
cloudflare
etag
"38812-1585794497415"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
57f8eef1cf201f45-FRA
content-length
38812
reset_password
ci-portal.promotexter.com/index.php/public/app/ 		0
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ci-portal.promotexter.com/index.php/public/app/reset_password
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/app/d74ba90b.public-vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.promotexter.com; frame-src 'self' https://*.promotexter.com; form-action 'self'
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://portal.promotexter.com
Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 06 Apr 2020 04:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
OPTIONS, PUT, GET, POST, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://portal.promotexter.com
access-control-expose-headers
Token
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
False
content-security-policy
default-src 'self' https://*.promotexter.com; frame-src 'self' https://*.promotexter.com; form-action 'self'
cf-ray
57f8eef20b5364cd-FRA
access-control-allow-headers
user-id, account-id, token, resource, Content-Type, If-Modified-Since, Cache-Control, Pragma
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1021633139&t=event&_s=4&dl=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&dp=%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&ul=en-us&de=UTF-8&dt=PTX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=POST&ea=api-call&el=https%3A%2F%2Fci-portal.promotexter.com%2Findex.php%2Fpublic%2Fapp%2Freset_password&_u=KEBAAAAB~&jid=&gjid=&cid=1246303886.1586149102&tid=UA-71376506-2&_gid=1325794152.1586149102&z=808655426
Requested by
Host: portal.promotexter.com
URL: https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 11 Mar 2020 00:49:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2261358
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
data
col.site24x7rum.com/rum/ 		78 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.site24x7rum.com/rum/data
Requested by
Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=50b3bc6fc5c2765c47208e85cc9ec957
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.17.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-17-90.us-west-2.compute.amazonaws.com
Software
ZGS /
Resource Hash
49c5c78d61b8e4653e204df189cda9ace5451236b9a41550ae1e2bbb68752726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Origin
https://portal.promotexter.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 06 Apr 2020 04:58:28 GMT
X-Content-Type-Options
nosniff
Server
ZGS
Access-Control-Allow-Headers
request-id, request-context, Origin
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
Vary
Origin
Content-Length
78
X-XSS-Protection
1
data
col.site24x7rum.com/rum/ 		78 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.site24x7rum.com/rum/data
Requested by
Host: static.site24x7rum.com
URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=50b3bc6fc5c2765c47208e85cc9ec957
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.17.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-17-90.us-west-2.compute.amazonaws.com
Software
ZGS /
Resource Hash
49c5c78d61b8e4653e204df189cda9ace5451236b9a41550ae1e2bbb68752726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Origin
https://portal.promotexter.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 06 Apr 2020 04:59:18 GMT
X-Content-Type-Options
nosniff
Server
ZGS
Access-Control-Allow-Headers
request-id, request-context, Origin
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
Vary
Origin
Content-Length
78
X-XSS-Protection
1
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1021633139&t=timing&_s=5&dl=https%3A%2F%2Fportal.promotexter.com%2Fset-password%2FMDvcUG%2F70ffea49150b968daebf63e1d69a9e89b061f410&ul=en-us&de=UTF-8&dt=PTX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1101&pdt=1&dns=31&rrt=248&srt=145&tcp=16&dit=825&clt=825&_gst=680&_gbt=703&_u=KEBAAAAB~&jid=&gjid=&cid=1246303886.1586149102&tid=UA-71376506-2&_gid=1325794152.1586149102&z=754563061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 11 Mar 2020 00:49:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2261358
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
reset_password
ci-portal.promotexter.com/index.php/public/app/ 		112 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ci-portal.promotexter.com/index.php/public/app/reset_password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e231c6668445daa91775f125b5a0ae612ba0f6440250e0d4ba66bad08bedee6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.promotexter.com; frame-src 'self' https://*.promotexter.com; form-action 'self'
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://portal.promotexter.com/set-password/MDvcUG/70ffea49150b968daebf63e1d69a9e89b061f410
Origin
https://portal.promotexter.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Apr 2020 04:58:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
OPTIONS, PUT, GET, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.promotexter.com
access-control-expose-headers
Token
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
False
content-security-policy
default-src 'self' https://*.promotexter.com; frame-src 'self' https://*.promotexter.com; form-action 'self'
cf-ray
57f8eef32ba864cd-FRA
access-control-allow-headers
user-id, account-id, token, resource, Content-Type, If-Modified-Since, Cache-Control, Pragma

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| changes string| rumMOKey string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| angular function| _ function| moment function| Mprogress object| angulartics function| Url function| __onWebMessengerFrameReady__ object| Smooch function| io function| checker object| RedactorPlugins string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile function| Color function| Chart object| s247RUM object| insightTMRUM object| insightRUM function| initInsightEvent undefined| S247RumQueue undefined| _olds247r object| site24x7rum string| pDomain

5 Cookies

Domain/Path Name / Value
portal.promotexter.com/ Name: lastActivity
Value: %222020-04-06T04%3A58%3A22.353Z%22
.portal.promotexter.com/ Name: _gat
Value: 1
.portal.promotexter.com/ Name: _gid
Value: GA1.3.1325794152.1586149102
.portal.promotexter.com/ Name: _ga
Value: GA1.3.1246303886.1586149102
.promotexter.com/ Name: __cfduid
Value: db1fe272e3b25d7b1515a571a945dbd701586149101

1 Console Messages

Source Level URL
Text
console-api warning URL: https://portal.promotexter.com/app/d74ba90b.public-vendor.js(Line 5)
Message:
This browser does not support Web Storage!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ci-portal.promotexter.com
col.site24x7rum.com
links.mdbx.io
portal.promotexter.com
static.site24x7rum.com
stats.g.doubleclick.net
www.google-analytics.com
13.224.194.88
2606:4700:20::681a:6
2606:4700::6811:4004
2a00:1450:4001:81c::200e
2a00:1450:400c:c00::9a
34.212.17.90
54.152.219.157
1b1e26b2d5da97813dad4206411bc5afcb32daf7c294046d41a30aa1eac3aa8b
1f73b820af112d9756294552cce673c18d9b0740b63a0182fda594906c9f93ea
1fdca5e49e2ad46862dc72362ebfcb1d29233f8b416d6b1f7f8cff9558c41197
212e7fe845a8231d5830a7d303085debba80fb4227ce08f799df08109523841b
32fd82235301060e68af681164c817e8a290c3973b2077306fa333ed4f1c1333
3e3ec2bcaf4d6b23182236d6a7c5d7d14c82796ae1ebbdafb49f941f9a01d523
49c5c78d61b8e4653e204df189cda9ace5451236b9a41550ae1e2bbb68752726
5e231c6668445daa91775f125b5a0ae612ba0f6440250e0d4ba66bad08bedee6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8de03245050e0fb0c9eb37d8d5525985b04711c40a53c3fcf55c3f07a9042559
8e6494d7d927001653b3b6ff0f0afcf232e495d01dc857797e0df10d03c1b104
92083bd211d50b6d08f267b69949321ed6100358b80936977dcddb85af004c1c
a96ed19a271492163fd8336611509b10a5125503598ed1ba61f8bd7b5bb9742f
a9b8129de9b11805df0db39622f161539260dcb93f5079389b3229a994062956
b86064f721f3fc4da2635cc5ee1636c7d66e7e547b5100e6ef35a69e92b6e675
ba45983c9ad936278b1955d05976c2b83e022e2cbb2d5b6817a89a0218c1f12b
c7cbb6664968318746d80674cd3dc8d82eb7409fd188dfad4313c1ba6661f51d
dfb53c61898e73e0db1c91cdc54f9a3ef2c835dbc2e3780e66baa04f465138ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
faabe75b5f62c79c89a385b3d50f7f4d77d6a843f58557547424fbc1c1b81943